Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/conntrack-tools-1.4.6/extensions/libct_proto_unknown.c
Examining data/conntrack-tools-1.4.6/extensions/libct_proto_udplite.c
Examining data/conntrack-tools-1.4.6/extensions/libct_proto_udp.c
Examining data/conntrack-tools-1.4.6/extensions/libct_proto_tcp.c
Examining data/conntrack-tools-1.4.6/extensions/libct_proto_sctp.c
Examining data/conntrack-tools-1.4.6/extensions/libct_proto_icmpv6.c
Examining data/conntrack-tools-1.4.6/extensions/libct_proto_icmp.c
Examining data/conntrack-tools-1.4.6/extensions/libct_proto_gre.c
Examining data/conntrack-tools-1.4.6/extensions/libct_proto_dccp.c
Examining data/conntrack-tools-1.4.6/src/helpers/tns.c
Examining data/conntrack-tools-1.4.6/src/helpers/tftp.c
Examining data/conntrack-tools-1.4.6/src/helpers/ssdp.c
Examining data/conntrack-tools-1.4.6/src/helpers/slp.c
Examining data/conntrack-tools-1.4.6/src/helpers/sane.c
Examining data/conntrack-tools-1.4.6/src/helpers/rpc.c
Examining data/conntrack-tools-1.4.6/src/helpers/mdns.c
Examining data/conntrack-tools-1.4.6/src/helpers/ftp.c
Examining data/conntrack-tools-1.4.6/src/helpers/dhcpv6.c
Examining data/conntrack-tools-1.4.6/src/helpers/amanda.c
Examining data/conntrack-tools-1.4.6/src/nfct.c
Examining data/conntrack-tools-1.4.6/src/systemd.c
Examining data/conntrack-tools-1.4.6/src/expect.c
Examining data/conntrack-tools-1.4.6/src/utils.c
Examining data/conntrack-tools-1.4.6/src/helpers.c
Examining data/conntrack-tools-1.4.6/src/cthelper.c
Examining data/conntrack-tools-1.4.6/src/resync.c
Examining data/conntrack-tools-1.4.6/src/stack.c
Examining data/conntrack-tools-1.4.6/src/internal_bypass.c
Examining data/conntrack-tools-1.4.6/src/internal_cache.c
Examining data/conntrack-tools-1.4.6/src/external_inject.c
Examining data/conntrack-tools-1.4.6/src/external_cache.c
Examining data/conntrack-tools-1.4.6/src/channel_tcp.c
Examining data/conntrack-tools-1.4.6/src/tcp.c
Examining data/conntrack-tools-1.4.6/src/channel_udp.c
Examining data/conntrack-tools-1.4.6/src/channel_mcast.c
Examining data/conntrack-tools-1.4.6/src/multichannel.c
Examining data/conntrack-tools-1.4.6/src/channel.c
Examining data/conntrack-tools-1.4.6/src/parse.c
Examining data/conntrack-tools-1.4.6/src/build.c
Examining data/conntrack-tools-1.4.6/src/cidr.c
Examining data/conntrack-tools-1.4.6/src/network.c
Examining data/conntrack-tools-1.4.6/src/stats-mode.c
Examining data/conntrack-tools-1.4.6/src/traffic_stats.c
Examining data/conntrack-tools-1.4.6/src/sync-notrack.c
Examining data/conntrack-tools-1.4.6/src/sync-ftfw.c
Examining data/conntrack-tools-1.4.6/src/sync-alarm.c
Examining data/conntrack-tools-1.4.6/src/sync-mode.c
Examining data/conntrack-tools-1.4.6/src/ctnl.c
Examining data/conntrack-tools-1.4.6/src/cache_timer.c
Examining data/conntrack-tools-1.4.6/src/cache-exp.c
Examining data/conntrack-tools-1.4.6/src/cache-ct.c
Examining data/conntrack-tools-1.4.6/src/cache.c
Examining data/conntrack-tools-1.4.6/src/date.c
Examining data/conntrack-tools-1.4.6/src/origin.c
Examining data/conntrack-tools-1.4.6/src/process.c
Examining data/conntrack-tools-1.4.6/src/event.c
Examining data/conntrack-tools-1.4.6/src/fds.c
Examining data/conntrack-tools-1.4.6/src/filter.c
Examining data/conntrack-tools-1.4.6/src/vector.c
Examining data/conntrack-tools-1.4.6/src/netlink.c
Examining data/conntrack-tools-1.4.6/src/udp.c
Examining data/conntrack-tools-1.4.6/src/mcast.c
Examining data/conntrack-tools-1.4.6/src/log.c
Examining data/conntrack-tools-1.4.6/src/local.c
Examining data/conntrack-tools-1.4.6/src/rbtree.c
Examining data/conntrack-tools-1.4.6/src/queue_tx.c
Examining data/conntrack-tools-1.4.6/src/queue.c
Examining data/conntrack-tools-1.4.6/src/hash.c
Examining data/conntrack-tools-1.4.6/src/run.c
Examining data/conntrack-tools-1.4.6/src/main.c
Examining data/conntrack-tools-1.4.6/src/alarm.c
Examining data/conntrack-tools-1.4.6/src/conntrack.c
Examining data/conntrack-tools-1.4.6/src/read_config_yy.h
Examining data/conntrack-tools-1.4.6/src/read_config_yy.c
Examining data/conntrack-tools-1.4.6/src/read_config_lex.c
Examining data/conntrack-tools-1.4.6/src/nfct-extensions/timeout.c
Examining data/conntrack-tools-1.4.6/src/nfct-extensions/helper.c
Examining data/conntrack-tools-1.4.6/include/linux/netfilter/nf_conntrack_common.h
Examining data/conntrack-tools-1.4.6/include/linux/netfilter/nfnetlink_cthelper.h
Examining data/conntrack-tools-1.4.6/include/linux/netfilter/nfnetlink_queue.h
Examining data/conntrack-tools-1.4.6/include/linux/netfilter/nfnetlink_cttimeout.h
Examining data/conntrack-tools-1.4.6/include/linux/netfilter/nfnetlink.h
Examining data/conntrack-tools-1.4.6/include/resync.h
Examining data/conntrack-tools-1.4.6/include/queue_tx.h
Examining data/conntrack-tools-1.4.6/include/systemd.h
Examining data/conntrack-tools-1.4.6/include/stack.h
Examining data/conntrack-tools-1.4.6/include/myct.h
Examining data/conntrack-tools-1.4.6/include/helper.h
Examining data/conntrack-tools-1.4.6/include/nfct.h
Examining data/conntrack-tools-1.4.6/include/date.h
Examining data/conntrack-tools-1.4.6/include/external.h
Examining data/conntrack-tools-1.4.6/include/internal.h
Examining data/conntrack-tools-1.4.6/include/origin.h
Examining data/conntrack-tools-1.4.6/include/process.h
Examining data/conntrack-tools-1.4.6/include/channel.h
Examining data/conntrack-tools-1.4.6/include/bitops.h
Examining data/conntrack-tools-1.4.6/include/event.h
Examining data/conntrack-tools-1.4.6/include/fds.h
Examining data/conntrack-tools-1.4.6/include/netlink.h
Examining data/conntrack-tools-1.4.6/include/traffic_stats.h
Examining data/conntrack-tools-1.4.6/include/cidr.h
Examining data/conntrack-tools-1.4.6/include/vector.h
Examining data/conntrack-tools-1.4.6/include/queue.h
Examining data/conntrack-tools-1.4.6/include/filter.h
Examining data/conntrack-tools-1.4.6/include/network.h
Examining data/conntrack-tools-1.4.6/include/conntrack.h
Examining data/conntrack-tools-1.4.6/include/mcast.h
Examining data/conntrack-tools-1.4.6/include/hash.h
Examining data/conntrack-tools-1.4.6/include/log.h
Examining data/conntrack-tools-1.4.6/include/debug.h
Examining data/conntrack-tools-1.4.6/include/tcp.h
Examining data/conntrack-tools-1.4.6/include/udp.h
Examining data/conntrack-tools-1.4.6/include/local.h
Examining data/conntrack-tools-1.4.6/include/conntrackd.h
Examining data/conntrack-tools-1.4.6/include/sync.h
Examining data/conntrack-tools-1.4.6/include/linux_rbtree.h
Examining data/conntrack-tools-1.4.6/include/linux_list.h
Examining data/conntrack-tools-1.4.6/include/cache.h
Examining data/conntrack-tools-1.4.6/include/jhash.h
Examining data/conntrack-tools-1.4.6/include/alarm.h
Examining data/conntrack-tools-1.4.6/tests/nfct/test.c
Examining data/conntrack-tools-1.4.6/tests/conntrack/test-conntrack.c
FINAL RESULTS:
data/conntrack-tools-1.4.6/include/debug.h:15:15: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define debug printf
data/conntrack-tools-1.4.6/include/helper.h:83:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(fmt, ##arg)
data/conntrack-tools-1.4.6/include/helper.h:86:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
({ if (0) printf(fmt, ##arg); 0; })
data/conntrack-tools-1.4.6/src/cache.c:317:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
size = sprintf(buf, "cache %s:\n"
data/conntrack-tools-1.4.6/src/conntrack.c:693:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, msg, args);
data/conntrack-tools-1.4.6/src/conntrack.c:3023:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, exit_msg[cmd], counter);
data/conntrack-tools-1.4.6/src/local.c:48:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(local.sun_path, conf->path);
data/conntrack-tools-1.4.6/src/local.c:65:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(server->path, conf->path);
data/conntrack-tools-1.4.6/src/local.c:104:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(local.sun_path, conf->path);
data/conntrack-tools-1.4.6/src/log.c:95:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(fd, format, *args);
data/conntrack-tools-1.4.6/src/main.c:318:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config_file, DEFAULT_CONFIGFILE);
data/conntrack-tools-1.4.6/src/nfct.c:190:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(version_msg, VERSION);
data/conntrack-tools-1.4.6/src/nfct.c:214:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(help_msg, VERSION, argv[0]);
data/conntrack-tools-1.4.6/src/read_config_yy.c:1115:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/conntrack-tools-1.4.6/src/sync-ftfw.c:35:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define dp printf
data/conntrack-tools-1.4.6/tests/conntrack/test-conntrack.c:40:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "testsuite/%s", dent->d_name);
data/conntrack-tools-1.4.6/tests/conntrack/test-conntrack.c:68:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp + strlen(CT_PROG) + 1, buf);
data/conntrack-tools-1.4.6/tests/conntrack/test-conntrack.c:72:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system(tmp);
data/conntrack-tools-1.4.6/tests/nfct/test.c:43:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s/%s", argv[1], dent->d_name);
data/conntrack-tools-1.4.6/tests/nfct/test.c:72:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system(buf);
data/conntrack-tools-1.4.6/src/conntrack.c:2340:14: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, getopt_str, opts, NULL)) != -1) {
data/conntrack-tools-1.4.6/src/sync-alarm.c:43:5: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random() % CONFIG(refresh) + 1,
data/conntrack-tools-1.4.6/src/sync-alarm.c:44:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
((random() % 5 + 1) * 200000) - 1);
data/conntrack-tools-1.4.6/src/sync-alarm.c:57:5: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random() % CONFIG(refresh) + 1,
data/conntrack-tools-1.4.6/src/sync-alarm.c:58:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
((random() % 5 + 1) * 200000) - 1);
data/conntrack-tools-1.4.6/src/sync-alarm.c:65:5: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random() % CONFIG(refresh) + 1,
data/conntrack-tools-1.4.6/src/sync-alarm.c:66:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
((random() % 5 + 1) * 200000) - 1);
data/conntrack-tools-1.4.6/extensions/libct_proto_dccp.c:54:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *dccp_optflags[DCCP_OPT_MAX] = {
data/conntrack-tools-1.4.6/extensions/libct_proto_dccp.c:67:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dccp_commands_v_options[NUMBER_OF_CMD][DCCP_OPT_MAX] =
data/conntrack-tools-1.4.6/extensions/libct_proto_dccp.c:88:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *dccp_states[DCCP_CONNTRACK_MAX] = {
data/conntrack-tools-1.4.6/extensions/libct_proto_dccp.c:125:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_dccp.c:131:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_dccp.c:137:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_dccp.c:143:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_dccp.c:149:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_dccp.c:155:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_dccp.c:173:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_dccp.c:179:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_gre.c:44:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *gre_optflags[GRE_OPT_MAX] = {
data/conntrack-tools-1.4.6/extensions/libct_proto_gre.c:67:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gre_commands_v_options[NUMBER_OF_CMD][GRE_OPT_MAX] =
data/conntrack-tools-1.4.6/extensions/libct_proto_icmp.c:36:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *icmp_optflags[ICMP_NUMBER_OF_OPT] = {
data/conntrack-tools-1.4.6/extensions/libct_proto_icmp.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char icmp_commands_v_options[NUMBER_OF_CMD][ICMP_NUMBER_OF_OPT] =
data/conntrack-tools-1.4.6/extensions/libct_proto_icmp.c:78:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp = atoi(optarg);
data/conntrack-tools-1.4.6/extensions/libct_proto_icmp.c:84:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp = atoi(optarg);
data/conntrack-tools-1.4.6/extensions/libct_proto_icmp.c:90:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_icmpv6.c:39:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *icmpv6_optflags[ICMPV6_NUMBER_OF_OPT] = {
data/conntrack-tools-1.4.6/extensions/libct_proto_icmpv6.c:43:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char icmpv6_commands_v_options[NUMBER_OF_CMD][ICMPV6_NUMBER_OF_OPT] =
data/conntrack-tools-1.4.6/extensions/libct_proto_icmpv6.c:81:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp = atoi(optarg);
data/conntrack-tools-1.4.6/extensions/libct_proto_icmpv6.c:87:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp = atoi(optarg);
data/conntrack-tools-1.4.6/extensions/libct_proto_icmpv6.c:93:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_sctp.c:56:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *sctp_optflags[SCTP_OPT_MAX] = {
data/conntrack-tools-1.4.6/extensions/libct_proto_sctp.c:70:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sctp_commands_v_options[NUMBER_OF_CMD][SCTP_OPT_MAX] =
data/conntrack-tools-1.4.6/extensions/libct_proto_sctp.c:91:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *sctp_states[SCTP_CONNTRACK_MAX] = {
data/conntrack-tools-1.4.6/extensions/libct_proto_sctp.c:128:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_sctp.c:134:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_sctp.c:140:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_sctp.c:146:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_sctp.c:152:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_sctp.c:158:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_sctp.c:176:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_sctp.c:182:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_sctp.c:188:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vtag = htonl(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_sctp.c:193:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vtag = htonl(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_tcp.c:49:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *tcp_optflags[TCP_NUMBER_OF_OPT] = {
data/conntrack-tools-1.4.6/extensions/libct_proto_tcp.c:54:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tcp_commands_v_options[NUMBER_OF_CMD][TCP_NUMBER_OF_OPT] =
data/conntrack-tools-1.4.6/extensions/libct_proto_tcp.c:75:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *tcp_states[TCP_CONNTRACK_MAX] = {
data/conntrack-tools-1.4.6/extensions/libct_proto_tcp.c:113:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_tcp.c:119:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_tcp.c:125:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_tcp.c:131:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_tcp.c:137:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_tcp.c:143:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_tcp.c:165:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_tcp.c:171:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udp.c:45:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *udp_optflags[UDP_NUMBER_OF_OPT] = {
data/conntrack-tools-1.4.6/extensions/libct_proto_udp.c:62:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char udp_commands_v_options[NUMBER_OF_CMD][UDP_NUMBER_OF_OPT] =
data/conntrack-tools-1.4.6/extensions/libct_proto_udp.c:92:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udp.c:98:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udp.c:104:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udp.c:110:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udp.c:116:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udp.c:122:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udp.c:128:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udp.c:136:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udplite.c:48:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *udplite_optflags[UDP_OPT_MAX] = {
data/conntrack-tools-1.4.6/extensions/libct_proto_udplite.c:71:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char udplite_commands_v_options[NUMBER_OF_CMD][UDP_OPT_MAX] =
data/conntrack-tools-1.4.6/extensions/libct_proto_udplite.c:100:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udplite.c:106:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udplite.c:112:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udplite.c:118:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udplite.c:124:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udplite.c:130:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udplite.c:136:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/extensions/libct_proto_udplite.c:142:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons(atoi(optarg));
data/conntrack-tools-1.4.6/include/cache.h:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[0];
data/conntrack-tools-1.4.6/include/cache.h:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CACHE_MAX_NAMELEN];
data/conntrack-tools-1.4.6/include/channel.h:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char channel_ifname[IFNAMSIZ];
data/conntrack-tools-1.4.6/include/channel.h:62:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void * (*open)(void *conf);
data/conntrack-tools-1.4.6/include/conntrackd.h:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logfile[FILENAME_MAXLEN + 1];
data/conntrack-tools-1.4.6/include/conntrackd.h:90:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockfile[FILENAME_MAXLEN + 1];
data/conntrack-tools-1.4.6/include/conntrackd.h:135:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logfile[FILENAME_MAXLEN + 1];
data/conntrack-tools-1.4.6/include/debug.h:11:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024]; \
data/conntrack-tools-1.4.6/include/helper.h:16:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CTD_HELPER_NAME_LEN + 1];
data/conntrack-tools-1.4.6/include/helper.h:23:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CTD_HELPER_NAME_LEN];
data/conntrack-tools-1.4.6/include/local.h:10:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[UNIX_PATH_MAX + 1];
data/conntrack-tools-1.4.6/include/local.h:15:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[UNIX_PATH_MAX + 1];
data/conntrack-tools-1.4.6/include/network.h:90:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char __net[4096]; \
data/conntrack-tools-1.4.6/include/network.h:101:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char __net[4096]; \
data/conntrack-tools-1.4.6/include/queue.h:25:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[0];
data/conntrack-tools-1.4.6/include/queue.h:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[QUEUE_NAMELEN];
data/conntrack-tools-1.4.6/include/stack.h:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[0];
data/conntrack-tools-1.4.6/src/build.c:42:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, data, len);
data/conntrack-tools-1.4.6/src/build.c:49:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, nfct_get_attr(ct, a), sizeof(uint8_t));
data/conntrack-tools-1.4.6/src/cache-ct.c:61:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a[0], nfct_get_attr(ct, ATTR_IPV6_SRC), sizeof(uint32_t)*4);
data/conntrack-tools-1.4.6/src/cache-ct.c:62:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a[4], nfct_get_attr(ct, ATTR_IPV6_DST), sizeof(uint32_t)*4);
data/conntrack-tools-1.4.6/src/cache-ct.c:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/src/cache-ct.c:168:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size += sprintf(buf+size, " [active since %lds]",
data/conntrack-tools-1.4.6/src/cache-exp.c:61:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a[0], nfct_get_attr(ct, ATTR_IPV6_SRC), sizeof(uint32_t)*4);
data/conntrack-tools-1.4.6/src/cache-exp.c:62:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a[4], nfct_get_attr(ct, ATTR_IPV6_DST), sizeof(uint32_t)*4);
data/conntrack-tools-1.4.6/src/cache-exp.c:113:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, nfexp_maxsize());
data/conntrack-tools-1.4.6/src/cache-exp.c:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/src/cache-exp.c:156:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size += sprintf(buf+size, " [active since %lds]",
data/conntrack-tools-1.4.6/src/cache.c:70:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c->feature_type, feature_type, sizeof(feature_type));
data/conntrack-tools-1.4.6/src/cache.c:77:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c->features, feature_array, sizeof(struct cache_feature) * j);
data/conntrack-tools-1.4.6/src/cache.c:91:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c->feature_offset, feature_offset, sizeof(unsigned int) * j);
data/conntrack-tools-1.4.6/src/cache.c:314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/conntrack-tools-1.4.6/src/cache.c:335:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/conntrack-tools-1.4.6/src/cache_timer.c:66:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, " [expires in %lds]", tmp.tv_sec);
data/conntrack-tools-1.4.6/src/channel.c:135:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
c->data = c->ops->open(&cfg->u);
data/conntrack-tools-1.4.6/src/channel.c:175:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(error->data, c->buffer->data, c->buffer->len);
data/conntrack-tools-1.4.6/src/channel.c:233:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c->buffer->data + c->buffer->len, net, len);
data/conntrack-tools-1.4.6/src/channel_mcast.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ], buf[512];
data/conntrack-tools-1.4.6/src/channel_mcast.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ], buf[512];
data/conntrack-tools-1.4.6/src/channel_tcp.c:77:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ], buf[512];
data/conntrack-tools-1.4.6/src/channel_tcp.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ], buf[512];
data/conntrack-tools-1.4.6/src/channel_udp.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ], buf[512];
data/conntrack-tools-1.4.6/src/channel_udp.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ], buf[512];
data/conntrack-tools-1.4.6/src/conntrack.c:293:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *optflags[NUMBER_OF_OPT] = {
data/conntrack-tools-1.4.6/src/conntrack.c:385:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char commands_v_options[NUMBER_OF_CMD][NUMBER_OF_OPT] =
data/conntrack-tools-1.4.6/src/conntrack.c:515:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char exit_msg[NUMBER_OF_CMD][64] = {
data/conntrack-tools-1.4.6/src/conntrack.c:631:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
protonum = atoi(name);
data/conntrack-tools-1.4.6/src/conntrack.c:795:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(merge, oldopts, num_old * sizeof(struct option));
data/conntrack-tools-1.4.6/src/conntrack.c:869:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *parameter[7];
data/conntrack-tools-1.4.6/src/conntrack.c:1075:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[INET6_ADDRSTRLEN];
data/conntrack-tools-1.4.6/src/conntrack.c:1103:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(address->v6, &parse.addr6, sizeof(parse.addr6));
data/conntrack-tools-1.4.6/src/conntrack.c:1433:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/src/conntrack.c:1506:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/src/conntrack.c:1542:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/src/conntrack.c:1575:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/src/conntrack.c:1747:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/src/conntrack.c:1778:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/src/conntrack.c:1833:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096], *token, *nl;
data/conntrack-tools-1.4.6/src/conntrack.c:1834:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[CT_STATS_ENTRIES_MAX][CT_STATS_STRING_MAX];
data/conntrack-tools-1.4.6/src/conntrack.c:1838:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(CT_STATS_PROC, "r");
data/conntrack-tools-1.4.6/src/conntrack.c:1929:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/conntrack.c:1955:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/conntrack.c:1993:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *attr2name[CTA_STATS_MAX+1] = {
data/conntrack-tools-1.4.6/src/conntrack.c:2045:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *attr2name[CTA_STATS_EXP_MAX+1] = {
data/conntrack-tools-1.4.6/src/conntrack.c:2100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/conntrack-tools-1.4.6/src/conntrack.c:2152:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&net->netmask, netmask, sizeof(union ct_address));
data/conntrack-tools-1.4.6/src/conntrack.c:2304:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ntohs((uint16_t)atoi(port_str)));
data/conntrack-tools-1.4.6/src/conntrack.c:2307:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ntohs((uint16_t)atoi(port_str)));
data/conntrack-tools-1.4.6/src/conntrack.c:2419:45: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nfct_set_attr_u32(tmpl.ct, ATTR_TIMEOUT, atol(optarg));
data/conntrack-tools-1.4.6/src/conntrack.c:2421:27: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ATTR_EXP_TIMEOUT, atol(optarg));
data/conntrack-tools-1.4.6/src/conntrack.c:2545:23: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
socketbuffersize = atol(optarg);
data/conntrack-tools-1.4.6/src/conntrack.c:2864:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/conntrack.c:2937:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(NF_CONNTRACK_COUNT_PROC, "r");
data/conntrack-tools-1.4.6/src/cthelper.c:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/cthelper.c:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/cthelper.c:238:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(myct->priv_data, priv_data,
data/conntrack-tools-1.4.6/src/cthelper.c:355:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/cthelper.c:374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/cthelper.c:458:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/cthelper.c:504:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/date.c:22:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tv, &now, sizeof(struct timeval));
data/conntrack-tools-1.4.6/src/external_inject.c:161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/conntrack-tools-1.4.6/src/external_inject.c:164:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size = sprintf(buf, "external inject:\n"
data/conntrack-tools-1.4.6/src/external_inject.c:244:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/conntrack-tools-1.4.6/src/external_inject.c:247:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size = sprintf(buf, "external inject:\n"
data/conntrack-tools-1.4.6/src/filter.c:170:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&n->ip, data, sizeof(uint32_t));
data/conntrack-tools-1.4.6/src/filter.c:182:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n->ipv6, data, sizeof(uint32_t)*4);
data/conntrack-tools-1.4.6/src/filter.c:479:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char helper_name[NFCT_HELPER_NAME_MAX];
data/conntrack-tools-1.4.6/src/helpers.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/conntrack-tools-1.4.6/src/helpers/amanda.c:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[sizeof("65535")];
data/conntrack-tools-1.4.6/src/helpers/amanda.c:85:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%u", port);
data/conntrack-tools-1.4.6/src/helpers/amanda.c:95:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char amanda_buffer[65536];
data/conntrack-tools-1.4.6/src/helpers/amanda.c:136:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(amanda_buffer, pktb_network_header(pkt) + dataoff,
data/conntrack-tools-1.4.6/src/helpers/ftp.c:379:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[sizeof("|1|255.255.255.255|65535|")];
data/conntrack-tools-1.4.6/src/helpers/ftp.c:547:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&daddr, &cmd.u3, sizeof(cmd.u3));
data/conntrack-tools-1.4.6/src/helpers/ssdp.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[sizeof("255.255.255.255:65535")];
data/conntrack-tools-1.4.6/src/helpers/ssdp.c:289:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64] = {0};
data/conntrack-tools-1.4.6/src/helpers/ssdp.c:316:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64] = {0};
data/conntrack-tools-1.4.6/src/helpers/ssdp.c:368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdr_val[256];
data/conntrack-tools-1.4.6/src/helpers/ssdp.c:458:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdr_val[256];
data/conntrack-tools-1.4.6/src/helpers/tns.c:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[sizeof("255.255.255.255)(PORT=65535)")];
data/conntrack-tools-1.4.6/src/internal_bypass.c:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/src/internal_bypass.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/conntrack-tools-1.4.6/src/internal_bypass.c:84:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size = sprintf(buf, "internal bypass:\n"
data/conntrack-tools-1.4.6/src/internal_bypass.c:158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/src/internal_bypass.c:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/conntrack-tools-1.4.6/src/internal_bypass.c:216:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size = sprintf(buf, "internal bypass:\n"
data/conntrack-tools-1.4.6/src/local.c:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/src/log.c:33:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
STATE(log) = fopen(CONFIG(logfile), "a+");
data/conntrack-tools-1.4.6/src/log.c:45:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
STATE(stats_log) = fopen(CONFIG(stats).logfile, "a+");
data/conntrack-tools-1.4.6/src/log.c:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/src/log.c:183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/src/main.c:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_file[PATH_MAX + 1] = {};
data/conntrack-tools-1.4.6/src/main.c:354:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ret = open(CONFIG(lockfile), O_CREAT | O_EXCL | O_TRUNC, 0600);
data/conntrack-tools-1.4.6/src/mcast.c:62:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&mreq.ipv6.ipv6mr_multiaddr, &conf->in.inet_addr6,
data/conntrack-tools-1.4.6/src/mcast.c:170:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m->addr.ipv6.sin6_addr,
data/conntrack-tools-1.4.6/src/nfct-extensions/helper.c:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/conntrack-tools-1.4.6/src/nfct-extensions/helper.c:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/nfct-extensions/helper.c:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/nfct-extensions/helper.c:241:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/nfct-extensions/helper.c:308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/nfct-extensions/helper.c:376:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/nfct-extensions/helper.c:401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/nfct-extensions/timeout.c:90:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/conntrack-tools-1.4.6/src/nfct-extensions/timeout.c:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/nfct-extensions/timeout.c:232:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(*(argv+1)));
data/conntrack-tools-1.4.6/src/nfct-extensions/timeout.c:250:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/nfct-extensions/timeout.c:290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/nfct-extensions/timeout.c:329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/nfct-extensions/timeout.c:368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/nfct-extensions/timeout.c:393:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/nfct-extensions/timeout.c:429:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/nfct.c:66:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *nfct_cmd_array[NFCT_CMD_MAX] = {
data/conntrack-tools-1.4.6/src/nfct.c:96:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *nfct_subsys_array[NFCT_SUBSYS_MAX] = {
data/conntrack-tools-1.4.6/src/nfct.c:224:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/conntrack-tools-1.4.6/src/process.c:74:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *process_type_to_name[CTD_PROC_MAX] = {
data/conntrack-tools-1.4.6/src/process.c:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/conntrack-tools-1.4.6/src/queue.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/conntrack-tools-1.4.6/src/read_config_lex.c:2696:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ yylval.val = atoi(yytext); return T_NUMBER; }
data/conntrack-tools-1.4.6/src/read_config_lex.c:2701:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ yylval.val = atoi(yytext); return T_SIGNED_NUMBER; }
data/conntrack-tools-1.4.6/src/read_config_yy.c:1364:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/conntrack-tools-1.4.6/src/read_config_yy.c:1553:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/conntrack-tools-1.4.6/src/read_config_yy.c:3077:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cidr = atoi(slash+1);
data/conntrack-tools-1.4.6/src/read_config_yy.c:3143:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cidr = atoi(slash+1);
data/conntrack-tools-1.4.6/src/read_config_yy.c:3165:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp.ip, ip.ipv6, sizeof(uint32_t)*4);
data/conntrack-tools-1.4.6/src/read_config_yy.c:3418:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&helper->policy[i], pol,
data/conntrack-tools-1.4.6/src/read_config_yy.c:3811:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/conntrack-tools-1.4.6/src/run.c:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], uptime_string[512];
data/conntrack-tools-1.4.6/src/sync-ftfw.c:155:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/conntrack-tools-1.4.6/src/sync-ftfw.c:161:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size = sprintf(buf, "control -> seq:%u flags:%u\n",
data/conntrack-tools-1.4.6/src/sync-ftfw.c:167:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size = sprintf(buf, "object -> seq:%u\n", cn->seq);
data/conntrack-tools-1.4.6/src/sync-ftfw.c:179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/conntrack-tools-1.4.6/src/sync-ftfw.c:182:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size = sprintf(buf, "resent queue (len=%u)\n", queue_len(rs_queue));
data/conntrack-tools-1.4.6/src/sync-mode.c:163:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char __net[65536]; /* XXX: maximum MTU for IPv4 */
data/conntrack-tools-1.4.6/src/sync-mode.c:170:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__net, ptr, remain);
data/conntrack-tools-1.4.6/src/sync-mode.c:270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[IFNAMSIZ];
data/conntrack-tools-1.4.6/src/sync-mode.c:504:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/conntrack-tools-1.4.6/src/sync-mode.c:507:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size = sprintf(buf, "message tracking:\n"
data/conntrack-tools-1.4.6/src/sync-mode.c:518:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/conntrack-tools-1.4.6/src/tcp.c:165:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m->addr.ipv6.sin6_addr, &c->client.inet_addr6,
data/conntrack-tools-1.4.6/src/traffic_stats.c:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/conntrack-tools-1.4.6/src/traffic_stats.c:42:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size = sprintf(buf, "traffic processed:\n");
data/conntrack-tools-1.4.6/src/traffic_stats.c:43:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size += sprintf(buf+size, "%20llu Bytes ", (unsigned long long)bytes);
data/conntrack-tools-1.4.6/src/traffic_stats.c:44:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size += sprintf(buf+size, "%20llu Pckts\n\n", (unsigned long long)packets);
data/conntrack-tools-1.4.6/src/udp.c:144:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m->addr.ipv6.sin6_addr, &conf->client.inet_addr6,
data/conntrack-tools-1.4.6/src/utils.c:122:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, dbuf, sizeof(dbuf));
data/conntrack-tools-1.4.6/src/utils.c:236:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, dbuf, sizeof(dbuf));
data/conntrack-tools-1.4.6/src/vector.c:71:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v->data + (v->size * v->cur_elems), data, v->size);
data/conntrack-tools-1.4.6/tests/conntrack/test-conntrack.c:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/tests/conntrack/test-conntrack.c:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[1024];
data/conntrack-tools-1.4.6/tests/conntrack/test-conntrack.c:44:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(file, "r");
data/conntrack-tools-1.4.6/tests/conntrack/test-conntrack.c:51:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[1024] = CT_PROG, *res;
data/conntrack-tools-1.4.6/tests/nfct/test.c:24:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/conntrack-tools-1.4.6/tests/nfct/test.c:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[1024];
data/conntrack-tools-1.4.6/tests/nfct/test.c:47:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(file, "r");
data/conntrack-tools-1.4.6/extensions/libct_proto_dccp.c:185:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(optarg, "client", strlen(optarg)) == 0) {
data/conntrack-tools-1.4.6/extensions/libct_proto_dccp.c:188:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncasecmp(optarg, "server", strlen(optarg)) == 0) {
data/conntrack-tools-1.4.6/src/build.c:79:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
addattr(n, b, data, strlen(data)+1);
data/conntrack-tools-1.4.6/src/build.c:369:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
addattr(n, b, data, strlen(data)+1);
data/conntrack-tools-1.4.6/src/cache-ct.c:171:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
size += sprintf(buf+size, "\n");
data/conntrack-tools-1.4.6/src/cache-exp.c:159:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
size += sprintf(buf+size, "\n");
data/conntrack-tools-1.4.6/src/cache.c:56:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(c->name, name, CACHE_MAX_NAMELEN);
data/conntrack-tools-1.4.6/src/channel.c:108:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, cfg->channel_ifname, sizeof(ifr.ifr_name));
data/conntrack-tools-1.4.6/src/conntrack.c:924:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg) == 0
data/conntrack-tools-1.4.6/src/conntrack.c:925:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| !do_parse_parameter(arg, strlen(arg), status, parse_type))
data/conntrack-tools-1.4.6/src/conntrack.c:1034:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp("expect", table, strlen(table)) == 0)
data/conntrack-tools-1.4.6/src/conntrack.c:1036:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp("conntrack", table, strlen(table)) == 0)
data/conntrack-tools-1.4.6/src/conntrack.c:1038:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp("dying", table, strlen(table)) == 0)
data/conntrack-tools-1.4.6/src/conntrack.c:1040:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp("unconfirmed", table, strlen(table)) == 0)
data/conntrack-tools-1.4.6/src/conntrack.c:1080:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *) &buf, cp, INET6_ADDRSTRLEN);
data/conntrack-tools-1.4.6/src/conntrack.c:1087:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*mask < 0 || end != slash + strlen(slash))
data/conntrack-tools-1.4.6/src/conntrack.c:1176:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cursor) == 0) {
data/conntrack-tools-1.4.6/src/conntrack.c:1854:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(output[i], token, CT_STATS_STRING_MAX);
data/conntrack-tools-1.4.6/src/conntrack.c:2535:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(optarg, "ipv4", strlen("ipv4")) == 0)
data/conntrack-tools-1.4.6/src/conntrack.c:2537:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(optarg, "ipv6", strlen("ipv6")) == 0)
data/conntrack-tools-1.4.6/src/event.c:26:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read;
data/conntrack-tools-1.4.6/src/event.c:75:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(evfd->fds[0], &data, sizeof(data));
data/conntrack-tools-1.4.6/src/filter.c:513:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(item->helper_name, helper_name, NFCT_HELPER_NAME_MAX);
data/conntrack-tools-1.4.6/src/filter.c:541:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(item->helper_name)) == 0) {
data/conntrack-tools-1.4.6/src/helpers/amanda.c:87:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buffer));
data/conntrack-tools-1.4.6/src/helpers/amanda.c:146:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data += strlen("CONNECT ");
data/conntrack-tools-1.4.6/src/helpers/amanda.c:156:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = data = match + strlen(conns[i]);
data/conntrack-tools-1.4.6/src/helpers/ssdp.c:241:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int name_len = strlen(name);
data/conntrack-tools-1.4.6/src/helpers/ssdp.c:309:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, url, ip_len);
data/conntrack-tools-1.4.6/src/helpers/ssdp.c:335:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, url, ip_len);
data/conntrack-tools-1.4.6/src/helpers/tns.c:150:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
start = p + strlen("HOST=");
data/conntrack-tools-1.4.6/src/helpers/tns.c:151:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset = (int)(p - data) + strlen("HOST=");
data/conntrack-tools-1.4.6/src/helpers/tns.c:172:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen("PORT=");
data/conntrack-tools-1.4.6/src/local.c:49:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(local.sun_path) + sizeof(local.sun_family);
data/conntrack-tools-1.4.6/src/local.c:105:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(local.sun_path) + sizeof(local.sun_family);
data/conntrack-tools-1.4.6/src/log.c:74:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1]='\0';
data/conntrack-tools-1.4.6/src/log.c:152:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = buf + strlen(buf);
data/conntrack-tools-1.4.6/src/log.c:153:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1]='\t';
data/conntrack-tools-1.4.6/src/log.c:162:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nfct_snprintf(buf+strlen(buf), 1024-strlen(buf), ct, 0, type, flags);
data/conntrack-tools-1.4.6/src/log.c:162:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nfct_snprintf(buf+strlen(buf), 1024-strlen(buf), ct, 0, type, flags);
data/conntrack-tools-1.4.6/src/log.c:165:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buf+strlen(buf), 1024-strlen(buf), "\n");
data/conntrack-tools-1.4.6/src/log.c:165:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buf+strlen(buf), 1024-strlen(buf), "\n");
data/conntrack-tools-1.4.6/src/log.c:193:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = buf + strlen(buf);
data/conntrack-tools-1.4.6/src/log.c:194:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1]='\t';
data/conntrack-tools-1.4.6/src/log.c:199:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nfexp_snprintf(buf+strlen(buf), 1024-strlen(buf), exp, 0, type, flags);
data/conntrack-tools-1.4.6/src/log.c:199:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nfexp_snprintf(buf+strlen(buf), 1024-strlen(buf), exp, 0, type, flags);
data/conntrack-tools-1.4.6/src/log.c:202:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buf+strlen(buf), 1024-strlen(buf), "\n");
data/conntrack-tools-1.4.6/src/log.c:202:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buf+strlen(buf), 1024-strlen(buf), "\n");
data/conntrack-tools-1.4.6/src/main.c:99:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(argv[i+1], "ct", strlen(argv[i+1])) == 0) {
data/conntrack-tools-1.4.6/src/main.c:103:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i+1])) == 0) {
data/conntrack-tools-1.4.6/src/main.c:168:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[i]) > PATH_MAX) {
data/conntrack-tools-1.4.6/src/main.c:190:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i+1])) == 0) {
data/conntrack-tools-1.4.6/src/main.c:194:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i+1])) == 0) {
data/conntrack-tools-1.4.6/src/main.c:231:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i+1])) == 0) {
data/conntrack-tools-1.4.6/src/main.c:235:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i+1])) == 0) {
data/conntrack-tools-1.4.6/src/main.c:239:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i+1])) == 0) {
data/conntrack-tools-1.4.6/src/main.c:243:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i+1])) == 0) {
data/conntrack-tools-1.4.6/src/main.c:250:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i+1])) == 0) {
data/conntrack-tools-1.4.6/src/main.c:254:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i+1])) == 0) {
data/conntrack-tools-1.4.6/src/main.c:258:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i+1])) == 0) {
data/conntrack-tools-1.4.6/src/main.c:262:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i+1])) == 0) {
data/conntrack-tools-1.4.6/src/main.c:266:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i+1])) == 0) {
data/conntrack-tools-1.4.6/src/main.c:270:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i+1])) == 0) {
data/conntrack-tools-1.4.6/src/main.c:320:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0177);
data/conntrack-tools-1.4.6/src/nfct.c:82:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(nfct_cmd_array[i], cmdstr, strlen(cmdstr)) == 0)
data/conntrack-tools-1.4.6/src/nfct.c:108:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(nfct_subsys_array[i], cmdstr, strlen(cmdstr)) == 0)
data/conntrack-tools-1.4.6/src/queue.c:51:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(b->name, name, QUEUE_NAMELEN);
data/conntrack-tools-1.4.6/src/read_config_lex.c:2102:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/conntrack-tools-1.4.6/src/read_config_lex.c:3507:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes(yystr,(int) strlen(yystr) );
data/conntrack-tools-1.4.6/src/read_config_yy.c:1261:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/conntrack-tools-1.4.6/src/read_config_yy.c:1759:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conf.logfile, DEFAULT_LOGFILE, FILENAME_MAXLEN);
data/conntrack-tools-1.4.6/src/read_config_yy.c:1774:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen((yyvsp[0].string)) > FILENAME_MAXLEN) {
data/conntrack-tools-1.4.6/src/read_config_yy.c:1841:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen((yyvsp[0].string)) > FILENAME_MAXLEN) {
data/conntrack-tools-1.4.6/src/read_config_yy.c:2030:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conf.channel[conf.channel_num].channel_ifname, (yyvsp[0].string), IFNAMSIZ);
data/conntrack-tools-1.4.6/src/read_config_yy.c:2214:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conf.channel[conf.channel_num].channel_ifname, (yyvsp[0].string), IFNAMSIZ);
data/conntrack-tools-1.4.6/src/read_config_yy.c:2398:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conf.channel[conf.channel_num].channel_ifname, (yyvsp[0].string), IFNAMSIZ);
data/conntrack-tools-1.4.6/src/read_config_yy.c:2486:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen((yyvsp[0].string)) > UNIX_PATH_MAX) {
data/conntrack-tools-1.4.6/src/read_config_yy.c:3240:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(conf.stats.logfile, DEFAULT_STATS_LOGFILE, FILENAME_MAXLEN);
data/conntrack-tools-1.4.6/src/read_config_yy.c:3255:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen((yyvsp[0].string)) > FILENAME_MAXLEN) {
data/conntrack-tools-1.4.6/src/read_config_yy.c:3478:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen((yyvsp[-3].string)) > CTD_HELPER_NAME_LEN) {
data/conntrack-tools-1.4.6/src/read_config_yy.c:3843:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(CONFIG(lockfile), DEFAULT_LOCKFILE, FILENAME_MAXLEN);
data/conntrack-tools-1.4.6/src/run.c:193:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &type, sizeof(type)) <= 0) {
data/conntrack-tools-1.4.6/src/utils.c:88:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
srclen = strlen(src);
data/conntrack-tools-1.4.6/src/utils.c:146:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
srclen = strlen(src);
data/conntrack-tools-1.4.6/tests/conntrack/test-conntrack.c:52:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp[strlen(CT_PROG)] = ' ';
data/conntrack-tools-1.4.6/tests/conntrack/test-conntrack.c:68:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(tmp + strlen(CT_PROG) + 1, buf);
ANALYSIS SUMMARY:
Hits = 355
Lines analyzed = 33224 in approximately 0.89 seconds (37502 lines/second)
Physical Source Lines of Code (SLOC) = 25424
Hits@level = [0] 206 [1] 86 [2] 242 [3] 7 [4] 20 [5] 0
Hits@level+ = [0+] 561 [1+] 355 [2+] 269 [3+] 27 [4+] 20 [5+] 0
Hits/KSLOC@level+ = [0+] 22.0658 [1+] 13.9632 [2+] 10.5806 [3+] 1.06199 [4+] 0.786658 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.