Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/dlt-daemon-2.18.5/doc/mainpage.h
Examining data/dlt-daemon-2.18.5/examples/example1/example1.c
Examining data/dlt-daemon-2.18.5/examples/example2/dlt_id.h
Examining data/dlt-daemon-2.18.5/examples/example2/example2.c
Examining data/dlt-daemon-2.18.5/examples/example3/dlt_id.h
Examining data/dlt-daemon-2.18.5/examples/example3/example3.c
Examining data/dlt-daemon-2.18.5/examples/example4/example4.c
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/codegear/gtest_all.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/codegear/gtest_link.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest_main.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/gtest-death-test.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/gtest-message.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/gtest-param-test.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/gtest-printers.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/gtest-spi.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/gtest-test-part.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/gtest-typed-test.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/gtest.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/gtest_pred_impl.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/gtest_prod.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-death-test-internal.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-filepath.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-internal.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-linked_ptr.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-param-util-generated.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-param-util.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-port.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-string.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-tuple.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-type-util.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/prime_tables.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample1.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample1.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample10_unittest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample1_unittest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample2.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample2.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample2_unittest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample3-inl.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample3_unittest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample4.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample4.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample4_unittest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample5_unittest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample6_unittest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample7_unittest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample8_unittest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample9_unittest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-all.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-death-test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-filepath.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-internal-inl.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-port.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-printers.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-test-part.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-typed-test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest_main.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-death-test_ex_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-death-test_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-filepath_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-linked_ptr_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-listener_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-message_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-options_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-param-test2_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-param-test_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-param-test_test.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-port_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-printers_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-test-part_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-tuple_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-typed-test2_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-typed-test_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-typed-test_test.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-unittest-api_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_all_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_break_on_failure_unittest_.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_catch_exceptions_test_.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_color_test_.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_env_var_test_.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_environment_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_filter_unittest_.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_help_test_.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_list_tests_unittest_.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_main_unittest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_no_test_unittest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_output_test_.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_pred_impl_unittest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_premature_exit_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_prod_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_repeat_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_shuffle_test_.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_sole_header_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_stress_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_throw_on_failure_ex_test.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_throw_on_failure_test_.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_uninitialized_test_.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_xml_outfile1_test_.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_xml_outfile2_test_.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_xml_output_unittest_.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/production.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/test/production.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/xcode/Samples/FrameworkSample/widget.cc
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/xcode/Samples/FrameworkSample/widget.h
Examining data/dlt-daemon-2.18.5/gtest-1.7.0/xcode/Samples/FrameworkSample/widget_test.cc
Examining data/dlt-daemon-2.18.5/include/dlt/dlt.h
Examining data/dlt-daemon-2.18.5/include/dlt/dlt_client.h
Examining data/dlt-daemon-2.18.5/include/dlt/dlt_common.h
Examining data/dlt-daemon-2.18.5/include/dlt/dlt_common_api.h
Examining data/dlt-daemon-2.18.5/include/dlt/dlt_cpp_extension.hpp
Examining data/dlt-daemon-2.18.5/include/dlt/dlt_filetransfer.h
Examining data/dlt-daemon-2.18.5/include/dlt/dlt_offline_trace.h
Examining data/dlt-daemon-2.18.5/include/dlt/dlt_protocol.h
Examining data/dlt-daemon-2.18.5/include/dlt/dlt_shm.h
Examining data/dlt-daemon-2.18.5/include/dlt/dlt_types.h
Examining data/dlt-daemon-2.18.5/include/dlt/dlt_user_macros.h
Examining data/dlt-daemon-2.18.5/src/adaptor/dlt-adaptor-stdin.c
Examining data/dlt-daemon-2.18.5/src/adaptor/dlt-adaptor-udp.c
Examining data/dlt-daemon-2.18.5/src/android/dlt-logd-converter.cpp
Examining data/dlt-daemon-2.18.5/src/console/dlt-control-common.c
Examining data/dlt-daemon-2.18.5/src/console/dlt-control-common.h
Examining data/dlt-daemon-2.18.5/src/console/dlt-control.c
Examining data/dlt-daemon-2.18.5/src/console/dlt-convert.c
Examining data/dlt-daemon-2.18.5/src/console/dlt-passive-node-ctrl.c
Examining data/dlt-daemon-2.18.5/src/console/dlt-receive.c
Examining data/dlt-daemon-2.18.5/src/console/dlt-sortbytimestamp.c
Examining data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-common.c
Examining data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-common.h
Examining data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-ctrl.c
Examining data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-ctrl.h
Examining data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-list.c
Examining data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-list.h
Examining data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-prop.h
Examining data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-udev.c
Examining data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-udev.h
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/cityhash_c/city-test.cc
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/cityhash_c/city_c.c
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/cityhash_c/city_c.h
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/cityhash_c/citycrc_c.h
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.c
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.h
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_coredump.c
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_cpuinfo.h
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_crashid.c
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_definitions.h
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_streamer.c
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_streamer.h
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/i686/dlt_cdh_cpuinfo.c
Examining data/dlt-daemon-2.18.5/src/core_dump_handler/x86_64/dlt_cdh_cpuinfo.c
Examining data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c
Examining data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h
Examining data/dlt-daemon-2.18.5/src/daemon/dlt-daemon_cfg.h
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.h
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.h
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common_cfg.h
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_connection.c
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_connection.h
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_connection_types.h
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_event_handler.c
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_event_handler.h
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_event_handler_types.h
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.h
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage_internal.h
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_serial.c
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_serial.h
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_socket.c
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_socket.h
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_unix_socket.c
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_unix_socket.h
Examining data/dlt-daemon-2.18.5/src/daemon/udp_connection/dlt_daemon_udp_common_socket.h
Examining data/dlt-daemon-2.18.5/src/daemon/udp_connection/dlt_daemon_udp_socket.c
Examining data/dlt-daemon-2.18.5/src/daemon/udp_connection/dlt_daemon_udp_socket.h
Examining data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c
Examining data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c
Examining data/dlt-daemon-2.18.5/src/dbus/dlt-dbus.c
Examining data/dlt-daemon-2.18.5/src/dbus/dlt-dbus.h
Examining data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-slogger2-adapter.cpp
Examining data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c
Examining data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.h
Examining data/dlt-daemon-2.18.5/src/examples/dlt-example-filetransfer.c
Examining data/dlt-daemon-2.18.5/src/examples/dlt-example-multicast-clientmsg-view.c
Examining data/dlt-daemon-2.18.5/src/examples/dlt-example-user-common-api.c
Examining data/dlt-daemon-2.18.5/src/examples/dlt-example-user-func.c
Examining data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c
Examining data/dlt-daemon-2.18.5/src/gateway/dlt_gateway.c
Examining data/dlt-daemon-2.18.5/src/gateway/dlt_gateway.h
Examining data/dlt-daemon-2.18.5/src/gateway/dlt_gateway_internal.h
Examining data/dlt-daemon-2.18.5/src/gateway/dlt_gateway_types.h
Examining data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-common.c
Examining data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-common.h
Examining data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-interrupt.c
Examining data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-interrupt.h
Examining data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-options.c
Examining data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-process-list.c
Examining data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-process-list.h
Examining data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-process.c
Examining data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-process.h
Examining data/dlt-daemon-2.18.5/src/kpi/dlt-kpi.c
Examining data/dlt-daemon-2.18.5/src/kpi/dlt-kpi.h
Examining data/dlt-daemon-2.18.5/src/lib/dlt_client.c
Examining data/dlt-daemon-2.18.5/src/lib/dlt_client_cfg.h
Examining data/dlt-daemon-2.18.5/src/lib/dlt_env_ll.c
Examining data/dlt-daemon-2.18.5/src/lib/dlt_filetransfer.c
Examining data/dlt-daemon-2.18.5/src/lib/dlt_user.c
Examining data/dlt-daemon-2.18.5/src/lib/dlt_user_cfg.h
Examining data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c
Examining data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.h
Examining data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior_internal.h
Examining data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_internal.h
Examining data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.h
Examining data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c
Examining data/dlt-daemon-2.18.5/src/shared/dlt_common.c
Examining data/dlt-daemon-2.18.5/src/shared/dlt_common_cfg.h
Examining data/dlt-daemon-2.18.5/src/shared/dlt_config_file_parser.c
Examining data/dlt-daemon-2.18.5/src/shared/dlt_config_file_parser.h
Examining data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c
Examining data/dlt-daemon-2.18.5/src/shared/dlt_protocol.c
Examining data/dlt-daemon-2.18.5/src/shared/dlt_shm.c
Examining data/dlt-daemon-2.18.5/src/shared/dlt_user_shared.c
Examining data/dlt-daemon-2.18.5/src/shared/dlt_user_shared.h
Examining data/dlt-daemon-2.18.5/src/shared/dlt_user_shared_cfg.h
Examining data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c
Examining data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c
Examining data/dlt-daemon-2.18.5/src/system/dlt-system-logfile.c
Examining data/dlt-daemon-2.18.5/src/system/dlt-system-options.c
Examining data/dlt-daemon-2.18.5/src/system/dlt-system-process-handling.c
Examining data/dlt-daemon-2.18.5/src/system/dlt-system-processes.c
Examining data/dlt-daemon-2.18.5/src/system/dlt-system-shell.c
Examining data/dlt-daemon-2.18.5/src/system/dlt-system-syslog.c
Examining data/dlt-daemon-2.18.5/src/system/dlt-system-watchdog.c
Examining data/dlt-daemon-2.18.5/src/system/dlt-system.c
Examining data/dlt-daemon-2.18.5/src/system/dlt-system.h
Examining data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c
Examining data/dlt-daemon-2.18.5/src/tests/dlt-test-filetransfer.c
Examining data/dlt-daemon-2.18.5/src/tests/dlt-test-fork-handler.c
Examining data/dlt-daemon-2.18.5/src/tests/dlt-test-init-free.c
Examining data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process-client.c
Examining data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.c
Examining data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.h
Examining data/dlt-daemon-2.18.5/src/tests/dlt-test-non-verbose.c
Examining data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-client.c
Examining data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-user.c
Examining data/dlt-daemon-2.18.5/src/tests/dlt-test-stress.c
Examining data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c
Examining data/dlt-daemon-2.18.5/systemd/3rdparty/sd-daemon.h
Examining data/dlt-daemon-2.18.5/systemd/3rdparty/sd-daemon.c
Examining data/dlt-daemon-2.18.5/tests/dlt-test-cpp-extension.cpp
Examining data/dlt-daemon-2.18.5/tests/dlt-test-preregister-context.c
Examining data/dlt-daemon-2.18.5/tests/dlt_env_ll_unit_test.cpp
Examining data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c
Examining data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp
Examining data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp
Examining data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_event_handler.cpp
Examining data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp
Examining data/dlt-daemon-2.18.5/tests/gtest_dlt_shm.cpp
Examining data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp
Examining data/dlt-daemon-2.18.5/tests/mod_system_logger/mod_system_logger.c
Examining data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp
FINAL RESULTS:
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c:58:9: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if (readlink(l_exe_link, g_buffer, p_exec_name_maxsize) < 0)
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c:295:22: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
l_size = readlink(l_fullpath, l_linkpath, sizeof(l_linkpath));
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:751:11: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
ret = chmod(dir,
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:1201:19: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
ret = chown(tmpFifo, -1, group_dlt->gr_gid);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:300:15: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
ret = chmod(dlt_user_dir,
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:322:11: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
ret = chmod(filename, S_IRUSR | S_IWUSR | S_IWGRP | S_IRGRP);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1679:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(filename, S_IRUSR | S_IWUSR | S_IWGRP | S_IRGRP);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:1623:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define vsnprintf _vsnprintf
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:4119:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(fmt, args);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:4138:3: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(fmt, args);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:4145:3: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(fmt, args);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest.h:2868:20: [4] (buffer) StrNCpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
inline const char* StrNCpy(char* dest, const char* src, size_t n) {
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest.h:2940:26: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define GTEST_SNPRINTF_ _snprintf
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest.h:2942:26: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define GTEST_SNPRINTF_ snprintf
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest.h:8322:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(\
data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-death-test-internal.h:165:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(\
data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-port.h:1761:20: [4] (buffer) StrNCpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
inline const char* StrNCpy(char* dest, const char* src, size_t n) {
data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-port.h:1833:26: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define GTEST_SNPRINTF_ _snprintf
data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-port.h:1835:26: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define GTEST_SNPRINTF_ snprintf
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:139:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define vsnprintf _vsnprintf
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:2635:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(fmt, args);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:2654:3: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(fmt, args);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:2661:3: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(fmt, args);
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-death-test_test.cc:1295:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, InDeathTestChild() ? "Inside" : "Outside");
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-death-test_test.cc:1305:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, InDeathTestChild() ? "Inside" : "Outside");
data/dlt-daemon-2.18.5/src/console/dlt-control-common.h:45:8: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
({ fprintf(PRINT_OUT, pr_fmt(fmt), ## __VA_ARGS__); fflush(PRINT_OUT); })
data/dlt-daemon-2.18.5/src/console/dlt-control-common.h:47:31: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
({ if (get_verbosity()) { fprintf(PRINT_OUT, pr_fmt(fmt), ## __VA_ARGS__); fflush(PRINT_OUT); } })
data/dlt-daemon-2.18.5/src/console/dlt-convert.c:374:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
syserr = system(command);
data/dlt-daemon-2.18.5/src/console/dlt-sortbytimestamp.c:108:9: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(msg, args);
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-common.c:240:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(mnt_point, W_OK) == 0)
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.c:317:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(l_src_filename, sizeof(l_src_filename), patterns[pattern_num],
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.c:320:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(l_dst_filename, sizeof(l_dst_filename), patterns[pattern_num],
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.c:402:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(l_lockfilepath, sizeof(l_lockfilepath), patterns[pattern_num],
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c:343:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(l_outfilename, sizeof(l_outfilename), CONTEXT_FILE_PATTERN,
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c:355:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(l_procfile, sizeof(l_procfile), "/proc/%d/"x, \
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_coredump.c:126:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(l_dst_filename, sizeof(l_dst_filename), CORE_FILE_PATTERN,
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_crashid.c:177:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(crashid_file, "%" PRIx64, *(uint64_t *)p_proc->m_crashid);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:167:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(daemon->runtime_application_cfg, DLT_RUNTIME_APPLICATION_CFG); /* strcat uncritical here, because max length already checked */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:180:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(daemon->runtime_context_cfg, DLT_RUNTIME_CONTEXT_CFG); /* strcat uncritical here, because max length already checked */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:193:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(daemon->runtime_configuration, DLT_RUNTIME_CONFIGURATION); /* strcat uncritical here, because max length already checked */
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:83:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(options->BusType, optarg); /* strcpy uncritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:90:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(options->ApplicationId, optarg); /* strcpy uncritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:97:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(options->ConfigurationFileName, optarg); /* strcpy uncritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:175:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filter, filterBegin + 1);
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:203:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->ApplicationId, value); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:210:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->DBus.ContextId, value); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:217:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->DBus.BusType, value); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:225:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->DBus.FilterMatch[config->DBus.FilterCount], filter);
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:174:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(options->configurationFileName, optarg);
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:280:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->applicationId, value);
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:290:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->applicationContextId, value);
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:305:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->qnxslogger2.contextId, value);
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-options.c:79:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(options->configurationFileName, optarg); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:66:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(log_file_name, name);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:85:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(log_file_name, file_index);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:107:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(log_file_name, stamp);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:428:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(absolute_file_path, storage_path);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:429:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(absolute_file_path, file_name);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:447:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(absolute_file_path, storage_path);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:448:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(absolute_file_path, (*newest)->name);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:487:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(absolute_file_path, storage_path);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:488:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(absolute_file_path, file_name);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:519:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(absolute_file_path, storage_path);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:520:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(absolute_file_path, (*head)->name);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:400:13: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf(handle, "%s", str1) != 1)
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:415:13: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf(handle, "%s", str1) != 1)
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1786:19: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = vfprintf(stdout, format, args);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1789:19: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = vfprintf(stderr, format, args);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1820:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, sFormatString,
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1830:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, sFormatString,
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1841:9: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
syslog(prio,
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1855:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(logging_handle, sFormatString, (unsigned int)sTimeSpec.tv_sec,
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1882:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(outputString, 2047, format, args);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1906:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(outputString, size, format, args);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3316:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(binary, (i == (value8u & i)) ? "1" : "0");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3335:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(binary, (i == (value16u & i)) ? "1" : "0");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3553:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(text, textlength, "%" PRId64, value64i);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3568:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(text, textlength, "%" PRIu64, value64u);
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:351:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
else if (access(trace->directory, W_OK) != 0)
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:172:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(timestamp->real, sizeof(timestamp->real), "%s.%06" PRIu64, buffer_realtime_formatted,
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:195:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(timestamp->monotonic,
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:107:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(options->ConfigurationFileName, optarg); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:245:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->ApplicationId, value); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:263:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->Syslog.ContextId, value); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:279:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->Journal.ContextId, value); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:307:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->Filetransfer.ContextId, value); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:325:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->Filetransfer.TempDir, value); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:331:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->Filetransfer.Directory[config->Filetransfer.Count], value); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:362:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->LogFile.Filename[config->LogFile.Count], value); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:376:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->LogFile.ContextId[config->LogFile.Count], value); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:399:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->LogProcesses.ContextId, value); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:405:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->LogProcesses.Name[config->LogProcesses.Count], value); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:411:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config->LogProcesses.Filename[config->LogProcesses.Count], value); /* strcpy unritical here, because size matches exactly the size to be copied */
data/dlt-daemon-2.18.5/src/system/dlt-system-shell.c:93:23: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((syserr = system(text)) != 0)
data/dlt-daemon-2.18.5/src/tests/dlt-test-fork-handler.c:59:13: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (execlp("dlt-example-user", "dlt-example-user", "-n 1",
data/dlt-daemon-2.18.5/src/tests/dlt-test-init-free.c:113:17: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(cmd, "r")) == NULL)
data/dlt-daemon-2.18.5/systemd/3rdparty/sd-daemon.h:72:55: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define _sd_printf_attr_(a,b) __attribute__ ((format (printf, a, b)))
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1568:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1610:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1638:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1660:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1693:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1755:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1792:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1793:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfilter, "%s/testfilter.txt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1843:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1905:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1943:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1944:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfilter, "%s/testfilter.txt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1994:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2056:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2094:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2095:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfilter, "%s/testfilter.txt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2145:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2207:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2245:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2246:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfilter, "%s/testfilter.txt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2295:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2357:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2394:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2395:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfilter, "%s/testfilter.txt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2446:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2447:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfilter, "%s/testfilter.txt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2515:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2516:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfilter, "%s/testfilter.txt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2544:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2617:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2682:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2735:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2890:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3133:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3188:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3339:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3408:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3456:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3484:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3576:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(openfile, "%s/testfile.dlt", pwd);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:712:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void ShuffleRange(internal::Random* random, int begin, int end,
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:733:39: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
inline void Shuffle(internal::Random* random, std::vector<E>* v) {
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:734:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ShuffleRange(random, 0, static_cast<int>(v->size()), v);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:1202:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
internal::Random* random() { return &random_; }
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:3947:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void TestCase::ShuffleTests(internal::Random* random) {
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:3948:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Shuffle(random, &test_indices_);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:5777:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random()->Reseed(random_seed_);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:6087:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ShuffleRange(random(), 0, last_death_test_case_ + 1, &test_case_indices_);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:6090:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ShuffleRange(random(), last_death_test_case_ + 1,
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:6095:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
test_cases_[i]->ShuffleTests(random());
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest.h:2906:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char* const env = getenv(name);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest.h:2909:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
return getenv(name);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest.h:18306:39: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void ShuffleTests(internal::Random* random);
data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/gtest.h:893:39: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void ShuffleTests(internal::Random* random);
data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-port.h:1799:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char* const env = getenv(name);
data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-port.h:1802:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
return getenv(name);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-internal-inl.h:311:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void ShuffleRange(internal::Random* random, int begin, int end,
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-internal-inl.h:332:39: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
inline void Shuffle(internal::Random* random, std::vector<E>* v) {
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-internal-inl.h:333:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ShuffleRange(random, 0, static_cast<int>(v->size()), v);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-internal-inl.h:801:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
internal::Random* random() { return &random_; }
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:2463:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void TestCase::ShuffleTests(internal::Random* random) {
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:2464:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Shuffle(random, &test_indices_);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:4293:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random()->Reseed(random_seed_);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:4603:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ShuffleRange(random(), 0, last_death_test_case_ + 1, &test_case_indices_);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:4606:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ShuffleRange(random(), last_death_test_case_ + 1,
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:4611:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
test_cases_[i]->ShuffleTests(random());
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:426:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("TZ"))
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:427:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
saved_tz_ = strdup(getenv("TZ"));
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:430:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("TZ"))
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:431:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
saved_tz_ = strdup(getenv("TZ"));
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:720:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
testing::internal::Random random(42);
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:722:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random.Generate(0),
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:725:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random.Generate(testing::internal::Random::kMaxRange + 1),
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:732:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
testing::internal::Random random(12345);
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:734:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
EXPECT_LT(random.Generate(kRange), kRange) << " for iteration " << i;
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:749:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
testing::internal::Random random(kSeed);
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:751:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
values[i] = random.Generate(kRange);
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:754:3: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random.Reseed(kSeed);
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:756:26: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
EXPECT_EQ(values[i], random.Generate(kRange)) << " for iteration " << i;
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:821:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
testing::internal::Random random(1);
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:824:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ShuffleRange(&random, -1, 1, &a),
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:827:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ShuffleRange(&random, 4, 4, &a),
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:830:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ShuffleRange(&random, 3, 2, &a),
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:833:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ShuffleRange(&random, 3, 4, &a),
data/dlt-daemon-2.18.5/src/adaptor/dlt-adaptor-stdin.c:98:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "a:c:bht:v:")) != -1)
data/dlt-daemon-2.18.5/src/adaptor/dlt-adaptor-udp.c:111:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "a:c:hp:v:")) != -1)
data/dlt-daemon-2.18.5/src/console/dlt-control.c:314:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vhye:b:a:c:s:m:x:t:l:r:d:f:i:ogjku")) != -1)
data/dlt-daemon-2.18.5/src/console/dlt-convert.c:232:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vcashxmwtf:b:e:o:")) != -1) {
data/dlt-daemon-2.18.5/src/console/dlt-passive-node-ctrl.c:341:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "c:hn:stv")) != -1)
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:316:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vashyxmf:o:e:b:c:")) != -1)
data/dlt-daemon-2.18.5/src/console/dlt-sortbytimestamp.c:250:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vchf:b:e:")) != -1) {
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-ctrl.c:438:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc,
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:158:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "hdc:t:s:p:")) != -1)
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:161:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "hdc:t:p:")) != -1)
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:867:30: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *watchdogUSec = getenv("WATCHDOG_USEC");
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:72:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "c:b:a:hd")) != -1)
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:158:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "c:hd")) != -1)
data/dlt-daemon-2.18.5/src/examples/dlt-example-filetransfer.c:119:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "idf:t:a:c:h")) != -1)
data/dlt-daemon-2.18.5/src/examples/dlt-example-user-common-api.c:120:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vgcd:n:z:s:")) != -1)
data/dlt-daemon-2.18.5/src/examples/dlt-example-user-common-api.c:123:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vgd:n:")) != -1)
data/dlt-daemon-2.18.5/src/examples/dlt-example-user-func.c:123:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vgad:f:n:")) != -1)
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:150:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vgakcd:f:n:m:z:r:s:l:t:")) != -1)
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:153:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vgakd:f:n:m:l:r:t:")) != -1)
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-options.c:70:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "c:h")) != -1)
data/dlt-daemon-2.18.5/src/lib/dlt_client.c:136:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env_daemon_port = getenv(DLT_CLIENT_ENV_DAEMON_TCP_PORT);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:578:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv(DLT_USER_ENV_DISABLE_EXTENDED_HEADER_FOR_NONVERBOSE);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:606:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env_local_print = getenv(DLT_USER_ENV_LOCAL_PRINT_MODE);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:617:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env_initial_log_level = getenv("DLT_INITIAL_LOG_LEVEL");
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:623:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv("DLT_INITIAL_LOG_LEVEL"));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:633:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env_buffer_min = getenv(DLT_USER_ENV_BUFFER_MIN_SIZE);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:634:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env_buffer_max = getenv(DLT_USER_ENV_BUFFER_MAX_SIZE);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:635:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env_buffer_step = getenv(DLT_USER_ENV_BUFFER_STEP_SIZE);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:672:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env_log_buffer_len = getenv(DLT_USER_ENV_LOG_MSG_BUF_LEN);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3780:30: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *env_log_filename = getenv("DLT_LOG_FILENAME");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3785:31: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *env_log_level_str = getenv("DLT_LOG_LEVEL");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3794:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *env_log_mode = getenv("DLT_LOG_MODE");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3804:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *env_pipe_dir = getenv("DLT_PIPE_DIR");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3813:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char* env_shm_name = getenv("DLT_SHM_NAME");
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:96:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "c:hd")) != -1)
data/dlt-daemon-2.18.5/src/system/dlt-system-watchdog.c:120:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
watchdogUSec = getenv("WATCHDOG_USEC");
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:182:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vashyxmf:o:e:b:")) != -1)
data/dlt-daemon-2.18.5/src/tests/dlt-test-filetransfer.c:406:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "ht:i:")) != -1)
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process-client.c:124:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "m:yb:vo:")) != -1)
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.c:149:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "m:p:t:l:d:f:g")) != -1)
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.c:390:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(getpid());
data/dlt-daemon-2.18.5/src/tests/dlt-test-non-verbose.c:384:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "ailrho:")) != -1)
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-client.c:202:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vashyxmf:o:e:b:n:")) != -1)
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-user.c:133:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vf:n:r:d:s:")) != -1)
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress.c:143:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vf:123")) != -1)
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress.c:158:39: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env_manual_interruption = getenv("DLT_TEST_MANUAL_INTERRUPTION");
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress.c:291:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:192:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vf:n:")) != -1)
data/dlt-daemon-2.18.5/systemd/3rdparty/sd-daemon.c:78:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(e = getenv("LISTEN_PID"))) {
data/dlt-daemon-2.18.5/systemd/3rdparty/sd-daemon.c:102:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(e = getenv("LISTEN_FDS"))) {
data/dlt-daemon-2.18.5/systemd/3rdparty/sd-daemon.c:437:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(e = getenv("NOTIFY_SOCKET")))
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:153:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "vshyfla:o:e:b:")) != -1)
data/dlt-daemon-2.18.5/examples/example4/example4.c:55:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[256];
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:2328:7: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_ACP, 0, ansi, length,
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:2331:3: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_ACP, 0, ansi, length,
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:2841:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_text[kBufSize] = { '\0' };
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:2925:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[5]; // Big enough for the largest valid code point.
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:6808:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:7224:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char executable_path[_MAX_PATH + 1]; // NOLINT
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:7503:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const int cwd_fd = open(".", O_RDONLY);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:7941:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[GTEST_PATH_MAX_ + 1] = { '\0' };
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:7944:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[GTEST_PATH_MAX_ + 1] = { '\0' };
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:8321:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const int fd = open("/proc/self/as", O_RDONLY);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:8651:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, regex, len);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:8728:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_dir_path[MAX_PATH + 1] = { '\0' }; // NOLINT
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:8729:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_file_path[MAX_PATH + 1] = { '\0' }; // NOLINT
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:8766:29: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
const int captured_fd = mkstemp(name_template);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:9074:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[5] = "";
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest.h:2880:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(path, mode);
data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-port.h:1773:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(path, mode);
data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample2.cc:44:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(clone, a_c_string, len + 1);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-death-test.cc:314:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-death-test.cc:730:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char executable_path[_MAX_PATH + 1]; // NOLINT
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-death-test.cc:1009:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const int cwd_fd = open(".", O_RDONLY);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-filepath.cc:107:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[GTEST_PATH_MAX_ + 1] = { '\0' };
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-filepath.cc:110:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[GTEST_PATH_MAX_ + 1] = { '\0' };
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-port.cc:111:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const int fd = open("/proc/self/as", O_RDONLY);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-port.cc:441:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, regex, len);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-port.cc:518:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_dir_path[MAX_PATH + 1] = { '\0' }; // NOLINT
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-port.cc:519:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_file_path[MAX_PATH + 1] = { '\0' }; // NOLINT
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-port.cc:556:29: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
const int captured_fd = mkstemp(name_template);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-printers.cc:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[5] = "";
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:844:7: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_ACP, 0, ansi, length,
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:847:3: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_ACP, 0, ansi, length,
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:1357:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_text[kBufSize] = { '\0' };
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:1441:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[5]; // Big enough for the largest valid code point.
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-filepath_test.cc:371:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char current_drive[_MAX_PATH]; // NOLINT
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-filepath_test.cc:388:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char non_drive[_MAX_PATH]; // NOLINT
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-printers_test.cc:127:32: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
UnprintableInFoo() : z_(0) { memcpy(xy_, "\xEF\x12\x0\x0\x34\xAB\x0\x0", 8); }
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-printers_test.cc:129:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xy_[8];
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-printers_test.cc:1062:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[257];
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:7301:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char a[3] = "hi";
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest_unittest.cc:7385:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char a[2][3] = { "hi", "lo" };
data/dlt-daemon-2.18.5/gtest-1.7.0/xcode/Samples/FrameworkSample/widget_test.cc:58:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[max_size];
data/dlt-daemon-2.18.5/include/dlt/dlt_client.h:95:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecuid[4]; /**< ECUiD */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:304:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy(dst, src, DLT_ID_SIZE); src += DLT_ID_SIZE; length -= DLT_ID_SIZE; } \
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:315:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, length); \
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:411:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char dltSerialHeader[DLT_ID_SIZE];
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:416:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char dltSerialHeaderChar[DLT_ID_SIZE];
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:422:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char dltFifoBaseDir[DLT_PATH_MAX];
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:429:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char dltShmName[NAME_MAX + 1];
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:435:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char ID4[DLT_ID_SIZE];
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:442:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[DLT_ID_SIZE]; /**< This pattern should be DLT0x01 */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:445:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecu[DLT_ID_SIZE]; /**< The ECU id is added, if it is not already in the DLT message itself */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:463:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecu[DLT_ID_SIZE]; /**< ECU id */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:475:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE]; /**< application id */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:476:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_ID_SIZE]; /**< context id */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:515:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE]; /**< application id */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:516:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_ID_SIZE]; /**< context id */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:517:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com[DLT_ID_SIZE]; /**< communication interface */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:530:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char context_id[DLT_ID_SIZE];
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:539:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char app_id[DLT_ID_SIZE];
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:557:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com[DLT_ID_SIZE]; /**< communication interface */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:567:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE]; /**< application id */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:568:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_ID_SIZE]; /**< context id */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:570:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com[DLT_ID_SIZE]; /**< communication interface */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:580:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com[DLT_ID_SIZE]; /**< communication interface */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:598:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com[DLT_ID_SIZE]; /**< communication interface */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:608:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com[DLT_ID_SIZE]; /**< communication interface */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:653:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE]; /**< application id */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:654:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_ID_SIZE]; /**< context id */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:655:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comid[DLT_ID_SIZE]; /**< communication interface */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:666:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comid[DLT_ID_SIZE]; /**< communication interface */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:695:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mount_point[DLT_MOUNT_PATH_MAX]; /**< storage device mount point */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:697:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comid[DLT_ID_SIZE]; /**< communication interface */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:704:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_id[DLT_ID_SIZE]; /**< passive node ID */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:716:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_id[DLT_ENTRY_MAX]; /**< list of passive node IDs */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:726:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_FILTER_MAX][DLT_ID_SIZE]; /**< application id */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:727:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_FILTER_MAX][DLT_ID_SIZE]; /**< context id */
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:799:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char head[4];
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:811:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[DLT_IP_SIZE];
data/dlt-daemon-2.18.5/include/dlt/dlt_offline_trace.h:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[NAME_MAX + 1];/**< (String) Store DLT messages to local directory */
data/dlt-daemon-2.18.5/include/dlt/dlt_offline_trace.h:70:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[NAME_MAX + 1]; /**< (String) Filename of currently used log file */
data/dlt-daemon-2.18.5/include/dlt/dlt_shm.h:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char head[4];
data/dlt-daemon-2.18.5/src/adaptor/dlt-adaptor-stdin.c:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAXSTRLEN];
data/dlt-daemon-2.18.5/src/adaptor/dlt-adaptor-stdin.c:88:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE];
data/dlt-daemon-2.18.5/src/adaptor/dlt-adaptor-stdin.c:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_ID_SIZE];
data/dlt-daemon-2.18.5/src/adaptor/dlt-adaptor-stdin.c:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/adaptor/dlt-adaptor-stdin.c:117:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(optarg);
data/dlt-daemon-2.18.5/src/adaptor/dlt-adaptor-udp.c:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recv_data[MAXSTRLEN];
data/dlt-daemon-2.18.5/src/adaptor/dlt-adaptor-udp.c:101:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE];
data/dlt-daemon-2.18.5/src/adaptor/dlt-adaptor-udp.c:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_ID_SIZE];
data/dlt-daemon-2.18.5/src/adaptor/dlt-adaptor-udp.c:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/adaptor/dlt-adaptor-udp.c:142:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(optarg);
data/dlt-daemon-2.18.5/src/console/dlt-control-common.c:90:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char local_ecuid[DLT_CTRL_ECUID_LEN]; /* Name of ECU */
data/dlt-daemon-2.18.5/src/console/dlt-control-common.c:153:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[DLT_LINE_LEN - 1] = { 0 };
data/dlt-daemon-2.18.5/src/console/dlt-control-common.c:154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[DLT_LINE_LEN] = { 0 };
data/dlt-daemon-2.18.5/src/console/dlt-control-common.c:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[DLT_LINE_LEN] = { 0 };
data/dlt-daemon-2.18.5/src/console/dlt-control-common.c:164:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pFile = fopen(filename, "r");
data/dlt-daemon-2.18.5/src/console/dlt-control-common.c:193:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*config_data,
data/dlt-daemon-2.18.5/src/console/dlt-control-common.c:392:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->databuffer, data->data, data->size);
data/dlt-daemon-2.18.5/src/console/dlt-control-common.c:490:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[DLT_RECEIVE_BUFSIZE] = { 0 };
data/dlt-daemon-2.18.5/src/console/dlt-control.c:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecuid[4];
data/dlt-daemon-2.18.5/src/console/dlt-control.c:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/console/dlt-control.c:168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE + 1] = { 0 };
data/dlt-daemon-2.18.5/src/console/dlt-control.c:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_ID_SIZE + 1] = { 0 };
data/dlt-daemon-2.18.5/src/console/dlt-control.c:338:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dltdata.bvalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/console/dlt-control.c:366:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dltdata.svalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/console/dlt-control.c:381:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dltdata.tvalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/console/dlt-control.c:408:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dltdata.dvalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/console/dlt-control.c:413:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dltdata.fvalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/console/dlt-control.c:418:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dltdata.ivalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/console/dlt-control.c:730:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char resp_text[DLT_RECEIVE_BUFSIZE];
data/dlt-daemon-2.18.5/src/console/dlt-control.c:828:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp->payload, message->databuffer +
data/dlt-daemon-2.18.5/src/console/dlt-convert.c:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[DLT_CONVERT_TEXTBUFSIZE];
data/dlt-daemon-2.18.5/src/console/dlt-convert.c:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_filename[FILENAME_SIZE] = { 0 };
data/dlt-daemon-2.18.5/src/console/dlt-convert.c:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[DLT_CONVERT_TEXTBUFSIZE] = { 0 };
data/dlt-daemon-2.18.5/src/console/dlt-convert.c:219:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[COMMAND_SIZE] = { 0 };
data/dlt-daemon-2.18.5/src/console/dlt-convert.c:220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_filename[FILENAME_SIZE] = { 0 };
data/dlt-daemon-2.18.5/src/console/dlt-convert.c:334:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ohandle = open(ovalue, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); /* mode: wb */
data/dlt-daemon-2.18.5/src/console/dlt-convert.c:410:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
begin = atoi(bvalue);
data/dlt-daemon-2.18.5/src/console/dlt-convert.c:415:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
end = atoi(evalue);
data/dlt-daemon-2.18.5/src/console/dlt-passive-node-ctrl.c:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_id[DLT_ID_SIZE]; /**< node identifier */
data/dlt-daemon-2.18.5/src/console/dlt-passive-node-ctrl.c:172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resp_ok[MAX_RESPONSE_LENGTH] = { 0 };
data/dlt-daemon-2.18.5/src/console/dlt-passive-node-ctrl.c:240:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(serv->node_id, ecuid, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:105:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecuid[4];
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:218:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[PATH_MAX + 1];
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:242:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int cur = atoi(&inner.gl_pathv[i][strlen(dltdata->ovaluebase) + 1]);
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:255:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX + 1];
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:272:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dltdata->ohandle = open(dltdata->ovalue, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:374:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dltdata.ovaluebase, dltdata.ovalue, to_copy);
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:384:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dltdata.bvalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:489:31: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dltdata.ohandle = open(dltdata.ovalue, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:530:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_RECEIVE_BUFSIZE];
data/dlt-daemon-2.18.5/src/console/dlt-sortbytimestamp.c:97:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char snow[50];
data/dlt-daemon-2.18.5/src/console/dlt-sortbytimestamp.c:196:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[DLT_VERBUFSIZE];
data/dlt-daemon-2.18.5/src/console/dlt-sortbytimestamp.c:339:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ohandle = open(ovalue, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); /* mode: wb */
data/dlt-daemon-2.18.5/src/console/dlt-sortbytimestamp.c:369:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
begin = atoi(bvalue);
data/dlt-daemon-2.18.5/src/console/dlt-sortbytimestamp.c:374:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
end = atoi(evalue);
data/dlt-daemon-2.18.5/src/console/dlt-sortbytimestamp.c:449:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*) &temp_timestamp_index[i],
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-common.c:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_path[DLT_MOUNT_PATH_MAX]; /**< Default Mount path */
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-ctrl.c:156:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resp_ok[MAX_RESPONSE_LENGTH] = { 0 };
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-ctrl.c:157:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resp_warning[MAX_RESPONSE_LENGTH] = { 0 };
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-ctrl.c:158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resp_perm_denied[MAX_RESPONSE_LENGTH] = { 0 };
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-list.c:174:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr->mnt_point, path, path_len);
data/dlt-daemon-2.18.5/src/core_dump_handler/cityhash_c/city-test.cc:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char data[kDataSize];
data/dlt-daemon-2.18.5/src/core_dump_handler/cityhash_c/city-test.cc:52:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + i, &u, 1); // uint8 -> char
data/dlt-daemon-2.18.5/src/core_dump_handler/cityhash_c/city_c.c:502:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[240];
data/dlt-daemon-2.18.5/src/core_dump_handler/cityhash_c/city_c.c:503:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, s, len);
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.c:194:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockfilepath[CORE_MAX_FILENAME_LENGTH];
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.c:204:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filepath[CORE_MAX_FILENAME_LENGTH] = { 0 };
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.c:304:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_src_filename[CORE_MAX_FILENAME_LENGTH] = { 0 };
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.c:305:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_dst_filename[CORE_MAX_FILENAME_LENGTH] = { 0 };
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.c:393:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_lockfilepath[CORE_MAX_FILENAME_LENGTH] = { 0 };
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.c:414:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd_lockfile = open(l_lockfilepath, O_CREAT | O_WRONLY | O_TRUNC, S_IRUSR | S_IWUSR)) >= 0) {
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.h:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_PROC_NAME_LENGTH];
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.h:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char threadname[MAX_PROC_NAME_LENGTH];
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.h:83:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char m_crashid[CRASH_ID_LEN];
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c:37:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char g_buffer[4096];
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c:52:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_exe_link[CORE_MAX_FILENAME_LENGTH] = { 0 };
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c:90:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((l_fin = fopen(p_src_filename, "rt")) == NULL) {
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c:250:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_fullpath[CORE_MAX_FILENAME_LENGTH] = { 0 };
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c:251:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_linkpath[CORE_MAX_FILENAME_LENGTH] = { 0 };
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c:252:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_modebuf[12] = { 0 };
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c:337:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_procfile[256] = { 0 };
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c:338:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_outfilename[CORE_MAX_FILENAME_LENGTH] = { 0 };
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c:349:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((l_fout = fopen(l_outfilename, "w+t")) == NULL) {
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_coredump.c:124:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_dst_filename[CORE_MAX_FILENAME_LENGTH];
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_crashid.c:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cityhash_in[CRASHID_BUF_SIZE];
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_crashid.c:112:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cityhash_in, p_proc->name, MAX_PROC_NAME_LENGTH);
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_crashid.c:113:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cityhash_in + MAX_PROC_NAME_LENGTH, &p_proc->m_crashid_phase1, sizeof(uint64_t));
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_crashid.c:116:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p_proc->m_crashid, &cityhash_result, sizeof(uint64_t));
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_crashid.c:152:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p_proc->m_crashid, &p_proc->m_crashid_phase1, sizeof(uint64_t));
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_crashid.c:172:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((crashid_file = fopen(CRASHID_FILE, "wt")) == NULL) {
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_streamer.c:68:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ((p_fs->stream = fopen(p_src_fname, "rb")) == NULL) {
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[DLT_DAEMON_TEXTBUFSIZE];
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:191:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.port = atoi(optarg);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:249:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[value_length - 1];
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:250:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[value_length];
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:251:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[value_length];
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:333:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pFile = fopen (filename, "r");
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:363:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.vflag = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:368:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.aflag = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:373:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.xflag = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:378:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.sflag = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:383:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.lflag = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:388:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.rflag = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:393:76: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.autoResponseGetLogInfoOption = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:398:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.sendMessageTime = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:403:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.mflag = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:408:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.nflag = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:437:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.loggingMode = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:442:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.loggingLevel = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:455:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->timeoutOnSend = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:476:64: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.sharedMemorySize = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:489:68: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.offlineTraceFileSize = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:494:67: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.offlineTraceMaxSize = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:499:82: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.offlineTraceFilenameTimestampBased = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:504:70: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.sendECUSoftwareVersion = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:517:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.sendTimezone = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:522:75: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.offlineLogstorageMaxDevices = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:533:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(value) == 0)
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:544:75: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.offlineLogstorageMaxCounter = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:550:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(unsigned int)atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:567:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_local->flags.gatewayMode = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:583:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int const intval = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:599:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int const intval = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:615:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int const intval = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:773:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[DLT_DAEMON_TEXTBUFSIZE];
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:774:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_str[DLT_DAEMON_TEXTBUFSIZE];
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:873:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
watchdogTimeoutSeconds = atoi(watchdogUSec) / 2000000;
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:1125:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(daemon_local->flags.yvalue, O_RDWR);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:1139:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
speed = atoi(daemon_local->flags.bvalue);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:1221:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(tmpFifo, O_RDWR);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:1399:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(daemon_local->flags.pathToECUSoftwareVersion, "r");
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:1520:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[DLT_PATH_MAX] = { 0 };
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:1592:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/null", O_RDWR);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:1687:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *)(msg.databuffer + msg.datasize), (uint8_t *)(&uiType), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:1689:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *)(msg.databuffer + msg.datasize), (uint8_t *)(&uiSize), sizeof(uint16_t));
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:1691:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *)(msg.databuffer + msg.datasize), str, uiSize);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:1717:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_str[DLT_DAEMON_TEXTBUFSIZE] = { '\0' };
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:2323:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[DLT_DAEMON_DESCSIZE + 1] = { '\0' };
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:2361:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(description, "Unknown", sizeof("Unknown"));
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:2403:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_str[DLT_DAEMON_TEXTBUFSIZE] = { '\0' };
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:2429:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[DLT_DAEMON_DESCSIZE + 1] = { '\0' };
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:2470:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(description, "Unknown", sizeof("Unknown"));
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:2540:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_str[DLT_DAEMON_TEXTBUFSIZE] = { '\0' };
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:2699:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_str[DLT_DAEMON_TEXTBUFSIZE] = { '\0' };
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:2764:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_str[DLT_DAEMON_TEXTBUFSIZE] = { '\0' };
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:3084:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dlt_timer_conn_types[DLT_TIMER_UNKNOWN + 1] = {
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:3094:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dlt_timer_names[DLT_TIMER_UNKNOWN + 1][32] = {
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:3169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_str[DLT_DAEMON_TEXTBUFSIZE] = { '\0' };
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char evalue[NAME_MAX + 1]; /**< (String: ECU ID) Set ECU ID (Default: ECU1) */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bvalue[NAME_MAX + 1]; /**< (String: Baudrate) Serial device baudrate (Default: 115200) */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yvalue[NAME_MAX + 1]; /**< (String: Devicename) Additional support for serial device */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:99:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ivalue[NAME_MAX + 1]; /**< (String: Directory) Directory where to store the persistant configuration (Default: /tmp) */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvalue[NAME_MAX + 1]; /**< (String: Directory) Filename of DLT configuration file (Default: /etc/dlt.conf) */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char offlineTraceDirectory[DLT_DAEMON_FLAG_MAX]; /**< (String: Directory) Store DLT messages to local directory (Default: /etc/dlt.conf) */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loggingFilename[DLT_DAEMON_FLAG_MAX]; /**< (String: Filename) The logging filename if internal logging mode is log to file (Default: /tmp/log) */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathToECUSoftwareVersion[DLT_DAEMON_FLAG_MAX]; /**< (String: Filename) The file from which to read the ECU version from. */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char offlineLogstorageDirPath[DLT_MOUNT_PATH_MAX]; /**< (String: Directory) DIR path to store offline logs */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appSockPath[DLT_DAEMON_FLAG_MAX]; /**< Path to User socket */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:123:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userPipesDir[DLT_PATH_MAX]; /**< (String: Directory) directory where dltpipes reside (Default: /tmp/dltpipes) */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char daemonFifoName[DLT_PATH_MAX]; /**< (String: Filename) name of local fifo (Default: /tmp/dlt) */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char daemonFifoGroup[DLT_PATH_MAX]; /**< (String: Group name) Owner group of local fifo (Default: Primary Group) */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:128:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dltShmName[NAME_MAX + 1]; /**< Shared memory name */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctrlSockPath[DLT_DAEMON_FLAG_MAX]; /**< Path to Control socket */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:133:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gatewayConfigFile[DLT_DAEMON_FLAG_MAX]; /**< Gateway config file path */
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.h:164:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char UDPMulticastIPAddress[MULTICASTIP_MAX_SIZE]; /* multicast ip addres */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:311:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:779:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.databuffer + msg.datasize - len, daemon->ECUVersionString, len);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:858:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[255];
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1051:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp.databuffer, &sid, sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1056:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp.databuffer + offset, &value, sizeof(int8_t));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1062:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp.databuffer + offset, &count_app_ids, sizeof(uint16_t));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1106:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp.databuffer + offset, &count_con_ids, sizeof(uint16_t));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1140:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp.databuffer + offset, &ll, sizeof(int8_t));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1147:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp.databuffer + offset, &ts, sizeof(int8_t));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1155:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp.databuffer + offset, &len, sizeof(uint16_t));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1157:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp.databuffer + offset, context->context_description,
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1163:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp.databuffer + offset, &len, sizeof(uint16_t));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1183:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp.databuffer + offset, &len, sizeof(uint16_t));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1185:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp.databuffer + offset, application->application_description,
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1191:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp.databuffer + offset, &len, sizeof(uint16_t));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1532:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE], ctid[DLT_ID_SIZE];
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1613:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(userbuffer, ptr, data_length_inject); /* Copy received injection to send buffer */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1684:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src_str[DLT_ID_SIZE + 1] = { 0 };
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1727:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE + 1] = { 0 };
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1728:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_ID_SIZE + 1] = { 0 };
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1857:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src_str[DLT_ID_SIZE + 1] = { 0 };
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1900:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE + 1] = { 0 };
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1901:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_ID_SIZE + 1] = { 0 };
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:2716:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&resp->node_id[i * DLT_ID_SIZE], con->ecuid, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:402:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[DLT_DAEMON_COMMON_TEXTBUFSIZE];
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:444:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user_list->applications,
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:482:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(application->application_description, description, strlen(description) + 1);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:519:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dlt_user_handle = open(filename, O_WRONLY | O_NONBLOCK);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:639:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DLT_DAEMON_COMMON_TEXTBUFSIZE];
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:648:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(filename, "r");
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:732:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE + 1]; /* DLT_ID_SIZE+1, because the 0-termination is required here */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:748:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(filename, "w");
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:844:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user_list->contexts,
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:871:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(context->context_description, description, strlen(description) + 1);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:1075:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DLT_DAEMON_COMMON_TEXTBUFSIZE];
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:1085:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(filename, "r");
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:1186:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE + 1], ctid[DLT_ID_SIZE + 1]; /* DLT_ID_SIZE+1, because the 0-termination is required here */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:1203:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(filename, "w");
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:1244:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(filename, "w");
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:1262:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:1263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[1024];
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:1264:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[1024];
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:1269:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pFile = fopen (filename, "r");
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:1299:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon->mode = atoi(value);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:1441:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(filename, "r");
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:1449:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(filename1, "r");
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.h:133:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE]; /**< application id */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.h:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE]; /**< application id */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.h:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_ID_SIZE]; /**< context id */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.h:165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecu[DLT_ID_SIZE]; /**< ECU ID of where contexts are registered */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.h:180:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecuid[DLT_ID_SIZE]; /**< ECU ID of daemon */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.h:184:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char runtime_application_cfg[PATH_MAX + 1]; /**< Path and filename of persistent application configuration. Set to path max, as it specifies a full path*/
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.h:185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char runtime_context_cfg[PATH_MAX + 1]; /**< Path and filename of persistent context configuration */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.h:186:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char runtime_configuration[PATH_MAX + 1]; /**< Path and filename of persistent configuration */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:52:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ecuid, key, (len - 2));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:53:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(apid, ".*", 2);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:54:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctid, ".*", 2);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:80:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(apid, ".*", 2);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:105:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctid, ".*", 2);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:187:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctid, ".*", 2);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:231:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(apid, ".*", 2);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:552:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_id[DLT_ID_SIZE + 1] = { '\0' };
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:690:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE + 1] = { '\0' };
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:691:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_ID_SIZE + 1] = { '\0' };
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:692:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecuid[DLT_ID_SIZE + 1] = { '\0' };
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:775:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[DLT_OFFLINE_LOGSTORAGE_MAX_KEY_LEN + 1] = { '\0' };
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:878:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[DLT_OFFLINE_LOGSTORAGE_MAX_KEY_LEN + 1] = { '\0' };
data/dlt-daemon-2.18.5/src/daemon/udp_connection/dlt_daemon_udp_socket.c:70:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&g_udpmulticast_addr.clientaddr, &clientaddr, sizeof(struct sockaddr_in));
data/dlt-daemon-2.18.5/src/daemon/udp_connection/dlt_daemon_udp_socket.c:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portnumbuffer[SOCKPORT_MAX_LEN] = { 0 };
data/dlt-daemon-2.18.5/src/daemon/udp_connection/dlt_daemon_udp_socket.c:234:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, data1, size1);
data/dlt-daemon-2.18.5/src/daemon/udp_connection/dlt_daemon_udp_socket.c:235:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + size1, data2, size2);
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:144:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(file_name, "r");
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus.c:39:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dbus_message_buffer[DBUS_MAXIMUM_MESSAGE_LENGTH];
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus.c:120:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = (DBusBusType)atoi(options.BusType);
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus.c:122:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = (DBusBusType)atoi(config.DBus.BusType);
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus.h:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *FilterMatch[DLT_DBUS_FILTER_MAX];
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:224:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(file_name, "r");
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:295:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->qnxslogger2.enable = atoi(value);
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:309:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->qnxslogger2.useOriginalTimestamp = atoi(value);
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:355:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/null", O_RDWR);
data/dlt-daemon-2.18.5/src/examples/dlt-example-filetransfer.c:82:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/examples/dlt-example-filetransfer.c:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE];
data/dlt-daemon-2.18.5/src/examples/dlt-example-filetransfer.c:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_ID_SIZE];
data/dlt-daemon-2.18.5/src/examples/dlt-example-filetransfer.c:179:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(tvalue);
data/dlt-daemon-2.18.5/src/examples/dlt-example-multicast-clientmsg-view.c:97:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_RECEIVE_TEXTBUFSIZE];
data/dlt-daemon-2.18.5/src/examples/dlt-example-user-common-api.c:71:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/examples/dlt-example-user-common-api.c:196:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxnum = atoi(nvalue);
data/dlt-daemon-2.18.5/src/examples/dlt-example-user-common-api.c:201:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
delay = atoi(dvalue) * 1000000;
data/dlt-daemon-2.18.5/src/examples/dlt-example-user-common-api.c:220:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dlt_user_test_corrupt_message_size(1, atoi(svalue));
data/dlt-daemon-2.18.5/src/examples/dlt-example-user-common-api.c:223:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
char *buffer = malloc(atoi(zvalue));
data/dlt-daemon-2.18.5/src/examples/dlt-example-user-common-api.c:231:77: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
DLT_LOG2(mycontext, DLT_LOG_WARN, DLT_STRING(text), DLT_RAW(buffer, atoi(zvalue)));
data/dlt-daemon-2.18.5/src/examples/dlt-example-user-func.c:87:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/examples/dlt-example-user-func.c:203:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxnum = atoi(nvalue);
data/dlt-daemon-2.18.5/src/examples/dlt-example-user-func.c:208:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
delay = atoi(dvalue) * 1000000;
data/dlt-daemon-2.18.5/src/examples/dlt-example-user-func.c:275:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:80:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void dlt_user_log_level_changed_callback(char context_id[DLT_ID_SIZE], uint8_t log_level, uint8_t trace_status);
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:91:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:211:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lvalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:221:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rvalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:294:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
printf("Set log mode to %d\n", atoi(mvalue));
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:295:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dlt_set_log_mode(atoi(mvalue));
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:308:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxnum = atoi(nvalue);
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:313:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
delay = atoi(dvalue) * 1000000;
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:318:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dlt_set_resend_timeout_atexit(atoi(tvalue));
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:335:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dlt_user_test_corrupt_message_size(1, atoi(svalue));
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:338:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
char *buffer = malloc(atoi(zvalue));
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:346:77: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
DLT_LOG(mycontext1, DLT_LOG_WARN, DLT_STRING(text), DLT_RAW(buffer, atoi(zvalue)));
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:415:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:429:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void dlt_user_log_level_changed_callback(char context_id[DLT_ID_SIZE], uint8_t log_level, uint8_t trace_status)
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:431:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[5];
data/dlt-daemon-2.18.5/src/examples/dlt-example-user.c:434:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(text, context_id, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/gateway/dlt_gateway.c:714:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char section[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = { '\0' };
data/dlt-daemon-2.18.5/src/gateway/dlt_gateway.c:715:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = { '\0' };
data/dlt-daemon-2.18.5/src/gateway/dlt_gateway.c:1083:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resp_text[DLT_RECEIVE_BUFSIZE] = { '\0' };
data/dlt-daemon-2.18.5/src/gateway/dlt_gateway.c:1600:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_id[DLT_ID_SIZE],
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-common.c:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-common.c:47:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*target, buffer, strlen(buffer) + 1);
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-common.c:59:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename, "r");
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-common.c:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-interrupt.c:34:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-interrupt.c:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_buffer[BUFFER_SIZE];
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-options.c:32:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-options.c:129:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(file_name, "r");
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-process.c:242:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_process, original, sizeof(DltKpiProcess));
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-process.c:317:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[BUFFER_SIZE];
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi.c:234:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/dlt-daemon-2.18.5/src/lib/dlt_client.c:139:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp_port = atoi(env_daemon_port);
data/dlt-daemon-2.18.5/src/lib/dlt_client.c:162:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portnumbuffer[33];
data/dlt-daemon-2.18.5/src/lib/dlt_client.c:210:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
client->sock = open(client->serialDevice, O_RDWR);
data/dlt-daemon-2.18.5/src/lib/dlt_client.c:417:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.databuffer, payload, size);
data/dlt-daemon-2.18.5/src/lib/dlt_client.c:535:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(payload, &serviceID, sizeof(serviceID));
data/dlt-daemon-2.18.5/src/lib/dlt_client.c:537:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(payload + offset, &size, sizeof(size));
data/dlt-daemon-2.18.5/src/lib/dlt_client.c:539:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(payload + offset, buffer, size);
data/dlt-daemon-2.18.5/src/lib/dlt_env_ll.c:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[strlen("verbose") + 1];
data/dlt-daemon-2.18.5/src/lib/dlt_env_ll.c:329:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ll_set->item, old_set, sizeof(dlt_env_ll_item) * old_size);
data/dlt-daemon-2.18.5/src/lib/dlt_filetransfer.c:74:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUFFER_SIZE];
data/dlt-daemon-2.18.5/src/lib/dlt_filetransfer.c:256:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fcreationdate[50];
data/dlt-daemon-2.18.5/src/lib/dlt_filetransfer.c:321:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creationdate[50];
data/dlt-daemon-2.18.5/src/lib/dlt_filetransfer.c:457:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fcreationdate[50];
data/dlt-daemon-2.18.5/src/lib/dlt_filetransfer.c:513:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fcreationdate[50];
data/dlt-daemon-2.18.5/src/lib/dlt_filetransfer.c:555:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen (filename, "rb");
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:85:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dlt_user_dir[DLT_PATH_MAX];
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:86:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dlt_daemon_fifo[DLT_PATH_MAX];
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:191:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lib_major_version[DLT_USER_MAX_LIB_VERSION_LENGTH];
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lib_minor_version[DLT_USER_MAX_LIB_VERSION_LENGTH];
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:217:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dltSockBaseDir[DLT_IPC_PATH_MAX];
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:285:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[DLT_PATH_MAX];
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:329:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dlt_user.dlt_user_handle = open(filename, O_RDWR | O_NONBLOCK | O_CLOEXEC);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:338:31: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dlt_user.dlt_log_handle = open(dlt_daemon_fifo, O_WRONLY | O_NONBLOCK | O_CLOEXEC);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:454:31: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dlt_user.dlt_log_handle = open(name, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); /* mode: wb */
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:477:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char queue_name[NAME_MAX];
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:825:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[DLT_PATH_MAX];
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:946:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char queue_name[NAME_MAX];
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1088:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *contextid,
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1089:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *description,
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1092:88: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void (*dlt_log_level_changed_callback)(char context_id[DLT_ID_SIZE],
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1184:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dlt_user.dlt_ll_ts, old_ll_ts, sizeof(dlt_ll_ts_type) * dlt_user.dlt_ll_ts_num_entries);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1306:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *contextid,
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1307:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *description,
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1308:82: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void (*dlt_log_level_changed_callback)(char context_id[DLT_ID_SIZE],
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1594:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(log->buffer, &(messageid), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1667:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1672:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(length), sizeof(uint16_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1675:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, data, length);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1707:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1711:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(float32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1743:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1747:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(float64_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1817:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1821:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(uint8_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1850:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1854:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(uint16_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1883:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1887:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1916:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1920:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(uint64_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1961:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1965:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(uint8_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2006:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2010:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(uint16_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2051:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2055:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2096:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2100:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(uint64_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2198:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2202:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(int8_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2231:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2235:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(int16_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2264:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2268:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(int32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2297:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2301:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(int64_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2330:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2334:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &data, sizeof(uint8_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2467:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(type_info), sizeof(uint32_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2471:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, &(arg_size), sizeof(uint16_t));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2478:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, text, length);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2487:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, text, max_payload_str_msg);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2491:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((log->buffer) + log->size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2581:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dlt_user.dlt_ll_ts[i].injection_table, old, sizeof(DltUserInjectionCallback) * j);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2620:60: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char context_id[DLT_ID_SIZE],
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:3046:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(thread_data->header, header, header_len);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:3048:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(thread_data->payload, payload, payload_len);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:4089:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_USER_TEXT_LENGTH];
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:4241:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(delayed_log_level_changed_callback.contextID,
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:4316:41: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(delayed_inject_buffer, userbuffer, delayed_inject_data_length);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:4515:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(dlt_daemon_fifo, O_WRONLY | O_NONBLOCK);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:151:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*listdata, data, sizeof(DltLogStorageFilterConfig));
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:204:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp->key_list, keys, num_keys * DLT_OFFLINE_LOGSTORAGE_MAX_KEY_LEN);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:497:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curr_str[DLT_OFFLINE_LOGSTORAGE_MAX_KEY_LEN + 1] = { 0 };
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:529:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curr_str[DLT_OFFLINE_LOGSTORAGE_MAX_KEY_LEN + 1] = { 0 };
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:563:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curr_str[DLT_OFFLINE_LOGSTORAGE_MAX_KEY_LEN + 1] = { 0 };
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:596:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curr_str[DLT_OFFLINE_LOGSTORAGE_MAX_KEY_LEN + 1] = { 0 };
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:645:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curr_key[DLT_OFFLINE_LOGSTORAGE_MAX_KEY_LEN + 1] = { 0 };
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1436:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[DLT_CONFIG_FILE_ENTRY_MAX_LEN + 1] = { '\0' };
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1543:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sec_name[DLT_CONFIG_FILE_ENTRY_MAX_LEN + 1];
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1602:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_file_name[PATH_MAX] = {0};
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1807:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[DLT_CONFIG_FILE_SECTIONS_MAX][DLT_OFFLINE_LOGSTORAGE_MAX_KEY_LEN] =
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.h:213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_mount_point[DLT_MOUNT_PATH_MAX + 1]; /* Device mount path */
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:62:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_index[10] = { '\0' };
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:89:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stamp[DLT_OFFLINE_LOGSTORAGE_TIMESTAMP_LEN + 1] = { 0 };
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:110:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(log_file_name, ".dlt");
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:384:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char absolute_file_path[DLT_MOUNT_PATH_MAX + DLT_OFFLINE_LOGSTORAGE_CONFIG_DIR_PATH_LEN + 1] = { '\0' };
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:385:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char storage_path[DLT_OFFLINE_LOGSTORAGE_CONFIG_DIR_PATH_LEN + 1] = { '\0' };
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:390:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[DLT_MOUNT_PATH_MAX + 1] = { '\0' };
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:431:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
config->log = fopen(absolute_file_path, "a+");
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:461:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
config->log = fopen(absolute_file_path, "a+");
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:495:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
config->log = fopen(absolute_file_path, "a+");
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:1046:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(curr_write_addr, data1, size1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:1048:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(curr_write_addr, data2, size2);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:1050:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(curr_write_addr, data3, size3);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:1111:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(curr_write_addr, data1, size1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:1113:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(curr_write_addr, data2, size2);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:1115:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(curr_write_addr, data3, size3);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:66:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char dltSerialHeader[DLT_ID_SIZE] = { 'D', 'L', 'S', 1 };
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:67:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dltSerialHeaderChar[DLT_ID_SIZE] = { 'D', 'L', 'S', 1 };
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:70:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dltFifoBaseDir[DLT_PATH_MAX] = "/tmp";
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:74:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dltShmName[NAME_MAX + 1] = "/dlt-shm";
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:80:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char logging_filename[NAME_MAX + 1] = "";
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:272:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((((char *)ptr)[num] < DLT_COMMON_ASCII_CHAR_SPACE) || (((char *)ptr)[num] > DLT_COMMON_ASCII_CHAR_TILDE)) {
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:272:70: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((((char *)ptr)[num] < DLT_COMMON_ASCII_CHAR_SPACE) || (((char *)ptr)[num] > DLT_COMMON_ASCII_CHAR_TILDE)) {
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:277:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (((char *)ptr)[num] != DLT_COMMON_ASCII_CHAR_LT)
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:278:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
snprintf(*text, 2, "%c", ((char *)ptr)[num]);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:382:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[DLT_COMMON_BUFFER_LENGTH];
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:383:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE], ctid[DLT_ID_SIZE];
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:387:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
handle = fopen(filename, "r");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:450:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DLT_COMMON_BUFFER_LENGTH];
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:454:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
handle = fopen(filename, "w");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:499:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char empty_ctid[DLT_ID_SIZE] = "";
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:631:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer [DLT_COMMON_BUFFER_LENGTH];
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:978:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->headerbuffer + sizeof(DltStorageHeader), buffer, sizeof(DltStandardHeader));
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1008:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->headerbuffer + sizeof(DltStorageHeader) + sizeof(DltStandardHeader),
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1049:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->databuffer, buffer + (msg->headersize - sizeof(DltStorageHeader)), msg->datasize);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1062:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->headerextra.ecu,
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1067:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(msg->headerextra.seid), msg->headerbuffer + sizeof(DltStorageHeader) + sizeof(DltStandardHeader)
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1073:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(msg->headerextra.tmsp), msg->headerbuffer + sizeof(DltStorageHeader) + sizeof(DltStandardHeader)
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1090:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->headerbuffer + sizeof(DltStorageHeader) + sizeof(DltStandardHeader),
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1096:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->headerbuffer + sizeof(DltStorageHeader) + sizeof(DltStandardHeader)
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1104:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->headerbuffer + sizeof(DltStorageHeader) + sizeof(DltStandardHeader)
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1218:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dltSerialHeaderBuffer[DLT_ID_SIZE];
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1407:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file->handle = fopen(filename, "rb");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1454:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, file->index, file->counter * sizeof(long));
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1573:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, file->index, file->counter * sizeof(long));
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1759:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logging_handle = fopen(logging_filename, "a");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1799:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char asSeverity[LOG_DEBUG +
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1871:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outputString[2048] = { 0 }; /* TODO: what is a reasonable string length here? */
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2027:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(receiver->buf, receiver->backup_buf, receiver->lastBytesRcvd);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2092:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(receiver->backup_buf, receiver->buf, receiver->bytesRcvd);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2120:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, to_get);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2346:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->mem + *write, data, size);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2351:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->mem + *write, data, buf->size - *write);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2352:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->mem, data + buf->size - *write, size - buf->size + *write);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2367:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, buf->mem + *read, size);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2372:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, buf->mem + *read, buf->size - *read);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2373:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + buf->size - *read, buf->mem, size - buf->size + *read);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2429:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_ptr + sizeof(DltBufferHead), buf->mem + head->read, head->write - head->read);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2435:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_ptr + sizeof(DltBufferHead), buf->mem + head->read, buf->size - head->read);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2436:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_ptr + sizeof(DltBufferHead) + buf->size - head->read, buf->mem, head->write);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3309:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char binary[10] = { '\0' }; /* e.g.: "0b1100 0010" */
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3328:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char binary[20] = { '\0' }; /* e.g.: "0b1100 0010 0011 0110" */
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3659:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&value32f_tmp_int32i, &value32f_tmp, sizeof(float32_t));
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3662:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&value32f, &value32f_tmp_int32i_swaped, sizeof(float32_t));
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3684:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&value64f_tmp_int64i, &value64f_tmp, sizeof(float64_t));
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3687:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&value64f, &value64f_tmp_int64i_swaped, sizeof(float64_t));
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3826:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char get_log_info_tag[GET_LOG_INFO_LENGTH];
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3827:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char service_opt_str[SERVICE_OPT_LENGTH];
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3843:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*service_opt = atoi(service_opt_str);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3851:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num_work[5] = { 0 };
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3872:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num_work[3] = { 0 };
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3891:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number16[3] = {0};
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3966:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_MAX + 1];
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:4003:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[DLT_CONVERT_TEXTBUFSIZE] = { 0 };
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:4008:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *output = fopen(filename, "w+");
data/dlt-daemon-2.18.5/src/shared/dlt_config_file_parser.c:356:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[DLT_CONFIG_FILE_LINE_MAX_LEN] = { '\0' };
data/dlt-daemon-2.18.5/src/shared/dlt_config_file_parser.c:357:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = { '\0' };
data/dlt-daemon-2.18.5/src/shared/dlt_config_file_parser.c:358:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = { '\0' };
data/dlt-daemon-2.18.5/src/shared/dlt_config_file_parser.c:447:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((hdl = fopen(file_name, "r")) == NULL) {
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_index[11]; /* UINT_MAX = 4294967295 -> 10 digits */
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:157:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char d[2] = DLT_OFFLINETRACE_FILENAME_INDEX_DELI;
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX + 1];
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:188:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestamp[16];
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:214:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newest[NAME_MAX + 1] = { 0 };
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:215:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldest[NAME_MAX + 1] = { 0 };
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:233:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
trace->ohandle = open(file_path, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR |
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:248:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX + 1];
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:287:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX + 1];
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:288:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename_oldest[PATH_MAX + 1];
data/dlt-daemon-2.18.5/src/shared/dlt_shm.c:77:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
printf("%.2x\n", ((unsigned char *)ptr)[num]);
data/dlt-daemon-2.18.5/src/shared/dlt_shm.c:79:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
printf("%.2x ", ((unsigned char *)ptr)[num]);
data/dlt-daemon-2.18.5/src/shared/dlt_user_shared.h:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[DLT_ID_SIZE]; /**< This pattern should be DUH0x01 */
data/dlt-daemon-2.18.5/src/shared/dlt_user_shared.h:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE]; /**< application id */
data/dlt-daemon-2.18.5/src/shared/dlt_user_shared.h:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE]; /**< application id */
data/dlt-daemon-2.18.5/src/shared/dlt_user_shared.h:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE]; /**< application id */
data/dlt-daemon-2.18.5/src/shared/dlt_user_shared.h:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_ID_SIZE]; /**< context id */
data/dlt-daemon-2.18.5/src/shared/dlt_user_shared.h:123:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE]; /**< application id */
data/dlt-daemon-2.18.5/src/shared/dlt_user_shared.h:124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[DLT_ID_SIZE]; /**< context id */
data/dlt-daemon-2.18.5/src/shared/dlt_user_shared.h:154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[DLT_ID_SIZE]; /**< application id */
data/dlt-daemon-2.18.5/src/shared/dlt_user_shared.h:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[4]; /**< application which lost messages */
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_mode[8];
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:218:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
src_file = fopen(src, "r");
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:402:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[strlen(dp->d_name) - strlen(COMPRESS_EXTENSION) + 1];
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:680:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:701:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[INOTIFY_LEN];
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char real[DLT_SYSTEM_JOURNAL_BUFFER_SIZE];
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:70:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char monotonic[DLT_SYSTEM_JOURNAL_BUFFER_SIZE];
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_realtime[DLT_SYSTEM_JOURNAL_BUFFER_SIZE] = { 0 };
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_realtime_formatted[DLT_SYSTEM_JOURNAL_BUFFER_SIZE] = { 0 };
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_monotime[DLT_SYSTEM_JOURNAL_BUFFER_SIZE] = { 0 };
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char match[DLT_SYSTEM_JOURNAL_BOOT_ID_MAX_LENGTH] = "_BOOT_ID=";
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:210:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_process[DLT_SYSTEM_JOURNAL_BUFFER_SIZE] = { 0 },
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:317:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
systemd_loglevel = atoi(buffer_priority);
data/dlt-daemon-2.18.5/src/system/dlt-system-logfile.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/dlt-daemon-2.18.5/src/system/dlt-system-logfile.c:71:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pFile = fopen((*fileopt).Filename[n], "r");
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:202:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(file_name, "r");
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:251:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->Shell.Enable = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:257:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->Syslog.Enable = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:267:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->Syslog.Port = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:273:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->Journal.Enable = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:283:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->Journal.CurrentBoot = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:287:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->Journal.Follow = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:291:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->Journal.MapLogLevels = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:295:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->Journal.UseOriginalTimestamp = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:301:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->Filetransfer.Enable = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:311:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->Filetransfer.TimeStartup = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:315:50: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->Filetransfer.TimeDelay = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:319:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->Filetransfer.TimeoutBetweenLogs = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:335:80: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->Filetransfer.Compression[config->Filetransfer.Count] = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:339:85: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->Filetransfer.CompressionLevel[config->Filetransfer.Count] = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:356:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->LogFile.Enable = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:366:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->LogFile.Mode[config->LogFile.Count] = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:370:68: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->LogFile.TimeDelay[config->LogFile.Count] = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:393:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->LogProcesses.Enable = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:415:73: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->LogProcesses.Mode[config->LogProcesses.Count] = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:419:78: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config->LogProcesses.TimeDelay[config->LogProcesses.Count] = atoi(value);
data/dlt-daemon-2.18.5/src/system/dlt-system-process-handling.c:87:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/null", O_RDWR);
data/dlt-daemon-2.18.5/src/system/dlt-system-processes.c:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX];
data/dlt-daemon-2.18.5/src/system/dlt-system-processes.c:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/dlt-daemon-2.18.5/src/system/dlt-system-processes.c:87:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pFile = fopen(filename, "r");
data/dlt-daemon-2.18.5/src/system/dlt-system-processes.c:98:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pFile = fopen(filename, "r");
data/dlt-daemon-2.18.5/src/system/dlt-system-processes.c:106:72: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
DLT_LOG(procContext, DLT_LOG_INFO, DLT_INT(atoi(dp->d_name)),
data/dlt-daemon-2.18.5/src/system/dlt-system-shell.c:71:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[DLT_SHELL_COMMAND_MAX_LENGTH];
data/dlt-daemon-2.18.5/src/system/dlt-system-syslog.c:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recv_data[RECV_BUF_SZ];
data/dlt-daemon-2.18.5/src/system/dlt-system-watchdog.c:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[512];
data/dlt-daemon-2.18.5/src/system/dlt-system-watchdog.c:125:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
watchdogTimeoutSeconds = atoi(watchdogUSec);
data/dlt-daemon-2.18.5/src/system/dlt-system.h:125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Directory[DLT_SYSTEM_LOG_DIRS_MAX];
data/dlt-daemon-2.18.5/src/system/dlt-system.h:133:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ContextId[DLT_SYSTEM_LOG_FILE_MAX];
data/dlt-daemon-2.18.5/src/system/dlt-system.h:134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Filename[DLT_SYSTEM_LOG_FILE_MAX];
data/dlt-daemon-2.18.5/src/system/dlt-system.h:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Name[DLT_SYSTEM_LOG_PROCESSES_MAX];
data/dlt-daemon-2.18.5/src/system/dlt-system.h:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Filename[DLT_SYSTEM_LOG_PROCESSES_MAX];
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecuid[4];
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:236:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dltdata.bvalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:321:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dltdata.ohandle = open(dltdata.ovalue, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); /* mode: wb */
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:359:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_TESTCLIENT_TEXTBUFSIZE];
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1169:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chdr[10];
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1181:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdr[2048];
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1274:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chdr[10];
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1371:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chdr[10];
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1433:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chdr[10];
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:2193:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chdr[10];
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:2205:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdr[2048];
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:2298:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chdr[10];
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:2395:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chdr[10];
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:2457:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chdr[10];
data/dlt-daemon-2.18.5/src/tests/dlt-test-filetransfer.c:378:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/tests/dlt-test-init-free.c:124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[128] = { 0 };
data/dlt-daemon-2.18.5/src/tests/dlt-test-init-free.c:125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[128] = { 0 };
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process-client.c:88:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process-client.c:127:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->max_messages = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process-client.c:133:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->baudrate = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process-client.c:165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4];
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process-client.c:222:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
params.output_handle = open(params.output, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process-client.c:279:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[5];
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process-client.c:284:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(apid, msg->extendedheader->apid, 4);
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.c:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.c:152:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->nmsgs = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.c:155:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->nprocs = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.c:164:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->nthreads = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.c:173:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->nloglength = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.c:182:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->delay = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.c:185:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->delay_fudge = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.c:327:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[5];
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.c:328:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid_name[256];
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.c:386:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[5];
data/dlt-daemon-2.18.5/src/tests/dlt-test-multi-process.c:387:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid_name[256];
data/dlt-daemon-2.18.5/src/tests/dlt-test-non-verbose.c:59:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void dlt_user_log_level_changed_callback(char context_id[DLT_ID_SIZE],uint8_t log_level,uint8_t trace_status);
data/dlt-daemon-2.18.5/src/tests/dlt-test-non-verbose.c:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[DLT_COMMON_BUFFER_LENGTH];
data/dlt-daemon-2.18.5/src/tests/dlt-test-non-verbose.c:135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/dlt-daemon-2.18.5/src/tests/dlt-test-non-verbose.c:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/dlt-daemon-2.18.5/src/tests/dlt-test-non-verbose.c:355:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void dlt_user_log_level_changed_callback(char context_id[DLT_ID_SIZE],uint8_t log_level,uint8_t trace_status)
data/dlt-daemon-2.18.5/src/tests/dlt-test-non-verbose.c:357:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[5];
data/dlt-daemon-2.18.5/src/tests/dlt-test-non-verbose.c:360:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(text,context_id,DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/tests/dlt-test-non-verbose.c:416:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wait_timeout = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-client.c:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecuid[4];
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-client.c:130:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-client.c:256:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dltdata.bvalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-client.c:261:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dltdata.nvalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-client.c:346:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dltdata.ohandle = open(dltdata.ovalue, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); /* mode: wb */
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-client.c:384:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_TESTCLIENT_TEXTBUFSIZE];
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-user.c:101:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-user.c:147:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nvalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-user.c:152:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rvalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-user.c:157:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dvalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-user.c:162:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
svalue = atoi(optarg);
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress-user.c:231:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[size];
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress.c:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress.c:235:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[5];
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress.c:318:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[5];
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress.c:342:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[STRESS3_MAX_NUM_MESSAGES];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:82:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *loglevelstr[DLT_LOG_MAX] = {
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:186:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[5], ctdesc[255];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:238:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxnum = atoi(nvalue);
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:373:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:410:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:461:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:485:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:564:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:601:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024 * 5];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:638:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024 * 5];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:681:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[12];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:753:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:866:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:983:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:1034:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:1037:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log[DLT_USER_BUF_MAX_SIZE];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:1122:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:1171:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024 * 5];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:1221:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024 * 5];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:1279:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[12];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:1311:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/dlt-daemon-2.18.5/src/tests/dlt-test-user.c:1330:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/dlt-daemon-2.18.5/systemd/3rdparty/sd-daemon.c:398:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpath[PATH_MAX];
data/dlt-daemon-2.18.5/tests/dlt-test-cpp-extension.cpp:88:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(non_const_string, "non_const_string", 16);
data/dlt-daemon-2.18.5/tests/dlt_env_ll_unit_test.cpp:41:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4u];
data/dlt-daemon-2.18.5/tests/dlt_env_ll_unit_test.cpp:357:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[5] = "ABCD";
data/dlt-daemon-2.18.5/tests/dlt_env_ll_unit_test.cpp:358:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[5] = "1234";
data/dlt-daemon-2.18.5/tests/dlt_env_ll_unit_test.cpp:388:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apid[5] = "ABCD";
data/dlt-daemon-2.18.5/tests/dlt_env_ll_unit_test.cpp:389:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctid[5] = "1234";
data/dlt-daemon-2.18.5/tests/dlt_env_ll_unit_test.cpp:447:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result0[sizeof(res0)];
data/dlt-daemon-2.18.5/tests/dlt_env_ll_unit_test.cpp:457:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result1[sizeof(res1)];
data/dlt-daemon-2.18.5/tests/dlt_env_ll_unit_test.cpp:467:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result2[sizeof(res2)];
data/dlt-daemon-2.18.5/tests/dlt_env_ll_unit_test.cpp:477:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result3[sizeof(res3) + 5];
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ecuid[4];
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[255];
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:197:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dltdata.bvalue = atoi(optarg);
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:273:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dltdata.ohandle = open(dltdata.ovalue, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); /* mode: wb */
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:311:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_RECEIVE_BUFSIZE];
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:312:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[255];
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:338:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "w+");
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:361:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[3];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1562:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1563:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1604:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1605:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1631:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1632:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1633:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[128] = "/tmp/output_testfile.txt";
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1653:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1654:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1655:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[128] = "/tmp/output_testfile.txt";
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1684:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1687:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1688:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1746:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1749:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1750:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1782:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1785:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1786:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1791:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfilter[117];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1834:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1837:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1838:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1896:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1899:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1900:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1933:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1936:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1937:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1942:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfilter[117];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1985:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1988:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1989:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2047:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2050:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2051:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2084:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2087:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2088:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2093:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfilter[117];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2136:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2139:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2198:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2201:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2202:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2235:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2239:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2244:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfilter[117];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2286:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2289:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2290:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2348:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2351:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2352:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2384:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2387:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2388:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2393:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfilter[117];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2439:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2440:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2445:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfilter[117];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2508:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2509:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2514:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfilter[117];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2538:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2539:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2608:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2611:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2612:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2673:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2676:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2677:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2726:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2729:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2730:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2881:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2884:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:2885:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3124:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3128:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3181:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3184:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3187:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3222:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3333:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3334:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3402:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3403:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3450:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3451:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3478:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3479:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3485:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3570:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[100];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3571:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char openfile[114];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3577:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3833:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3850:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text1[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3858:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[3] = { '\0' };
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3872:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text2[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3880:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[3] = { '\0' };
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3942:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text5[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3957:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text1[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3963:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text2[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3969:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text3[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3975:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text4[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:4005:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text9[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:4024:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text1[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:4031:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text2[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:4058:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text5[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:4075:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:4095:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[DLT_DAEMON_TEXTSIZE];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:4111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ver[255];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:4138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ver[DLT_USER_MAX_LIB_VERSION_LENGTH];
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:4166:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ver[DLT_USER_MAX_LIB_VERSION_LENGTH];
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:257:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[5];
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:730:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[255] = "TEST dlt_daemon_context_add";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:765:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[255] = "TEST dlt_daemon_context_add";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:897:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[255] = "TEST dlt_daemon_context_add";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:935:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[255] = "TEST dlt_daemon_context_add";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:1025:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[255] = "TEST dlt_daemon_context_add";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:1067:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[255] = "TEST dlt_daemon_context_add";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:1084:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char no_apid[1] = "";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:1103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char no_ctid[1] = "";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:1175:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[255] = "TEST dlt_daemon_context_add";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:1245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[255] = "TEST dlt_daemon_context_add";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:1317:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[255] = "TEST dlt_daemon_context_add";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:1405:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[255] = "TEST dlt_daemon_context_add";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:1561:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[255] = "TEST dlt_daemon_context_add";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:1652:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[DLT_DAEMON_COMMON_TEXTBUFSIZE + 1];
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_event_handler.cpp:679:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&serv_addr.sin_addr.s_addr,
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_event_handler.cpp:709:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256] = {};
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_address[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "10.113.100.100";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "10.113.100.100";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "134dltgatway";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "1,2,3,4,5";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:230:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "1:5,2:10";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:246:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "3490";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:256:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "9999999999";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:272:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "ECU2";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:288:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "OnStartup";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:298:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "wrong_parameter";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:314:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "10";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:324:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "-1";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:441:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.databuffer, &sid, sizeof(uint32_t));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:444:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.databuffer + offset, &status, sizeof(int8_t));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:447:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.databuffer + offset, &count_app_ids, sizeof(uint16_t));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:453:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.databuffer + offset, &count_context_ids, sizeof(uint16_t));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:459:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.databuffer + offset, &log_level, sizeof(int8_t));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:462:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.databuffer + offset, &trace_status, sizeof(int8_t));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:466:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.databuffer + offset, &len_con, sizeof(uint16_t));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:469:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.databuffer + offset, context_description, strlen(context_description));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:473:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.databuffer + offset, &len_app, sizeof(uint16_t));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:476:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.databuffer + offset, app_description, strlen(app_description));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:578:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_id[DLT_ID_SIZE] = "123";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:597:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_id[DLT_ID_SIZE] = "123";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:615:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_id[DLT_ID_SIZE] = "123";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:622:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value_1[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "10.11.22.33";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:623:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value_2[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "3490";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:641:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value_1[DLT_CONFIG_FILE_ENTRY_MAX_LEN] = "10.11.22.33";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:664:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gatewayConfigFile[DLT_DAEMON_FLAG_MAX];
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:701:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_file_name[DLT_MOUNT_PATH_MAX] = { '\0' };
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1012:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data1[10] = "dlt_data1";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1013:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data2[10] = "dlt_data2";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1014:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data3[10] = "dlt_dat3";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[255] = "TEST dlt_logstorage_update_context";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1157:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[255] = "TEST dlt_logstorage_update_context_loglevel";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1575:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data1[10] = "dlt_data0";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1576:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data2[10] = "dlt_data1";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1577:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data3[10] = "dlt_data2";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1629:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data1[10] = "dlt_dataA";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1630:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data2[10] = "dlt_dataB";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1631:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data3[10] = "dlt_dataC";
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1661:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&serv_addr.sin_addr.s_addr,
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1672:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024];
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1680:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sockfd = open(filename, O_RDWR | O_CLOEXEC);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1702:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3090:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text1[6] = "test1";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3092:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text2[1] = "";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text1[6] = "test1";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text1[6] = "test1";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text2[1] = "";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[length];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text1[6] = "test1";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3238:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char text1[6] = "test1";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3246:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char text2[1] = "";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[length];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3297:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text1[6] = "test1";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3318:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char text1[6] = "test1";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3327:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char text2[1] = "";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3357:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[length];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3388:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text1[6] = "test1";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3410:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char text1[6] = "test1";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3419:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char text2[1] = "";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3449:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[length];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3480:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text1[6] = "test1";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3660:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[5] = "test";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3685:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[length];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:3723:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[5] = "test";
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:4185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[16];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:4190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char payload[32];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:4248:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[16];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:4253:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char payload[32];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:4280:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[16];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:4285:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char payload[32];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:4347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[16];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:4352:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char payload[32];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:4381:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[16];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:4386:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char payload[32];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:4446:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[16];
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:4451:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char payload[32];
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:2326:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int length = strlen(ansi);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:2986:34: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
num_chars = static_cast<int>(wcslen(str));
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:4740:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
segment = next_segment + strlen("]]>");
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:4905:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result.reserve(strlen(str) + 1);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:6148:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t prefix_len = strlen(prefix);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:8385:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t full_regex_len = strlen(regex) + 10;
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:8639:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(regex);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:9328:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PrintCharsAsStringTo(s, strlen(s), os);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest-all.cc:9345:29: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PrintCharsAsStringTo(s, wcslen(s), os);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest.h:2869:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
return strncpy(dest, src, n);
data/dlt-daemon-2.18.5/gtest-1.7.0/fused-src/gtest/gtest.h:2891:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return static_cast<int>(read(fd, buf, count));
data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-port.h:1762:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
return strncpy(dest, src, n);
data/dlt-daemon-2.18.5/gtest-1.7.0/include/gtest/internal/gtest-port.h:1784:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return static_cast<int>(read(fd, buf, count));
data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample2.cc:42:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(a_c_string);
data/dlt-daemon-2.18.5/gtest-1.7.0/samples/sample2.h:77:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return c_string_ == NULL ? 0 : strlen(c_string_);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-port.cc:175:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t full_regex_len = strlen(regex) + 10;
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-port.cc:429:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(regex);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-printers.cc:315:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PrintCharsAsStringTo(s, strlen(s), os);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest-printers.cc:332:29: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PrintCharsAsStringTo(s, wcslen(s), os);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:842:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int length = strlen(ansi);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:1502:34: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
num_chars = static_cast<int>(wcslen(str));
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:3256:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
segment = next_segment + strlen("]]>");
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:3421:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result.reserve(strlen(str) + 1);
data/dlt-daemon-2.18.5/gtest-1.7.0/src/gtest.cc:4664:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t prefix_len = strlen(prefix);
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-filepath_test.cc:524:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (temp_dir[strlen(temp_dir) - 1] == '\\')
data/dlt-daemon-2.18.5/gtest-1.7.0/test/gtest-printers_test.cc:874:20: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
EXPECT_TRUE(std::equal(a, a + kSize, numbers.begin()));
data/dlt-daemon-2.18.5/gtest-1.7.0/xcode/Samples/FrameworkSample/widget.cc:60:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, name_.c_str(), max_size-1);
data/dlt-daemon-2.18.5/include/dlt/dlt_common.h:791:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read;
data/dlt-daemon-2.18.5/src/android/dlt-logd-converter.cpp:172:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auto message = tag+strlen(tag)+1;
data/dlt-daemon-2.18.5/src/console/dlt-control-common.c:117:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(local_ecuid, ecuid_conf, DLT_CTRL_ECUID_LEN);
data/dlt-daemon-2.18.5/src/console/dlt-control-common.c:127:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(local_ecuid, ecuid, DLT_CTRL_ECUID_LEN);
data/dlt-daemon-2.18.5/src/console/dlt-control-common.c:170:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(line, config_id, strlen(config_id)) == 0) {
data/dlt-daemon-2.18.5/src/console/dlt-control-common.c:177:29: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(token, pch, sizeof(token) - 1);
data/dlt-daemon-2.18.5/src/console/dlt-control-common.c:181:29: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, pch, sizeof(value) - 1);
data/dlt-daemon-2.18.5/src/console/dlt-control.c:346:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dltdata.avalue) > DLT_ID_SIZE) {
data/dlt-daemon-2.18.5/src/console/dlt-control.c:357:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dltdata.cvalue) > DLT_ID_SIZE) {
data/dlt-daemon-2.18.5/src/console/dlt-control.c:563:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(dltdata.mvalue)) != DLT_RETURN_OK)
data/dlt-daemon-2.18.5/src/console/dlt-passive-node-ctrl.c:116:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(g_options.node_id, id, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/console/dlt-passive-node-ctrl.c:185:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(answer, resp_ok, strlen(resp_ok)) == 0) {
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:151:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(arg) - 1; ++i)
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:158:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((arg[strlen(arg) - 1] == 'K') || (arg[strlen(arg) - 1] == 'k')) {
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:158:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((arg[strlen(arg) - 1] == 'K') || (arg[strlen(arg) - 1] == 'k')) {
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:161:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ((arg[strlen(arg) - 1] == 'M') || (arg[strlen(arg) - 1] == 'm'))
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:161:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ((arg[strlen(arg) - 1] == 'M') || (arg[strlen(arg) - 1] == 'm'))
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:165:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ((arg[strlen(arg) - 1] == 'G') || (arg[strlen(arg) - 1] == 'g'))
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:165:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ((arg[strlen(arg) - 1] == 'G') || (arg[strlen(arg) - 1] == 'g'))
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:169:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!isdigit(arg[strlen(arg) - 1]))
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:242:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int cur = atoi(&inner.gl_pathv[i][strlen(dltdata->ovaluebase) + 1]);
data/dlt-daemon-2.18.5/src/console/dlt-receive.c:361:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t to_copy = strlen(dltdata.ovalue);
data/dlt-daemon-2.18.5/src/console/dlt-sortbytimestamp.c:100:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snow[strlen(snow) - 1] = 0;
data/dlt-daemon-2.18.5/src/console/dlt-sortbytimestamp.c:105:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(msg);
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-common.c:120:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(g_options.device_path, path, DLT_MOUNT_PATH_MAX - 1);
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-common.c:212:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(files[i]->d_name, CONF_NAME, strlen(CONF_NAME)) == 0) {
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-common.c:292:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(serv->mount_point, path, DLT_MOUNT_PATH_MAX - 1);
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-ctrl.c:182:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(data, resp_ok, strlen(resp_ok)) == 0)
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-ctrl.c:185:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(data, resp_warning, strlen(resp_warning)) == 0) {
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-ctrl.c:190:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(data, resp_perm_denied, strlen(resp_perm_denied)) == 0) {
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-ctrl.c:447:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((optarg != NULL) && (strlen(optarg) >= DLT_MOUNT_PATH_MAX)) {
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-ctrl.c:470:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg) >= DLT_MOUNT_PATH_MAX) {
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-list.c:159:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path_len = strlen(path);
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-udev.c:101:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(ent->mnt_fsname, dev_node, strlen(ent->mnt_fsname)) == 0) {
data/dlt-daemon-2.18.5/src/console/logstorage/dlt-logstorage-udev.c:110:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mnt_point))
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.c:123:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(proc->threadname, argv[4], sizeof(proc->threadname) - 1);
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh.c:126:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(proc->name, argv[4], sizeof(proc->name) - 1);
data/dlt-daemon-2.18.5/src/core_dump_handler/dlt_cdh_context.c:65:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p_exec_name, l_name_ptr + 1, p_exec_name_maxsize - 1);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:151:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(dltShmName, "/dlt-shm", NAME_MAX);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:171:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->flags.cvalue, optarg, NAME_MAX);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:185:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dltShmName, optarg, NAME_MAX);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:235:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->flags.dltShmName, dltShmName, NAME_MAX);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:298:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->flags.ctrlSockPath,
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:304:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(DLT_USER_IPC_PATH) > DLT_IPC_PATH_MAX)
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:312:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->flags.gatewayConfigFile,
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:321:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->UDPMulticastIPAddress, MULTICASTIPADDRESS, MULTICASTIP_MAX_SIZE - 1);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:348:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(token, pch, sizeof(token) - 1);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:352:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, pch, sizeof(value) - 1);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:413:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->flags.yvalue, value, NAME_MAX);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:419:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->flags.bvalue, value, NAME_MAX);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:425:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->flags.evalue, value, NAME_MAX);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:431:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->flags.ivalue, value, NAME_MAX);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:447:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->flags.loggingFilename,
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:481:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->flags.offlineTraceDirectory, value,
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:509:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->flags.pathToECUSoftwareVersion, value,
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:526:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->flags.offlineLogstorageDirPath,
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:545:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_local->flags.offlineLogstorageMaxCounterIdx = strlen(value);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:560:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:576:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:631:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->flags.daemonFifoGroup, value, NAME_MAX);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:654:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->UDPMulticastIPAddress, value,
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:678:33: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon_local->flags.ipNodes->ip,
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:695:41: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(newNode->ip, tok, sizeof(newNode->ip) - 1);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:1181:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:1611:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(DLT_DAEMON_UMASK);
data/dlt-daemon-2.18.5/src/daemon/dlt-daemon.c:1675:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uiSize = strlen(str) + 1;
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:750:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(daemon->ECUVersionString);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:974:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
resp.datasize += strlen(context->context_description); /* context_description */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:995:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
resp.datasize += strlen(context->context_description); /* context_description */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1005:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
resp.datasize += strlen(application->application_description); /* app_description */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1015:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(user_list->contexts[i].context_description);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1022:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
resp.datasize += strlen(user_list->applications[i].application_description); /* app_description */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1154:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(context->context_description);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1158:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(context->context_description));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1159:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset += strlen(context->context_description);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1182:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(application->application_description);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1186:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(application->application_description));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1187:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset += strlen(application->application_description);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1703:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(src_str, context->apid, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1705:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(src_str, context->ctid, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1747:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
apid_length = strlen(apid);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1748:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctid_length = strlen(ctid);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1876:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(src_str, context->apid, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1878:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(src_str, context->ctid, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1920:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
apid_length = strlen(apid);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:1921:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctid_length = strlen(ctid);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:2262:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(receiver->fd, &expir, sizeof(expir));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:2307:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(receiver->fd, &expir, sizeof(expir));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:2359:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(receiver->fd, &expir, sizeof(expir));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:2436:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req->mount_point, strlen(req->mount_point)) == 0) {
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_client.c:2449:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(req->mount_point) == 0)) {
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:159:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon->runtime_application_cfg, runtime_directory, append_length);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:163:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon->runtime_application_cfg, DLT_RUNTIME_DEFAULT_DIRECTORY, append_length);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:172:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon->runtime_context_cfg, runtime_directory, append_length);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:176:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon->runtime_context_cfg, DLT_RUNTIME_DEFAULT_DIRECTORY, append_length);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:185:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon->runtime_configuration, runtime_directory, append_length);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:189:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(daemon->runtime_configuration, DLT_RUNTIME_DEFAULT_DIRECTORY, append_length);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:479:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
application->application_description = malloc(strlen(description) + 1);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:482:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(application->application_description, description, strlen(description) + 1);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:868:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
context->context_description = malloc(strlen(description) + 1);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:871:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(context->context_description, description, strlen(description) + 1);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:1284:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(token, pch, sizeof(token) - 1);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_common.c:1288:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, pch, sizeof(value) - 1);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:79:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ctid, (key + 2), (len - 1));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:104:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(apid, key + 1, (len - 2));
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:135:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(apid, tok, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:142:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ctid, tok, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:176:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ecuid, tok, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:183:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(apid, tok, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:221:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tok);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:224:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ecuid, tok, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:229:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ctid, tok, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:234:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ecuid, tok, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:236:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(apid, tok, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:238:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ctid, tok, DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:267:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(key);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:813:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key, ((*tmp)->key_list
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:907:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key, ((*tmp)->key_list
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:1156:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mnt_point) > 0) { /* mount point is given */
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:1216:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(mnt_point);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_offline_logstorage.c:1219:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(daemon->storage_handle[i].device_mount_point);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_unix_socket.c:64:16: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
old_mask = umask(mask);
data/dlt-daemon-2.18.5/src/daemon/dlt_daemon_unix_socket.c:77:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_mask);
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:81:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
options->BusType = malloc(strlen(optarg) + 1);
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:88:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
options->ApplicationId = malloc(strlen(optarg) + 1);
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:95:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
options->ConfigurationFileName = malloc(strlen(optarg) + 1);
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:171:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(filter, filterBegin + 1, filterEnd - filterBegin - 1);
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:186:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(token, pch, MAX_LINE - 1);
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:190:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, pch, MAX_LINE);
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:201:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->ApplicationId = malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:208:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->DBus.ContextId = malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:215:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->DBus.BusType = malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/dbus/dlt-dbus-options.c:223:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->DBus.FilterMatch[config->DBus.FilterCount] = malloc(strlen(filter) + 1);
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:168:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
options->configurationFileName = (char *)malloc(strlen(optarg)+1);
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:256:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(token, pch, MAX_LINE-1);
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:261:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, pch, MAX_LINE);
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:274:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->applicationId = (char *)malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:284:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->applicationContextId = (char *)malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/dlt-qnx-system/dlt-qnx-system.c:299:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->qnxslogger2.contextId = (char *)malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/gateway/dlt_gateway.c:163:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(value, "OnStartup", strlen("OnStartup")) == 0) {
data/dlt-daemon-2.18.5/src/gateway/dlt_gateway.c:166:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncasecmp(value, "OnDemand", strlen("OnDemand")) == 0)
data/dlt-daemon-2.18.5/src/gateway/dlt_gateway.c:303:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value) == 0)
data/dlt-daemon-2.18.5/src/gateway/dlt_gateway.c:370:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value) == 0)
data/dlt-daemon-2.18.5/src/gateway/dlt_gateway.c:386:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p_token != NULL) && (strlen(p_token) != 0)) {
data/dlt-daemon-2.18.5/src/gateway/dlt_gateway.c:1361:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(header->ecu, con->ecuid, strlen(con->ecuid)) == 0) {
data/dlt-daemon-2.18.5/src/gateway/dlt_gateway.c:1500:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(receiver->fd, &expir, sizeof(expir));
data/dlt-daemon-2.18.5/src/gateway/dlt_gateway.c:1542:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(gateway->connections[i].ecuid)) == 0) {
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-common.c:42:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*target = malloc(strlen(buffer) + 1)) == NULL) {
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-common.c:47:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(*target, buffer, strlen(buffer) + 1);
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-interrupt.c:48:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(token) > 3) && (token[0] == 'C') && (token[1] == 'P') && (token[2] == 'U')) {
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-interrupt.c:64:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int tokenlen = strlen(token);
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-options.c:74:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((options->configurationFileName = malloc(strlen(optarg) + 1)) == 0) {
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-options.c:159:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(token, pch, COMMAND_LINE_SIZE - 1);
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-options.c:163:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, pch, COMMAND_LINE_SIZE - 1);
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-process.c:217:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(new_process->command_line) == 0) {
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-process.c:245:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_process->command_line = malloc(strlen(original->command_line) + 1);
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-process.c:253:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new_process->command_line, original->command_line, strlen(original->command_line) + 1);
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-process.c:253:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(new_process->command_line, original->command_line, strlen(original->command_line) + 1);
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-process.c:408:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*buffer) = malloc(strlen(tok) + 1);
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-process.c:409:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*buffer, tok, strlen(tok) + 1);
data/dlt-daemon-2.18.5/src/kpi/dlt-kpi-process.c:409:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(*buffer, tok, strlen(tok) + 1);
data/dlt-daemon-2.18.5/src/lib/dlt_env_ll.c:120:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char result[strlen("verbose") + 1];
data/dlt-daemon-2.18.5/src/lib/dlt_filetransfer.c:107:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int len = strlen(str);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:247:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(remote.sun_path, dltSockBaseDir, sizeof(remote.sun_path));
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:249:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(DLT_USER_IPC_PATH) > DLT_IPC_PATH_MAX)
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:429:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(appid, dlt_user.appID, 4);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:872:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = read(dlt_user.dlt_log_handle, dlt_user.resend_buffer, dlt_user.log_buf_len);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1039:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t desc_len = strlen(description);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1043:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dlt_user.application_description, description, desc_len + 1);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1220:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t desc_len = strlen(description);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:1228:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ctx_entry->context_description, description, desc_len + 1);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2381:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2512:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t length = strlen(text);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2931:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read < 0) {
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2944:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read != sizeof(s_segmented_data *)) {
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:2948:96: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dlt_vlog(LOG_WARNING, "NWTSegmented: Could not read data fully from queue: %zd\n", read);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:3808:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
usercontext.description_length = strlen(dlt_user.application_description);
data/dlt-daemon-2.18.5/src/lib/dlt_user.c:3897:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
usercontext.description_length = strlen(log->context_description);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:343:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(value);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:362:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tok);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:365:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((*names + y), tok, len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:368:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy((*names + y + len), ",", 2);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:402:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(value);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:472:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(((*list) + ((*numids) * (DLT_ID_SIZE + 1))), token,
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:501:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(curr_str, ecuid, strlen(ecuid));
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:501:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(curr_str, ecuid, strlen(ecuid));
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:502:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(curr_str, "::", 2);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:505:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(curr_str, "::", 2);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:508:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curr_len = strlen(ctid);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:509:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(curr_str, ctid, curr_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:510:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curr_len = strlen(curr_str);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:512:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key, curr_str, curr_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:533:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(curr_str, ecuid, strlen(ecuid));
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:533:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(curr_str, ecuid, strlen(ecuid));
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:534:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(curr_str, ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:537:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(curr_str, ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:540:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curr_len = strlen(apid);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:541:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(curr_str, apid, curr_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:542:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(curr_str, ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:543:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curr_len = strlen(curr_str);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:545:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key, curr_str, curr_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:567:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(curr_str, ecuid, strlen(ecuid));
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:567:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(curr_str, ecuid, strlen(ecuid));
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:568:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(curr_str, ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:571:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(curr_str, ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:574:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curr_len = strlen(apid);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:575:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(curr_str, apid, curr_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:576:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(curr_str, ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:578:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curr_len = strlen(ctid);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:579:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(curr_str, ctid, curr_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:580:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curr_len = strlen(curr_str);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:582:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key, curr_str, curr_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:598:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(curr_str, ecuid, strlen(ecuid));
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:598:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(curr_str, ecuid, strlen(ecuid));
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:599:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(curr_str, "::", 2);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:601:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key, curr_str, strlen(curr_str));
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:601:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(key, curr_str, strlen(curr_str));
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:660:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*keys, curr_key, strlen(curr_key));
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:660:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(*keys, curr_key, strlen(curr_key));
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:708:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((*keys + (num_currkey * DLT_OFFLINE_LOGSTORAGE_MAX_KEY_LEN)),
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:709:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curr_key, strlen(curr_key));
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:825:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int config_sec_len = strlen(DLT_OFFLINE_LOGSTORAGE_CONFIG_SECTION);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:826:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int storage_sec_len = strlen(DLT_OFFLINE_LOGSTORAGE_NONVERBOSE_STORAGE_SECTION);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:827:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int control_sec_len = strlen(DLT_OFFLINE_LOGSTORAGE_NONVERBOSE_CONTROL_SECTION);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:832:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1014:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(value);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1026:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(config->file_name, value, len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1136:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(value);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1142:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(config->ecuid, value, len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1371:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int config_sec_len = strlen(DLT_OFFLINE_LOGSTORAGE_CONFIG_SECTION);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1372:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int storage_sec_len = strlen(DLT_OFFLINE_LOGSTORAGE_NONVERBOSE_STORAGE_SECTION);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1373:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int control_sec_len = strlen(DLT_OFFLINE_LOGSTORAGE_NONVERBOSE_CONTROL_SECTION);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1671:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(handle->device_mount_point, mount_point, DLT_MOUNT_PATH_MAX);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1833:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ecuid_len = strlen(ecuid);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1840:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key[0], ecuid, ecuid_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1841:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(key[0], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1842:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(key[0], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1849:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
apid_len = strlen(apid);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1854:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctid_len = strlen(ctid);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1860:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(key[0], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1861:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(key[0], apid, apid_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1862:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(key[0], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1865:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(key[1], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1866:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(key[1], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1867:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(key[1], ctid, ctid_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1870:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(key[2], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1871:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(key[2], apid, apid_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1872:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(key[2], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1873:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(key[2], ctid, ctid_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1876:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key[3], ecuid, ecuid_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1877:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(key[3], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1878:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(key[3], apid, apid_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1879:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(key[3], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1880:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(key[3], ctid, ctid_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1883:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key[4], ecuid, ecuid_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1884:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(key[4], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1885:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(key[4], apid, apid_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1886:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(key[4], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1889:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key[5], ecuid, ecuid_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1890:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(key[5], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1891:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(key[5], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1892:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(key[5], ctid, ctid_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1895:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key[6], ecuid, ecuid_len);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1896:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(key[6], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage.c:1897:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(key[6], ":", 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:67:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(log_file_name, &file_config->logfile_delimiter, 1);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:76:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
digit_idx = strlen(file_index);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:81:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(log_file_name, "0");
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:220:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename_len = strlen(file) - strlen(filename);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:220:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename_len = strlen(file) - strlen(filename);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:224:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fileindex_len = strlen(file) -
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:229:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idx = (int)strtol(&file[strlen(file) -
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:237:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fileindex_len = strlen(file) -
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:241:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idx = (int)strtol(&file[strlen(file) -
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:308:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(config->file_name);
data/dlt-daemon-2.18.5/src/offlinelogstorage/dlt_offline_logstorage_behavior.c:395:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dev_path) > DLT_OFFLINE_LOGSTORAGE_CONFIG_DIR_PATH_LEN) {
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:105:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void dlt_buffer_read_block(DltBuffer *buf, int *read, unsigned char *data, unsigned int size);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:303:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = ((strlen(id) <= DLT_ID_SIZE) ? strlen(id) : DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:303:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = ((strlen(id) <= DLT_ID_SIZE) ? strlen(id) : DLT_ID_SIZE);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:655:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%10u ", msg->headerextra.tmsp);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:655:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%10u ", msg->headerextra.tmsp);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:657:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "---------- ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:657:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "---------- ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:662:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%.3d ", msg->standardheader->mcnt);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:662:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%.3d ", msg->standardheader->mcnt);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:667:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dlt_print_id(text + strlen(text), msg->headerextra.ecu);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:669:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dlt_print_id(text + strlen(text), msg->storageheader->ecu);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:675:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), " ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:675:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), " ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:678:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dlt_print_id(text + strlen(text), msg->extendedheader->apid);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:680:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "----");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:680:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "----");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:682:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), " ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:682:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), " ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:687:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dlt_print_id(text + strlen(text), msg->extendedheader->ctid);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:689:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "----");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:689:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "----");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:691:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), " ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:691:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), " ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:697:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%s",
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:697:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%s",
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:699:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), " ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:699:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), " ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:704:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%s",
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:704:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%s",
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:708:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%s",
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:708:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%s",
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:712:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%s",
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:712:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%s",
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:716:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%s",
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:716:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%s",
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:719:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), " ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:719:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), " ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:725:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "V");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:725:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "V");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:727:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "N");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:727:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "N");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:729:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), " ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:729:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), " ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:734:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%d", msg->extendedheader->noar);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:734:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%d", msg->extendedheader->noar);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:738:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "--- ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:738:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "--- ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:741:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "--- ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:741:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "--- ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:744:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "N ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:744:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "N ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:747:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "-");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:747:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "-");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:821:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%s",
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:821:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%s",
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:825:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "service(%u)", id); /* service id */
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:825:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "service(%u)", id); /* service id */
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:828:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), ", ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:828:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), ", ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:831:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%u, ", id); /* message id */
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:831:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%u, ", id); /* message id */
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:840:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%s", return_type[retval]);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:840:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%s", return_type[retval]);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:842:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%.2x", retval);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:842:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%.2x", retval);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:845:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), ", ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:845:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), ", ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:850:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = dlt_print_hex_string(text + strlen(text),
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:851:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
textlength - strlen(
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:858:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((textlength - strlen(text)) > 4))
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:859:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), " ...");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:859:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), " ...");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:862:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = dlt_print_hex_string(text + strlen(text), textlength - strlen(text), ptr, datalength);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:862:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = dlt_print_hex_string(text + strlen(text), textlength - strlen(text), ptr, datalength);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:876:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_offset = (int)strlen(text);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:885:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_offset = (int)strlen(text);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1728:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(logging_filename, filename, NAME_MAX);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1735:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dltFifoBaseDir, pipe_dir, DLT_PATH_MAX);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:1743:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dltShmName, env_shm_name, NAME_MAX);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2040:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
receiver->bytesRcvd = read(receiver->fd,
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2361:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void dlt_buffer_read_block(DltBuffer *buf, int *read, unsigned char *data, unsigned int size)
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2364:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((buf != NULL) && (read != NULL) && (data != NULL)) {
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2367:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(data, buf->mem + *read, size);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2372:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(data, buf->mem + *read, buf->size - *read);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2372:57: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(data, buf->mem + *read, buf->size - *read);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2373:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(data + buf->size - *read, buf->mem, size - buf->size + *read);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2373:76: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(data + buf->size - *read, buf->mem, size - buf->size + *read);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2428:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (head->read < head->write) {
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2429:66: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(new_ptr + sizeof(DltBufferHead), buf->mem + head->read, head->write - head->read);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2429:92: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(new_ptr + sizeof(DltBufferHead), buf->mem + head->read, head->write - head->read);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2431:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
new_head->write = head->write - head->read;
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2435:66: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(new_ptr + sizeof(DltBufferHead), buf->mem + head->read, buf->size - head->read);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2435:90: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(new_ptr + sizeof(DltBufferHead), buf->mem + head->read, buf->size - head->read);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2436:68: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
memcpy(new_ptr + sizeof(DltBufferHead) + buf->size - head->read, buf->mem, head->write);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2543:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int write, read, count;
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2562:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((read > buf->size) || (write > buf->size)) {
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2565:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
__func__, read, write, buf->size);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2571:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read > write)
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2573:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
else if (count && (write == read))
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2576:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
free_size = buf->size - write + read;
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2592:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(head.head, DLT_BUFFER_HEAD, 4);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2620:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int write, read, count;
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2640:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((read > buf->size) || (write > buf->size) || (count < 0)) {
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2643:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
__func__, read, write, count, buf->size);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2650:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (write != read) {
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2653:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
__func__, read, write);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2661:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (write > read)
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2662:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
used_size = write - read;
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2676:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dlt_buffer_read_block(buf, &read, (unsigned char *)&head, sizeof(DltBufferBlockHead));
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2710:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dlt_buffer_read_block(buf, &read, data, head.size);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2714:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
((int *)(buf->shm))[1] = read; /* set new read pointer */
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2765:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int write, read, count;
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2783:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
write, read, count);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2797:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int write, read, count;
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2814:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (write > read)
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:2815:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return write - read;
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3314:21: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(binary, " ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3333:21: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(binary, " ");
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3384:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%08x", value32u);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3384:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(text + strlen(text), textlength - strlen(text), "%08x", value32u);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3834:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(get_log_info_tag, "get_log_info", strlen("get_log_info"));
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3834:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(get_log_info_tag, "get_log_info", strlen("get_log_info"));
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3971:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, dir, PATH_MAX);
data/dlt-daemon-2.18.5/src/shared/dlt_common.c:3972:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp);
data/dlt-daemon-2.18.5/src/shared/dlt_config_file_parser.c:155:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(file->sections[section].name, name, DLT_CONFIG_FILE_ENTRY_MAX_LEN);
data/dlt-daemon-2.18.5/src/shared/dlt_config_file_parser.c:186:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&s->keys[key_number * DLT_CONFIG_FILE_ENTRY_MAX_LEN], str1, DLT_CONFIG_FILE_ENTRY_MAX_LEN);
data/dlt-daemon-2.18.5/src/shared/dlt_config_file_parser.c:292:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str1, ptr, DLT_CONFIG_FILE_ENTRY_MAX_LEN - 1);
data/dlt-daemon-2.18.5/src/shared/dlt_config_file_parser.c:301:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str2, ptr, DLT_CONFIG_FILE_ENTRY_MAX_LEN - 1);
data/dlt-daemon-2.18.5/src/shared/dlt_config_file_parser.c:432:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((file_name == NULL) || (strlen(file_name) >= DLT_CONFIG_FILE_PATH_MAX_LEN)) {
data/dlt-daemon-2.18.5/src/shared/dlt_config_file_parser.c:497:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, (file->sections + num)->name, DLT_CONFIG_FILE_ENTRY_MAX_LEN);
data/dlt-daemon-2.18.5/src/shared/dlt_config_file_parser.c:541:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, (*tmp)->data, DLT_CONFIG_FILE_ENTRY_MAX_LEN);
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:89:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(file_name);
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:95:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tmp_old == NULL) || (strlen(tmp_old) >= strlen(files[i]->d_name))) {
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:95:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tmp_old == NULL) || (strlen(tmp_old) >= strlen(files[i]->d_name))) {
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:99:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(tmp_old) > strlen(files[i]->d_name))
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:99:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(tmp_old) > strlen(files[i]->d_name))
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:106:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tmp_new == NULL) || (strlen(tmp_new) <= strlen(files[i]->d_name))) {
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:106:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tmp_new == NULL) || (strlen(tmp_new) <= strlen(files[i]->d_name))) {
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:110:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(tmp_new) < strlen(files[i]->d_name))
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:110:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(tmp_new) < strlen(files[i]->d_name))
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:119:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tmp_old != NULL) && (strlen(tmp_old) < NAME_MAX)) {
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:120:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(oldest, tmp_old, NAME_MAX);
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:124:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tmp_new != NULL) && (strlen(tmp_old) < NAME_MAX)) {
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:125:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(newest, tmp_new, NAME_MAX);
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:147:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(log_file_name, name, length - strlen(log_file_name) - 1);
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:147:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(log_file_name, name, length - strlen(log_file_name) - 1);
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:148:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(log_file_name, DLT_OFFLINETRACE_FILENAME_INDEX_DELI,
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:149:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length - strlen(log_file_name) - 1);
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:150:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(log_file_name, file_index, length - strlen(log_file_name) - 1);
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:150:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(log_file_name, file_index, length - strlen(log_file_name) - 1);
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:151:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(log_file_name, DLT_OFFLINETRACE_FILENAME_EXT,
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:152:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length - strlen(log_file_name) - 1);
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:311:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(filename_oldest, filename, PATH_MAX);
data/dlt-daemon-2.18.5/src/shared/dlt_offline_trace.c:379:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(trace->directory, directory, NAME_MAX);
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:99:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen((char *)basename(src)) > 10) {
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:122:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = 11 + strlen(basename_f);
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:240:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
gzwrite(dst_file, buf, read);
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:301:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fdir) + strlen(SUBDIR_COMPRESS) + strlen(rn) + 3;/*the filename in .tocompress +2 for 2*"/", +1 for \0 */
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:301:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fdir) + strlen(SUBDIR_COMPRESS) + strlen(rn) + 3;/*the filename in .tocompress +2 for 2*"/", +1 for \0 */
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:301:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fdir) + strlen(SUBDIR_COMPRESS) + strlen(rn) + 3;/*the filename in .tocompress +2 for 2*"/", +1 for \0 */
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:319:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fdir) + strlen(SUBDIR_TOSEND) + strlen(rn) + strlen(COMPRESS_EXTENSION) + 3;/*the resulting filename in .tosend +2 for 2*"/", +1 for \0 */
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:319:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fdir) + strlen(SUBDIR_TOSEND) + strlen(rn) + strlen(COMPRESS_EXTENSION) + 3;/*the resulting filename in .tosend +2 for 2*"/", +1 for \0 */
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:319:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fdir) + strlen(SUBDIR_TOSEND) + strlen(rn) + strlen(COMPRESS_EXTENSION) + 3;/*the resulting filename in .tosend +2 for 2*"/", +1 for \0 */
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:319:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fdir) + strlen(SUBDIR_TOSEND) + strlen(rn) + strlen(COMPRESS_EXTENSION) + 3;/*the resulting filename in .tosend +2 for 2*"/", +1 for \0 */
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:339:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fdir) + strlen(SUBDIR_TOSEND) + strlen(rn) + 3;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:339:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fdir) + strlen(SUBDIR_TOSEND) + strlen(rn) + 3;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:339:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fdir) + strlen(SUBDIR_TOSEND) + strlen(rn) + 3;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:391:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(send_dir) + strlen(dp->d_name) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:391:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(send_dir) + strlen(dp->d_name) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:397:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(dp->d_name + strlen(dp->d_name) - strlen(COMPRESS_EXTENSION), COMPRESS_EXTENSION,
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:397:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(dp->d_name + strlen(dp->d_name) - strlen(COMPRESS_EXTENSION), COMPRESS_EXTENSION,
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:398:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(COMPRESS_EXTENSION))) {
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:402:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char tmp[strlen(dp->d_name) - strlen(COMPRESS_EXTENSION) + 1];
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:402:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char tmp[strlen(dp->d_name) - strlen(COMPRESS_EXTENSION) + 1];
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:403:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, dp->d_name, strlen(dp->d_name) - strlen(COMPRESS_EXTENSION));
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:403:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(tmp, dp->d_name, strlen(dp->d_name) - strlen(COMPRESS_EXTENSION));
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:403:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(tmp, dp->d_name, strlen(dp->d_name) - strlen(COMPRESS_EXTENSION));
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:404:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp[strlen(dp->d_name) - strlen(COMPRESS_EXTENSION)] = '\0';
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:404:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp[strlen(dp->d_name) - strlen(COMPRESS_EXTENSION)] = '\0';
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:406:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(tmp) + strlen(compress_dir) + 1 + 1;/*2 sizes + 1*"/" + \0 */
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:406:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(tmp) + strlen(compress_dir) + 1 + 1;/*2 sizes + 1*"/" + \0 */
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:487:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(compress_dir) + strlen(dp->d_name) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:487:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(compress_dir) + strlen(dp->d_name) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:493:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(send_dir) + strlen(dp->d_name) + strlen(COMPRESS_EXTENSION) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:493:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(send_dir) + strlen(dp->d_name) + strlen(COMPRESS_EXTENSION) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:493:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(send_dir) + strlen(dp->d_name) + strlen(COMPRESS_EXTENSION) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:538:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(sdir) + strlen(dp->d_name) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:538:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(sdir) + strlen(dp->d_name) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:578:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(opts->Directory[which]) + strlen(SUBDIR_COMPRESS) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:578:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(opts->Directory[which]) + strlen(SUBDIR_COMPRESS) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:583:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(opts->Directory[which]) + strlen(SUBDIR_TOSEND) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:583:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(opts->Directory[which]) + strlen(SUBDIR_TOSEND) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:637:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(opts->Directory[i]) + strlen(SUBDIR_COMPRESS) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:637:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(opts->Directory[i]) + strlen(SUBDIR_COMPRESS) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:656:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(opts->Directory[i]) + strlen(SUBDIR_TOSEND) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:656:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(opts->Directory[i]) + strlen(SUBDIR_TOSEND) + 2;
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:702:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t len = read(ino.handle, buf, INOTIFY_LEN);
data/dlt-daemon-2.18.5/src/system/dlt-system-filetransfer.c:725:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(opts->Directory[j]) + ie->len + 1;
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:110:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
field_size = strlen(field) + 1;
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:119:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(target, data + field_size, max_size - 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:124:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(target, data + field_size, length - field_size);
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:150:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ret == 0) && (strlen(buffer_realtime) > 0)) {
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:178:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ret == 0) && (strlen(buffer_monotime) > 0)) {
data/dlt-daemon-2.18.5/src/system/dlt-system-journal.c:252:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = sd_journal_add_match(j, match, strlen(match));
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:105:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
options->ConfigurationFileName = malloc(strlen(optarg) + 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:228:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(token, pch, MAX_LINE - 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:232:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, pch, MAX_LINE);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:243:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->ApplicationId = malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:261:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->Syslog.ContextId = malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:277:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->Journal.ContextId = malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:305:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->Filetransfer.ContextId = malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:323:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->Filetransfer.TempDir = malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:329:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->Filetransfer.Directory[config->Filetransfer.Count] = malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:360:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->LogFile.Filename[config->LogFile.Count] = malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:374:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->LogFile.ContextId[config->LogFile.Count] = malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:397:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->LogProcesses.ContextId = malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:403:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->LogProcesses.Name[config->LogProcesses.Count] = malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-options.c:409:84: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config->LogProcesses.Filename[config->LogProcesses.Count] = malloc(strlen(value) + 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-shell.c:75:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(text, data, length);
data/dlt-daemon-2.18.5/src/system/dlt-system-shell.c:79:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(text, data, DLT_SHELL_COMMAND_MAX_LENGTH - 1);
data/dlt-daemon-2.18.5/src/system/dlt-system-watchdog.c:55:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read (info->timer_fd, &missed, sizeof (missed)) < 0)
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:503:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (datalength == (sizeof(uint16_t) + strlen("Hello world") + 1))
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:509:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (datalength == (sizeof(uint16_t) + strlen("Hello world") + 1))
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:683:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("string") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:687:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (datalength == sizeof(uint16_t) + strlen("Hello world") + 1)
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:694:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("utf8") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:698:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (datalength == sizeof(uint16_t) + strlen("Hello world") + 1)
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:705:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("bool") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:716:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("int") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:727:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("int8") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:738:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("int16") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:749:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("int32") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:760:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("int64") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:771:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("uint") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:782:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("uint8") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:793:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("uint16") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:804:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("uint32") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:815:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("uint64") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:826:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("float32") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:838:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("float64") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:850:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("raw") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1728:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("bool") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1739:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("int") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1750:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("int8") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1761:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("int16") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1772:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("int32") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1783:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("int64") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1794:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("uint") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1805:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("uint8") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1816:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("uint16") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1827:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("uint32") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1838:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("uint64") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1849:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("float32") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1861:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("float64") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-client.c:1873:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen("raw") + 1;
data/dlt-daemon-2.18.5/src/tests/dlt-test-init-free.c:111:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buffer, "ERROR", length);
data/dlt-daemon-2.18.5/src/tests/dlt-test-non-verbose.c:114:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(delay);
data/dlt-daemon-2.18.5/src/tests/dlt-test-stress.c:260:15: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c=getchar();
data/dlt-daemon-2.18.5/systemd/3rdparty/sd-daemon.c:364:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(path);
data/dlt-daemon-2.18.5/systemd/3rdparty/sd-daemon.c:407:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(stpcpy(fpath, "/dev/mqueue"), path, sizeof(fpath) - 12);
data/dlt-daemon-2.18.5/systemd/3rdparty/sd-daemon.c:453:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sockaddr.un.sun_path, e, sizeof(sockaddr.un.sun_path)-1);
data/dlt-daemon-2.18.5/systemd/3rdparty/sd-daemon.c:460:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iovec.iov_len = strlen(state);
data/dlt-daemon-2.18.5/systemd/3rdparty/sd-daemon.c:464:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msghdr.msg_namelen = offsetof(struct sockaddr_un, sun_path) + strlen(e);
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:330:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(tmpFilename); i++)
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:351:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(text, position + 1, DLT_RECEIVE_BUFSIZE);
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:353:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(text, position + 1, DLT_RECEIVE_BUFSIZE);
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:355:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(text, position + 1, DLT_RECEIVE_BUFSIZE);
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:358:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(text);
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:364:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int)strlen(text); i = i + 3) {
data/dlt-daemon-2.18.5/tests/dlt_test_receiver.c:397:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(founding);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1340:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int write, read;
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1355:51: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
EXPECT_NO_THROW(dlt_buffer_write_block(&buf, &read, data, size2));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1376:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
EXPECT_NO_THROW(dlt_buffer_read_block(NULL, &read, NULL, 0));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1377:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
EXPECT_NO_THROW(dlt_buffer_read_block(NULL, &read, NULL, test1));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1378:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
EXPECT_NO_THROW(dlt_buffer_read_block(NULL, &read, (unsigned char *)&data, 0));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1379:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
EXPECT_NO_THROW(dlt_buffer_read_block(NULL, &read, (unsigned char *)&data, test1));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1403:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
EXPECT_NO_THROW(dlt_buffer_read_block(&buf, &read, NULL, 0));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1408:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
EXPECT_NO_THROW(dlt_buffer_read_block(&buf, &read, NULL, test1));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:1413:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
EXPECT_NO_THROW(dlt_buffer_read_block(&buf, &read, (unsigned char *)&data, 0));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3851:103: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EXPECT_LE(DLT_RETURN_OK, dlt_print_hex_string(text1, DLT_DAEMON_TEXTSIZE, (unsigned char *)test1, strlen(test1)));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3854:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *converted = (char *)malloc(strlen(test1) + 1);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3857:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (unsigned int i = 0; i < strlen(text1); i += 3) {
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3866:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
converted[strlen(test1)] = '\0';
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3873:103: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EXPECT_LE(DLT_RETURN_OK, dlt_print_hex_string(text2, DLT_DAEMON_TEXTSIZE, (unsigned char *)test2, strlen(test2)));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3876:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
converted = (char *)malloc(strlen(test2) + 1);
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3879:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (unsigned int i = 0; i < strlen(text2); i += 3) {
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3888:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
converted[strlen(test2)] = '\0';
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3959:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dlt_print_mixed_string(text1, DLT_DAEMON_TEXTSIZE, (unsigned char *)test1, strlen(test1), 0));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3965:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dlt_print_mixed_string(text2, DLT_DAEMON_TEXTSIZE, (unsigned char *)test2, strlen(test2), 1));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3971:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dlt_print_mixed_string(text3, DLT_DAEMON_TEXTSIZE, (unsigned char *)test3, strlen(test3), 0));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:3977:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dlt_print_mixed_string(text4, DLT_DAEMON_TEXTSIZE, (unsigned char *)test4, strlen(test4), 1));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:4026:104: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EXPECT_LE(DLT_RETURN_OK, dlt_print_char_string(&ptr1, DLT_DAEMON_TEXTSIZE, (unsigned char *)test1, strlen(test1)));
data/dlt-daemon-2.18.5/tests/gtest_dlt_common.cpp:4033:104: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EXPECT_LE(DLT_RETURN_OK, dlt_print_char_string(&ptr2, DLT_DAEMON_TEXTSIZE, (unsigned char *)test2, strlen(test2)));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_common.cpp:258:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, apid, 4);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_event_handler.cpp:760:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void)(read(newsockfd[i - 1], buffer, 255) + 1); /* just ignore result */
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:83:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(daemon_local.flags.gatewayConfigFile, "/tmp/dlt_gateway.conf", DLT_DAEMON_FLAG_MAX - 1);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:111:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(daemon_local.flags.gatewayConfigFile, "/tmp/dlt_gateway.conf", DLT_DAEMON_FLAG_MAX - 1);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:435:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(app_description) +
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:436:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(context_description);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:465:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_con = strlen(context_description);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:469:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(msg.databuffer + offset, context_description, strlen(context_description));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:470:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset += strlen(context_description);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:472:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_app = strlen(app_description);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:476:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(msg.databuffer + offset, app_description, strlen(app_description));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:477:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset += strlen(app_description);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_gateway.cpp:665:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(gatewayConfigFile, "/tmp/dlt_gateway.conf", DLT_DAEMON_FLAG_MAX - 1);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:476:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(handle.device_mount_point, "/tmp", DLT_MOUNT_PATH_MAX);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:496:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(handle.device_mount_point, "/tmp", DLT_MOUNT_PATH_MAX);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1450:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(daemon.storage_handle->device_mount_point, "/tmp", 5);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1478:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(daemon.storage_handle->device_mount_point, "/tmp", 5);
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1497:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)config.cache, data, sizeof(data));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1513:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)config.cache, data, sizeof(data));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1528:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)config.cache, data, sizeof(data));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1544:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)config.cache, data, sizeof(data));
data/dlt-daemon-2.18.5/tests/gtest_dlt_daemon_offline_log.cpp:1746:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void)(read(newsockfd[i - 1], buffer, 255) + 1); /* just ignore result */
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:1600:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:1612:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:1670:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:1682:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:1742:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:1753:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:1961:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:1984:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2140:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2155:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2208:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2231:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2291:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2302:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2364:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2367:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(message + index, utf8_2byte_character, strlen(utf8_2byte_character));
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2367:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(message + index, utf8_2byte_character, strlen(utf8_2byte_character));
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2379:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2445:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2448:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(message + index, utf8_2byte_character, strlen(utf8_2byte_character));
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2448:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(message + index, utf8_2byte_character, strlen(utf8_2byte_character));
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2460:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2522:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2535:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2597:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2600:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(message + index, utf8_3byte_character, strlen(utf8_3byte_character));
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2600:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(message + index, utf8_3byte_character, strlen(utf8_3byte_character));
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2612:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2678:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2681:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(message + index, utf8_3byte_character, strlen(utf8_3byte_character));
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2681:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(message + index, utf8_3byte_character, strlen(utf8_3byte_character));
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2693:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2755:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2768:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2830:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2833:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(message + index, utf8_4byte_character, strlen(utf8_4byte_character));
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2833:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(message + index, utf8_4byte_character, strlen(utf8_4byte_character));
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2845:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2911:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2914:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(message + index, utf8_4byte_character, strlen(utf8_4byte_character));
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2914:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(message + index, utf8_4byte_character, strlen(utf8_4byte_character));
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2926:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + user_message_after_truncated_size, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2987:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_truncate_message_length = strlen(STR_TRUNCATED_MESSAGE) + 1;
data/dlt-daemon-2.18.5/tests/gtest_dlt_user.cpp:2996:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(expected_message + 1, STR_TRUNCATED_MESSAGE, str_truncate_message_length);
ANALYSIS SUMMARY:
Hits = 1832
Lines analyzed = 161149 in approximately 4.21 seconds (38311 lines/second)
Physical Source Lines of Code (SLOC) = 101264
Hits@level = [0] 1541 [1] 662 [2] 937 [3] 96 [4] 130 [5] 7
Hits@level+ = [0+] 3373 [1+] 1832 [2+] 1170 [3+] 233 [4+] 137 [5+] 7
Hits/KSLOC@level+ = [0+] 33.309 [1+] 18.0913 [2+] 11.554 [3+] 2.30092 [4+] 1.3529 [5+] 0.0691262
Dot directories skipped = 9 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.