Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/dnprogs-2.65/apps/copynodes.c
Examining data/dnprogs-2.65/apps/cterm.h
Examining data/dnprogs-2.65/apps/ctermd.c
Examining data/dnprogs-2.65/apps/dnmount.c
Examining data/dnprogs-2.65/apps/dnping.c
Examining data/dnprogs-2.65/apps/rmtermd.c
Examining data/dnprogs-2.65/apps/sethost.c
Examining data/dnprogs-2.65/apps/startnet.c
Examining data/dnprogs-2.65/contrib/ph3-der-loewe/dnetcat.c
Examining data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c
Examining data/dnprogs-2.65/contrib/ph3-der-loewe/node.c
Examining data/dnprogs-2.65/dapfs/dapfs.c
Examining data/dnprogs-2.65/dapfs/dapfs.h
Examining data/dnprogs-2.65/dapfs/dapfs_dap.cc
Examining data/dnprogs-2.65/dapfs/dapfs_dap.h
Examining data/dnprogs-2.65/dapfs/filenames.c
Examining data/dnprogs-2.65/dapfs/filenames.h
Examining data/dnprogs-2.65/dapfs/kfifo.c
Examining data/dnprogs-2.65/dapfs/kfifo.h
Examining data/dnprogs-2.65/dncopy/dncopy.cc
Examining data/dnprogs-2.65/dncopy/dnetfile.cc
Examining data/dnprogs-2.65/dncopy/dnetfile.h
Examining data/dnprogs-2.65/dncopy/dnetfile_dap.cc
Examining data/dnprogs-2.65/dncopy/file.cc
Examining data/dnprogs-2.65/dncopy/file.h
Examining data/dnprogs-2.65/dncopy/unixfile.cc
Examining data/dnprogs-2.65/dncopy/unixfile.h
Examining data/dnprogs-2.65/dndel/dndel.cc
Examining data/dnprogs-2.65/dndir/dndir.cc
Examining data/dnprogs-2.65/dnetd/dnetd.c
Examining data/dnprogs-2.65/dnetd/task_server.c
Examining data/dnprogs-2.65/dnlogin/cterm.c
Examining data/dnprogs-2.65/dnlogin/dnlogin.c
Examining data/dnprogs-2.65/dnlogin/dnlogin.h
Examining data/dnprogs-2.65/dnlogin/found.c
Examining data/dnprogs-2.65/dnlogin/tty.c
Examining data/dnprogs-2.65/dnlogin/tty.h
Examining data/dnprogs-2.65/dnroute/csum.c
Examining data/dnprogs-2.65/dnroute/csum.h
Examining data/dnprogs-2.65/dnroute/dneigh.c
Examining data/dnprogs-2.65/dnroute/dnroute.h
Examining data/dnprogs-2.65/dnroute/dnrtlink.c
Examining data/dnprogs-2.65/dnroute/dnrtlink.h
Examining data/dnprogs-2.65/dnroute/get_neigh.c
Examining data/dnprogs-2.65/dnroute/hash.c
Examining data/dnprogs-2.65/dnroute/hash.h
Examining data/dnprogs-2.65/dnroute/netlink/include/SNAPSHOT.h
Examining data/dnprogs-2.65/dnroute/netlink/include/libnetlink.h
Examining data/dnprogs-2.65/dnroute/netlink/include/ll_map.h
Examining data/dnprogs-2.65/dnroute/netlink/include/rt_names.h
Examining data/dnprogs-2.65/dnroute/netlink/include/rtm_map.h
Examining data/dnprogs-2.65/dnroute/netlink/include/utils.h
Examining data/dnprogs-2.65/dnroute/netlink/libnetlink.c
Examining data/dnprogs-2.65/dnroute/netlink/ll_map.c
Examining data/dnprogs-2.65/dnroute/pidfile.c
Examining data/dnprogs-2.65/dnroute/routing_msg.c
Examining data/dnprogs-2.65/dnroute/send_route.c
Examining data/dnprogs-2.65/dnsubmit/dnsubmit.cc
Examining data/dnprogs-2.65/dntask/dntask.c
Examining data/dnprogs-2.65/fal/create.cc
Examining data/dnprogs-2.65/fal/create.h
Examining data/dnprogs-2.65/fal/directory.cc
Examining data/dnprogs-2.65/fal/directory.h
Examining data/dnprogs-2.65/fal/erase.cc
Examining data/dnprogs-2.65/fal/erase.h
Examining data/dnprogs-2.65/fal/fal.cc
Examining data/dnprogs-2.65/fal/open.cc
Examining data/dnprogs-2.65/fal/open.h
Examining data/dnprogs-2.65/fal/params.h
Examining data/dnprogs-2.65/fal/rename.cc
Examining data/dnprogs-2.65/fal/rename.h
Examining data/dnprogs-2.65/fal/server.cc
Examining data/dnprogs-2.65/fal/server.h
Examining data/dnprogs-2.65/fal/submit.cc
Examining data/dnprogs-2.65/fal/submit.h
Examining data/dnprogs-2.65/fal/task.cc
Examining data/dnprogs-2.65/fal/task.h
Examining data/dnprogs-2.65/include/dn_endian.h
Examining data/dnprogs-2.65/include/kernel/netdnet/dn.h
Examining data/dnprogs-2.65/include/netdnet/dn.h
Examining data/dnprogs-2.65/include/netdnet/dnetdb.h
Examining data/dnprogs-2.65/libdaemon/dnet_daemon.c
Examining data/dnprogs-2.65/libdaemon/dnet_priv_check.c
Examining data/dnprogs-2.65/libdaemon/dnetlog.c
Examining data/dnprogs-2.65/libdap/connection.cc
Examining data/dnprogs-2.65/libdap/connection.h
Examining data/dnprogs-2.65/libdap/logging.cc
Examining data/dnprogs-2.65/libdap/logging.h
Examining data/dnprogs-2.65/libdap/protocol.cc
Examining data/dnprogs-2.65/libdap/protocol.h
Examining data/dnprogs-2.65/libdap/vaxcrc.cc
Examining data/dnprogs-2.65/libdap/vaxcrc.h
Examining data/dnprogs-2.65/libdnet/cuserid.c
Examining data/dnprogs-2.65/libdnet/dnet_addr.c
Examining data/dnprogs-2.65/libdnet/dnet_conn.c
Examining data/dnprogs-2.65/libdnet/dnet_eof.c
Examining data/dnprogs-2.65/libdnet/dnet_getnode.c
Examining data/dnprogs-2.65/libdnet/dnet_htoa.c
Examining data/dnprogs-2.65/libdnet/dnet_ntoa.c
Examining data/dnprogs-2.65/libdnet/dnet_ntop.c
Examining data/dnprogs-2.65/libdnet/dnet_pton.c
Examining data/dnprogs-2.65/libdnet/dnet_recv.c
Examining data/dnprogs-2.65/libdnet/getexecdev.c
Examining data/dnprogs-2.65/libdnet/getnodeadd.c
Examining data/dnprogs-2.65/libdnet/getnodebyaddr.c
Examining data/dnprogs-2.65/libdnet/getnodebyname.c
Examining data/dnprogs-2.65/libdnet/getnodename.c
Examining data/dnprogs-2.65/libdnet/getobjectbyX.c
Examining data/dnprogs-2.65/libdnet/setnodeent.c
Examining data/dnprogs-2.65/libdnet/setnodename.c
Examining data/dnprogs-2.65/librms/close.cc
Examining data/dnprogs-2.65/librms/example.c
Examining data/dnprogs-2.65/librms/fabdef.h
Examining data/dnprogs-2.65/librms/getreply.cc
Examining data/dnprogs-2.65/librms/open.cc
Examining data/dnprogs-2.65/librms/parse.cc
Examining data/dnprogs-2.65/librms/rabdef.h
Examining data/dnprogs-2.65/librms/readwrite.cc
Examining data/dnprogs-2.65/librms/rms.h
Examining data/dnprogs-2.65/librms/rmsp.h
Examining data/dnprogs-2.65/librms/t_example.c
Examining data/dnprogs-2.65/libvaxdata/solaris/makefile.cc
Examining data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c
Examining data/dnprogs-2.65/libvaxdata/src/convert_vax_data.h
Examining data/dnprogs-2.65/libvaxdata/src/from_vax_d8.c
Examining data/dnprogs-2.65/libvaxdata/src/from_vax_d8_.c
Examining data/dnprogs-2.65/libvaxdata/src/from_vax_g8.c
Examining data/dnprogs-2.65/libvaxdata/src/from_vax_g8_.c
Examining data/dnprogs-2.65/libvaxdata/src/from_vax_h16.c
Examining data/dnprogs-2.65/libvaxdata/src/from_vax_h16_.c
Examining data/dnprogs-2.65/libvaxdata/src/from_vax_i2.c
Examining data/dnprogs-2.65/libvaxdata/src/from_vax_i2_.c
Examining data/dnprogs-2.65/libvaxdata/src/from_vax_i4.c
Examining data/dnprogs-2.65/libvaxdata/src/from_vax_i4_.c
Examining data/dnprogs-2.65/libvaxdata/src/from_vax_r4.c
Examining data/dnprogs-2.65/libvaxdata/src/from_vax_r4_.c
Examining data/dnprogs-2.65/libvaxdata/src/is_little_endian.c
Examining data/dnprogs-2.65/libvaxdata/src/is_little_endian_.c
Examining data/dnprogs-2.65/libvaxdata/src/test.c
Examining data/dnprogs-2.65/libvaxdata/src/to_vax_d8.c
Examining data/dnprogs-2.65/libvaxdata/src/to_vax_d8_.c
Examining data/dnprogs-2.65/libvaxdata/src/to_vax_g8.c
Examining data/dnprogs-2.65/libvaxdata/src/to_vax_g8_.c
Examining data/dnprogs-2.65/libvaxdata/src/to_vax_h16.c
Examining data/dnprogs-2.65/libvaxdata/src/to_vax_h16_.c
Examining data/dnprogs-2.65/libvaxdata/src/to_vax_i2.c
Examining data/dnprogs-2.65/libvaxdata/src/to_vax_i2_.c
Examining data/dnprogs-2.65/libvaxdata/src/to_vax_i4.c
Examining data/dnprogs-2.65/libvaxdata/src/to_vax_i4_.c
Examining data/dnprogs-2.65/libvaxdata/src/to_vax_r4.c
Examining data/dnprogs-2.65/libvaxdata/src/to_vax_r4_.c
Examining data/dnprogs-2.65/libvaxdata/tru64/makefile.cc
Examining data/dnprogs-2.65/mail/configfile.c
Examining data/dnprogs-2.65/mail/configfile.h
Examining data/dnprogs-2.65/mail/receive.c
Examining data/dnprogs-2.65/mail/receive.h
Examining data/dnprogs-2.65/mail/sendvmsmail.c
Examining data/dnprogs-2.65/mail/uulib/acconfig.h
Examining data/dnprogs-2.65/mail/uulib/config.h
Examining data/dnprogs-2.65/mail/uulib/fptools.c
Examining data/dnprogs-2.65/mail/uulib/fptools.h
Examining data/dnprogs-2.65/mail/uulib/uucheck.c
Examining data/dnprogs-2.65/mail/uulib/uudeview.h
Examining data/dnprogs-2.65/mail/uulib/uuencode.c
Examining data/dnprogs-2.65/mail/uulib/uuint.h
Examining data/dnprogs-2.65/mail/uulib/uulib.c
Examining data/dnprogs-2.65/mail/uulib/uunconc.c
Examining data/dnprogs-2.65/mail/uulib/uuscan.c
Examining data/dnprogs-2.65/mail/uulib/uustring.c
Examining data/dnprogs-2.65/mail/uulib/uustring.h
Examining data/dnprogs-2.65/mail/uulib/uuutil.c
Examining data/dnprogs-2.65/mail/vmsmaild.c
Examining data/dnprogs-2.65/multinet/multinet.c
Examining data/dnprogs-2.65/nml/main.c
Examining data/dnprogs-2.65/nml/nml.c
Examining data/dnprogs-2.65/phone/backend.c
Examining data/dnprogs-2.65/phone/backend.h
Examining data/dnprogs-2.65/phone/common.h
Examining data/dnprogs-2.65/phone/gtkphonesig.c
Examining data/dnprogs-2.65/phone/gtkphonesig.h
Examining data/dnprogs-2.65/phone/gtkphonesrc.c
Examining data/dnprogs-2.65/phone/gtkphonesrc.h
Examining data/dnprogs-2.65/phone/main.c
Examining data/dnprogs-2.65/phone/phone.h
Examining data/dnprogs-2.65/phone/phone_gtk.c
Examining data/dnprogs-2.65/phone/phone_gtk.h
Examining data/dnprogs-2.65/phone/phone_ncurses.c
Examining data/dnprogs-2.65/phone/phone_ncurses.h
Examining data/dnprogs-2.65/phone/phone_server.c
Examining data/dnprogs-2.65/phone/phone_server.h
Examining data/dnprogs-2.65/phone/phoned.c
Examining data/dnprogs-2.65/phone/phoned.h
FINAL RESULTS:
data/dnprogs-2.65/apps/ctermd.c:147:8: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
(void)chmod(line,0666);
data/dnprogs-2.65/apps/ctermd.c:148:8: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
(void)chown(line,0,0);
data/dnprogs-2.65/apps/ctermd.c:150:8: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
(void)chmod(line,0666);
data/dnprogs-2.65/apps/ctermd.c:151:8: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
(void)chown(line,0,0);
data/dnprogs-2.65/apps/rmtermd.c:98:8: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
(void)chmod(line,0666);
data/dnprogs-2.65/apps/rmtermd.c:99:8: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
(void)chown(line,0,0);
data/dnprogs-2.65/apps/rmtermd.c:101:8: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
(void)chmod(line,0666);
data/dnprogs-2.65/apps/rmtermd.c:102:8: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
(void)chown(line,0,0);
data/dnprogs-2.65/dnroute/get_neigh.c:1087:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(STATUS_SOCKET, 0660);
data/dnprogs-2.65/phone/phoned.c:281:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(SOCKETNAME, 0666);
data/dnprogs-2.65/apps/copynodes.c:70:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)accessdata.acc_acc, local_user);
data/dnprogs-2.65/apps/ctermd.c:372:2: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp("/bin/login", "login", (char *)0);
data/dnprogs-2.65/apps/dnmount.c:195:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirname, fname+n0);
data/dnprogs-2.65/apps/dnmount.c:227:18: [4] (misc) cuserid:
Exactly what cuserid() does is poorly defined (e.g., some systems use the
effective uid, like Linux, while others like System V use the real uid).
Thus, you can't trust what it does. It's certainly not portable (The
cuserid function was included in the 1988 version of POSIX, but removed
from the 1990 version). Also, if passed a non-null parameter, there's a
risk of a buffer overflow if the passed-in buffer is not at least L_cuserid
characters long (CWE-120). Use getpwuid(geteuid()) and extract the desired
information instead.
local_user = cuserid(NULL);
data/dnprogs-2.65/apps/dnmount.c:234:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)accessdata.acc_acc, local_user);
data/dnprogs-2.65/apps/dnmount.c:328:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(vms_mount_point,node);
data/dnprogs-2.65/apps/dnmount.c:330:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(vms_mount_point,dirname);
data/dnprogs-2.65/apps/dnmount.c:457:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(data.mounted_dir,dirname);
data/dnprogs-2.65/apps/dnping.c:88:24: [4] (misc) cuserid:
Exactly what cuserid() does is poorly defined (e.g., some systems use the
effective uid, like Linux, while others like System V use the real uid).
Thus, you can't trust what it does. It's certainly not portable (The
cuserid function was included in the 1988 version of POSIX, but removed
from the 1990 version). Also, if passed a non-null parameter, there's a
risk of a buffer overflow if the passed-in buffer is not at least L_cuserid
characters long (CWE-120). Use getpwuid(geteuid()) and extract the desired
information instead.
char *local_user = cuserid(NULL);
data/dnprogs-2.65/apps/dnping.c:107:13: [4] (misc) getpass:
This function is obsolete and not portable. It was in SUSv2 but removed by
POSIX.2. What it does exactly varies considerably between systems,
particularly in where its prompt is displayed and where it gets its data
(e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations
overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do
exactly what you want. If you continue to use it, or write your own, be
sure to zero the password as soon as possible to avoid leaving the
cleartext password visible in the process' address space.
password = getpass("Password: ");
data/dnprogs-2.65/apps/rmtermd.c:266:2: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp("/bin/login","login",(char *)0);
data/dnprogs-2.65/apps/sethost.c:524:19: [4] (misc) cuserid:
Exactly what cuserid() does is poorly defined (e.g., some systems use the
effective uid, like Linux, while others like System V use the real uid).
Thus, you can't trust what it does. It's certainly not portable (The
cuserid function was included in the 1988 version of POSIX, but removed
from the 1990 version). Also, if passed a non-null parameter, there's a
risk of a buffer overflow if the passed-in buffer is not at least L_cuserid
characters long (CWE-120). Use getpwuid(geteuid()) and extract the desired
information instead.
local_user = cuserid(NULL);
data/dnprogs-2.65/apps/sethost.c:531:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)accessdata.acc_acc, local_user);
data/dnprogs-2.65/apps/startnet.c:96:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(address, dnet_ntoa(binadr));
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:77:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, ne->n_name);
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:87:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, object_name(object));
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:154:9: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
while (fscanf(fh, "%s %04d:%04d %04d:%04d %01d %16s"
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:189:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(out, "decnet %-24s %-24s %-3s %-13s %s", lbuf, rbuf, dir, state_ktou(state, &dir), immed);
data/dnprogs-2.65/dapfs/dapfs.c:144:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(vername, "%s;*", path);
data/dnprogs-2.65/dapfs/dapfs.c:183:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fullname, "REMOVE %s.DIR;1", vmsname);
data/dnprogs-2.65/dapfs/dapfs.c:188:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dirname, "%s.DIR;1", path);
data/dnprogs-2.65/dapfs/dapfs.c:212:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fullname, "%s%s", prefix, vmsname);
data/dnprogs-2.65/dapfs/dapfs.c:267:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fullname, "CREATE %s", vmsname);
data/dnprogs-2.65/dapfs/dapfs.c:318:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fullname, "%s%s", prefix, vmsname);
data/dnprogs-2.65/dapfs/dapfs.c:346:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fullname, "%s%s", prefix, vmsname);
data/dnprogs-2.65/dapfs/dapfs.c:570:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dirname, "%s.dir", path);
data/dnprogs-2.65/dapfs/dapfs.c:644:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(prefix, "%s\"%s %s\"", prefix, username, password);
data/dnprogs-2.65/dapfs/dapfs.c:698:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefix, argv[1]);
data/dnprogs-2.65/dapfs/dapfs.c:701:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mountdir, argv[2]);
data/dnprogs-2.65/dapfs/dapfs_dap.cc:92:21: [4] (misc) cuserid:
Exactly what cuserid() does is poorly defined (e.g., some systems use the
effective uid, like Linux, while others like System V use the real uid).
Thus, you can't trust what it does. It's certainly not portable (The
cuserid function was included in the 1988 version of POSIX, but removed
from the 1990 version). Also, if passed a non-null parameter, there's a
risk of a buffer overflow if the passed-in buffer is not at least L_cuserid
characters long (CWE-120). Use getpwuid(geteuid()) and extract the desired
information instead.
char *local_user = cuserid(NULL);
data/dnprogs-2.65/dapfs/dapfs_dap.cc:99:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)accessdata.acc_acc, local_user);
data/dnprogs-2.65/dapfs/dapfs_dap.cc:293:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(wildname, "%s*.*", path);
data/dnprogs-2.65/dapfs/dapfs_dap.cc:297:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wildname, path);
data/dnprogs-2.65/dapfs/dapfs_dap.cc:355:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(volname, nm->get_namespec());
data/dnprogs-2.65/dapfs/dapfs_dap.cc:360:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, nm->get_namespec());
data/dnprogs-2.65/dapfs/dapfs_dap.cc:480:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirname, from);
data/dnprogs-2.65/dapfs/dapfs_dap.cc:499:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(setprot, "SETPROT %s O:RWED", vmsfrom);
data/dnprogs-2.65/dapfs/filenames.c:65:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullname, unixname);
data/dnprogs-2.65/dapfs/filenames.c:90:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(vmsname, "%s", unixname+1);
data/dnprogs-2.65/dapfs/filenames.c:134:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(volume, file);
data/dnprogs-2.65/dapfs/filenames.c:151:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(directory, ptr);
data/dnprogs-2.65/dapfs/filenames.c:173:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, vmsname);
data/dnprogs-2.65/dapfs/filenames.c:203:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(unixname, volume);
data/dnprogs-2.65/dapfs/filenames.c:251:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(unixname, file);
data/dnprogs-2.65/dapfs/filenames.c:266:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirname, unixname);
data/dnprogs-2.65/dncopy/dncopy.cc:415:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(arglist, env);
data/dnprogs-2.65/dncopy/dncopy.cc:428:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(arglist, env);
data/dnprogs-2.65/dncopy/dncopy.cc:437:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pargv[count], ptr);
data/dnprogs-2.65/dncopy/dncopy.cc:545:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(protection, optarg);
data/dnprogs-2.65/dncopy/dncopy.cc:546:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(protection, optarg);
data/dnprogs-2.65/dncopy/dnetfile.cc:49:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, n);
data/dnprogs-2.65/dncopy/dnetfile.cc:50:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, n);
data/dnprogs-2.65/dncopy/dnetfile.cc:96:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(user, (char *)accessdata.acc_user);
data/dnprogs-2.65/dncopy/dnetfile.cc:97:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(password, (char *)accessdata.acc_pass);
data/dnprogs-2.65/dncopy/dnetfile.cc:110:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filname, name);
data/dnprogs-2.65/dncopy/dnetfile.cc:119:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filname, name);
data/dnprogs-2.65/dncopy/dnetfile.cc:120:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filname, filename);
data/dnprogs-2.65/dncopy/dnetfile.cc:183:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, filname);
data/dnprogs-2.65/dncopy/dnetfile.cc:292:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, filname);
data/dnprogs-2.65/dncopy/dnetfile.cc:348:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basename, start+1);
data/dnprogs-2.65/dncopy/dnetfile.cc:370:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pname, node);
data/dnprogs-2.65/dncopy/dnetfile.cc:374:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pname, user);
data/dnprogs-2.65/dncopy/dnetfile.cc:379:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pname, volname);
data/dnprogs-2.65/dncopy/dnetfile.cc:383:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pname, filename);
data/dnprogs-2.65/dncopy/dnetfile.cc:387:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pname, dirname);
data/dnprogs-2.65/dncopy/dnetfile.cc:388:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pname, filname);
data/dnprogs-2.65/dncopy/dnetfile_dap.cc:121:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sentname, filname); // Save in case of error
data/dnprogs-2.65/dncopy/dnetfile_dap.cc:135:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(volname, nm->get_namespec());
data/dnprogs-2.65/dncopy/dnetfile_dap.cc:139:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirname, nm->get_namespec());
data/dnprogs-2.65/dncopy/dnetfile_dap.cc:143:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filname, nm->get_namespec());
data/dnprogs-2.65/dncopy/dnetfile_dap.cc:147:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filname, nm->get_namespec());
data/dnprogs-2.65/dncopy/dnetfile_dap.cc:289:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "Wrong block type (%s) received", m->type_name());
data/dnprogs-2.65/dncopy/unixfile.cc:46:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(printname, filename);
data/dnprogs-2.65/dncopy/unixfile.cc:59:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(printname, filename);
data/dnprogs-2.65/dncopy/unixfile.cc:61:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(printname, basename);
data/dnprogs-2.65/dncopy/unixfile.cc:213:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpname, this->filename);
data/dnprogs-2.65/dncopy/unixfile.cc:215:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmpname, filename);
data/dnprogs-2.65/dncopy/unixfile.cc:283:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, name);
data/dnprogs-2.65/dndel/dndel.cc:157:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(volume, nm->get_namespec());
data/dnprogs-2.65/dndel/dndel.cc:161:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir, nm->get_namespec());
data/dnprogs-2.65/dndel/dndel.cc:165:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s%s%s", volume, dir, nm->get_namespec());
data/dnprogs-2.65/dndel/dndel.cc:174:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, nm->get_namespec());
data/dnprogs-2.65/dndir/dndir.cc:312:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(volname, nm->get_namespec());
data/dnprogs-2.65/dndir/dndir.cc:329:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, nm->get_namespec());
data/dnprogs-2.65/dndir/dndir.cc:338:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(owner, pm->get_owner());
data/dnprogs-2.65/dndir/dndir.cc:339:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prot, pm->get_protection());
data/dnprogs-2.65/dndir/dndir.cc:356:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cdt, dm->make_y2k(dm->get_cdt()));
data/dnprogs-2.65/dndir/dndir.cc:754:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prot, protect_msg->get_protection()+1);
data/dnprogs-2.65/dnetd/dnetd.c:112:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, binary_dir);
data/dnprogs-2.65/dnetd/dnetd.c:114:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, daemon_name);
data/dnprogs-2.65/dnetd/dnetd.c:123:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, daemon_name);
data/dnprogs-2.65/dnetd/dnetd.c:127:5: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(name, argv);
data/dnprogs-2.65/dnetd/dnetd.c:170:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(binary_dir, BINARY_PREFIX);
data/dnprogs-2.65/dnetd/dnetd.c:217:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(binary_dir, optarg);
data/dnprogs-2.65/dnetd/task_server.c:110:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tryname, taskdir);
data/dnprogs-2.65/dnetd/task_server.c:112:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tryname, name);
data/dnprogs-2.65/dnetd/task_server.c:122:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tryname, name);
data/dnprogs-2.65/dnlogin/dnlogin.h:86:55: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUGLOG(subsys, args...) if (debug & subsys) fprintf(stderr, args)
data/dnprogs-2.65/dnlogin/found.c:273:15: [4] (misc) cuserid:
Exactly what cuserid() does is poorly defined (e.g., some systems use the
effective uid, like Linux, while others like System V use the real uid).
Thus, you can't trust what it does. It's certainly not portable (The
cuserid function was included in the 1988 version of POSIX, but removed
from the 1990 version). Also, if passed a non-null parameter, there's a
risk of a buffer overflow if the passed-in buffer is not at least L_cuserid
characters long (CWE-120). Use getpwuid(geteuid()) and extract the desired
information instead.
local_user = cuserid(NULL);
data/dnprogs-2.65/dnlogin/found.c:280:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)accessdata.acc_acc, local_user);
data/dnprogs-2.65/dnroute/dneigh.c:95:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ifr.ifr_name, dev);
data/dnprogs-2.65/dnroute/dneigh.c:138:9: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
while (fscanf(fh, "%s %s %02d %02d %07d %s\n",
data/dnprogs-2.65/dnroute/get_neigh.c:110:52: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define debuglog(fmt, args...) do { if (debugging) fprintf(stderr, fmt, ## args); } while (0)
data/dnprogs-2.65/dnroute/get_neigh.c:1103:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sockaddr.sun_path, STATUS_SOCKET);
data/dnprogs-2.65/dnroute/netlink/ll_map.c:84:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(im->name, RTA_DATA(tb[IFLA_IFNAME]));
data/dnprogs-2.65/dnroute/netlink/ll_map.c:149:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ncache, name);
data/dnprogs-2.65/dnroute/routing_msg.c:51:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, ifr.ifr_name);
data/dnprogs-2.65/dnroute/routing_msg.c:70:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ifr.ifr_name, name);
data/dnprogs-2.65/dntask/dntask.c:423:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, fname+n0);
data/dnprogs-2.65/dntask/dntask.c:441:18: [4] (misc) cuserid:
Exactly what cuserid() does is poorly defined (e.g., some systems use the
effective uid, like Linux, while others like System V use the real uid).
Thus, you can't trust what it does. It's certainly not portable (The
cuserid function was included in the 1988 version of POSIX, but removed
from the 1990 version). Also, if passed a non-null parameter, there's a
risk of a buffer overflow if the passed-in buffer is not at least L_cuserid
characters long (CWE-120). Use getpwuid(geteuid()) and extract the desired
information instead.
local_user = cuserid(NULL);
data/dnprogs-2.65/dntask/dntask.c:449:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)accessdata.acc_acc, local_user);
data/dnprogs-2.65/dntask/dntask.c:463:19: [4] (misc) getpass:
This function is obsolete and not portable. It was in SUSv2 but removed by
POSIX.2. What it does exactly varies considerably between systems,
particularly in where its prompt is displayed and where it gets its data
(e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations
overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do
exactly what you want. If you continue to use it, or write your own, be
sure to zero the password as soon as possible to avoid leaving the
cleartext password visible in the process' address space.
char *password = getpass("Password: ");
data/dnprogs-2.65/dntask/dntask.c:469:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(accessdata.acc_pass, password);
data/dnprogs-2.65/fal/directory.cc:88:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filespec, am->get_filespec());
data/dnprogs-2.65/fal/directory.cc:184:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir_path, gl.gl_pathv[pathno]);
data/dnprogs-2.65/fal/directory.cc:202:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_path, dir_path);
data/dnprogs-2.65/fal/directory.cc:295:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(publicname, path);
data/dnprogs-2.65/fal/erase.cc:77:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(unixname, am->get_filespec());
data/dnprogs-2.65/fal/fal.cc:114:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p.vroot, optarg);
data/dnprogs-2.65/fal/open.cc:103:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filespec, am->get_filespec());
data/dnprogs-2.65/fal/open.cc:607:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(cmd, PRINT_COMMAND, gl.gl_pathv[glob_entry]);
data/dnprogs-2.65/fal/open.cc:609:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int status = system(cmd);
data/dnprogs-2.65/fal/open.cc:682:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(unixname, filespec);
data/dnprogs-2.65/fal/rename.cc:72:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(oldname, am->get_filespec());
data/dnprogs-2.65/fal/rename.cc:99:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newname, nm->get_namespec());
data/dnprogs-2.65/fal/submit.cc:82:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(unixname, am->get_filespec());
data/dnprogs-2.65/fal/submit.cc:131:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(cmd, SUBMIT_COMMAND, gl.gl_pathv[pathno]);
data/dnprogs-2.65/fal/submit.cc:132:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
status = system(cmd);
data/dnprogs-2.65/fal/task.cc:178:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, unixname);
data/dnprogs-2.65/fal/task.cc:248:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(vmsname, &fullname[i+2]);
data/dnprogs-2.65/fal/task.cc:278:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(vmsname, "%s:[000000]%s", sysdisk_name, fullname+1);
data/dnprogs-2.65/fal/task.cc:289:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(vmsname, sysdisk_name);
data/dnprogs-2.65/fal/task.cc:291:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(vmsname, fullname+1);
data/dnprogs-2.65/fal/task.cc:293:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(vmsname, second_slash+1);
data/dnprogs-2.65/fal/task.cc:302:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(vmsname, fullname+1);
data/dnprogs-2.65/fal/task.cc:314:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(vmsname, lastslash+1);
data/dnprogs-2.65/fal/task.cc:320:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(vmsname, lastslash+1);
data/dnprogs-2.65/fal/task.cc:337:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(volume, file);
data/dnprogs-2.65/fal/task.cc:354:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(directory, ptr);
data/dnprogs-2.65/fal/task.cc:376:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, vmsname);
data/dnprogs-2.65/fal/task.cc:406:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(unixname, volume);
data/dnprogs-2.65/fal/task.cc:463:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(unixname, file);
data/dnprogs-2.65/fal/task.cc:478:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirname, unixname);
data/dnprogs-2.65/fal/task.cc:900:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(adfname, endpath+1);
data/dnprogs-2.65/fal/task.cc:936:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(metafile, METAFILE_DIR);
data/dnprogs-2.65/fal/task.cc:948:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(metafile, endpath);
data/dnprogs-2.65/fal/task.h:95:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ext, _ext);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:214:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_proxy->node, bufp);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:215:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_proxy->remuser, colons+2);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:216:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_proxy->localuser, local);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:302:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(localuser, remoteuser);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:306:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(localuser, p->localuser);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:391:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nodename, dnet_htoa(&sockaddr.sdn_add));
data/dnprogs-2.65/libdaemon/dnet_daemon.c:485:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(username, thisobj->user);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:545:18: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
cryptpass = crypt(password, spw->sp_pwdp);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:551:15: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
cryptpass = crypt(password, spw->sp_pwdp);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:566:19: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
cryptpass = crypt(password, pw->pw_passwd);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:571:15: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
cryptpass = crypt(password, pw->pw_passwd);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:685:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newobj->name, bufp);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:688:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpbuf, bufp);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:719:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newobj->user, bufp);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:722:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newobj->daemon, bufp);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:727:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newobj->daemon, bufp);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:792:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)bind_sockaddr.sdn_objname, object);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:992:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access(DENY_FILE, F_OK) == 0 ) {
data/dnprogs-2.65/libdaemon/dnetlog.c:59:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/dnprogs-2.65/libdaemon/dnetlog.c:79:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(outbuf, fmt, ap);
data/dnprogs-2.65/libdap/connection.cc:127:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "setsockopt (SNDBUF) failed: %s", strerror(errno));
data/dnprogs-2.65/libdap/connection.cc:133:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "setsockopt (RCVBUF) failed: %s", strerror(errno));
data/dnprogs-2.65/libdap/connection.cc:145:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "socket failed: %s", strerror(errno));
data/dnprogs-2.65/libdap/connection.cc:259:13: [4] (misc) getpass:
This function is obsolete and not portable. It was in SUSv2 but removed by
POSIX.2. What it does exactly varies considerably between systems,
particularly in where its prompt is displayed and where it gets its data
(e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations
overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do
exactly what you want. If you continue to use it, or write your own, be
sure to zero the password as soon as possible to avoid leaving the
cleartext password visible in the process' address space.
password = getpass("Password: ");
data/dnprogs-2.65/libdap/connection.cc:278:24: [4] (misc) cuserid:
Exactly what cuserid() does is poorly defined (e.g., some systems use the
effective uid, like Linux, while others like System V use the real uid).
Thus, you can't trust what it does. It's certainly not portable (The
cuserid function was included in the 1988 version of POSIX, but removed
from the 1990 version). Also, if passed a non-null parameter, there's a
risk of a buffer overflow if the passed-in buffer is not at least L_cuserid
characters long (CWE-120). Use getpwuid(geteuid()) and extract the desired
information instead.
char *local_user = cuserid(NULL);
data/dnprogs-2.65/libdap/connection.cc:286:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)accessdata.acc_acc, local_user);
data/dnprogs-2.65/libdap/connection.cc:300:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "setsockopt (CONACCESS) failed: %s", strerror(errno));
data/dnprogs-2.65/libdap/connection.cc:317:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "connect failed: %s", connerror(strerror(errno)));
data/dnprogs-2.65/libdap/connection.cc:321:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "connect failed: %s", strerror(errno));
data/dnprogs-2.65/libdap/connection.cc:365:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "read failed: %s", connerror(strerror(saved_errno)));
data/dnprogs-2.65/libdap/connection.cc:369:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "DAP read error: %s", strerror(saved_errno));
data/dnprogs-2.65/libdap/connection.cc:433:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "write failed: %s", connerror(strerror(errno)));
data/dnprogs-2.65/libdap/connection.cc:435:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "DAP write error: %s", strerror(errno));
data/dnprogs-2.65/libdap/connection.cc:456:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "write failed: %s", connerror(strerror(errno)));
data/dnprogs-2.65/libdap/connection.cc:458:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "DAP write error: %s", strerror(errno));
data/dnprogs-2.65/libdap/connection.cc:550:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "read failed: %s", strerror(errno));
data/dnprogs-2.65/libdap/connection.cc:604:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "listen failed: %s", strerror(errno));
data/dnprogs-2.65/libdap/connection.cc:615:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "accept failed: %s", strerror(errno));
data/dnprogs-2.65/libdap/connection.cc:643:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "bind failed: %s", strerror(errno));
data/dnprogs-2.65/libdap/connection.cc:673:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "bind failed: %s", strerror(errno));
data/dnprogs-2.65/libdap/connection.cc:697:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "bind failed: %s", strerror(errno));
data/dnprogs-2.65/libdap/connection.cc:757:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "write failed: %s", connerror(strerror(errno)));
data/dnprogs-2.65/libdap/connection.cc:759:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "DAP write error: %s", strerror(errno));
data/dnprogs-2.65/libdap/connection.cc:897:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filespec, fname+n0);
data/dnprogs-2.65/libdap/connection.cc:951:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstring, "%s: %s", txt, strerror(errno));
data/dnprogs-2.65/libdap/logging.cc:59:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/dnprogs-2.65/libdap/logging.cc:79:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(outbuf, fmt, ap);
data/dnprogs-2.65/libdap/protocol.cc:122:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)value, newval);
data/dnprogs-2.65/libdap/protocol.cc:284:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)value, s);
data/dnprogs-2.65/libdap/protocol.cc:2085:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(y2kdate, dt);
data/dnprogs-2.65/libdap/protocol.cc:2113:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(y2kdate, yearstr);
data/dnprogs-2.65/libdap/protocol.cc:2114:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(y2kdate, dt+timepos+2);
data/dnprogs-2.65/libdap/protocol.cc:2283:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ownuid, "[%s,%s]",gr->gr_name, pw->pw_name);
data/dnprogs-2.65/libdnet/cuserid.c:23:7: [4] (misc) cuserid:
Exactly what cuserid() does is poorly defined (e.g., some systems use the
effective uid, like Linux, while others like System V use the real uid).
Thus, you can't trust what it does. It's certainly not portable (The
cuserid function was included in the 1988 version of POSIX, but removed
from the 1990 version). Also, if passed a non-null parameter, there's a
risk of a buffer overflow if the passed-in buffer is not at least L_cuserid
characters long (CWE-120). Use getpwuid(geteuid()) and extract the desired
information instead.
char *cuserid(char *string) {
data/dnprogs-2.65/libdnet/dnet_addr.c:50:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(nodeln,"%s%s%s%s\n",nodetag,nodeadr,nametag,nodename);
data/dnprogs-2.65/libdnet/dnet_conn.c:108:17: [4] (misc) cuserid:
Exactly what cuserid() does is poorly defined (e.g., some systems use the
effective uid, like Linux, while others like System V use the real uid).
Thus, you can't trust what it does. It's certainly not portable (The
cuserid function was included in the 1988 version of POSIX, but removed
from the 1990 version). Also, if passed a non-null parameter, there's a
risk of a buffer overflow if the passed-in buffer is not at least L_cuserid
characters long (CWE-120). Use getpwuid(geteuid()) and extract the desired
information instead.
char *tname = cuserid(NULL);
data/dnprogs-2.65/libdnet/dnet_conn.c:165:23: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
struct accessdata_dn access;
data/dnprogs-2.65/libdnet/dnet_conn.c:183:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
memset(&access, 0, sizeof(struct accessdata_dn));
data/dnprogs-2.65/libdnet/dnet_conn.c:185:31: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (parse_host(host, hname, &access) < 0)
data/dnprogs-2.65/libdnet/dnet_conn.c:232:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access.acc_accl || access.acc_passl || access.acc_userl) {
data/dnprogs-2.65/libdnet/dnet_conn.c:232:25: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access.acc_accl || access.acc_passl || access.acc_userl) {
data/dnprogs-2.65/libdnet/dnet_conn.c:232:45: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access.acc_accl || access.acc_passl || access.acc_userl) {
data/dnprogs-2.65/libdnet/dnet_conn.c:233:50: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (setsockopt(s, DNPROTO_NSP, DSO_CONACCESS, &access, sizeof(access)) < 0)
data/dnprogs-2.65/libdnet/dnet_conn.c:233:65: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (setsockopt(s, DNPROTO_NSP, DSO_CONACCESS, &access, sizeof(access)) < 0)
data/dnprogs-2.65/libdnet/dnet_getnode.c:64:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(line,"%s%s%s%s\n",nodetag,nodeadr,nametag,nodename) != 4) goto getloop;
data/dnprogs-2.65/libdnet/dnet_getnode.c:66:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gs->node, nodename);
data/dnprogs-2.65/libdnet/dnet_htoa.c:45:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(nodeln,"%s%s%s%s\n",nodetag,nodeadr,nametag,nodename);
data/dnprogs-2.65/libdnet/getexecdev.c:44:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(nodeln,"%s%s%s%s%s%s\n",nodetag,nodeadr,nametag,
data/dnprogs-2.65/libdnet/getnodeadd.c:44:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(nodeln,"%s%s%s%s\n",nodetag,nodeadr,nametag,nodename);
data/dnprogs-2.65/libdnet/getnodebyaddr.c:85:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(nodeln,"%s%s%s%s\n",nodetag,nodeadr,nametag,nodename);
data/dnprogs-2.65/libdnet/getnodebyname.c:58:37: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if ( (search_len = sscanf(nodetag, "search %s%s%s\n", search[0], search[0], search[3])) )
data/dnprogs-2.65/libdnet/getnodebyname.c:78:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nodename, "%s.%s", name, search[i]);
data/dnprogs-2.65/libdnet/getnodebyname.c:119:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(nodeln,"%s%s%s%s\n",nodetag,nodeadr,nametag,nodename);
data/dnprogs-2.65/libdnet/getnodename.c:42:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(nodeln,"%s%s%s%s\n",nodetag,nodeadr,nametag,nodename);
data/dnprogs-2.65/librms/open.cc:79:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(user, (char *)accessdata.acc_user);
data/dnprogs-2.65/librms/open.cc:80:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(password, (char *)accessdata.acc_pass);
data/dnprogs-2.65/librms/parse.cc:185:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value, charval);
data/dnprogs-2.65/librms/parse.cc:260:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rc->key, string);
data/dnprogs-2.65/librms/readwrite.cc:147:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "got unexpected DAP message: %s\n", m->type_name());
data/dnprogs-2.65/mail/configfile.c:56:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config_hostname, eq+1);
data/dnprogs-2.65/mail/configfile.c:58:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config_vmsmailuser, eq+1);
data/dnprogs-2.65/mail/configfile.c:60:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config_smtphost, eq+1);
data/dnprogs-2.65/mail/receive.c:149:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(remote_hostname, dnet_htoa(&sockaddr.sdn_add));
data/dnprogs-2.65/mail/receive.c:189:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(addressees, local_user);
data/dnprogs-2.65/mail/receive.c:398:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s '%s'" , SENDMAIL_COMMAND, addressees);
data/dnprogs-2.65/mail/receive.c:399:16: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
mailpipe = popen(buf, "w");
data/dnprogs-2.65/mail/receive.c:445:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(response, strerror(errno));
data/dnprogs-2.65/mail/sendvmsmail.c:74:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "Error sending to VMS system: %s\n", strerror(errno));
data/dnprogs-2.65/mail/sendvmsmail.c:106:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*subject, input_line+9+strspn(input_line+9, " "));
data/dnprogs-2.65/mail/sendvmsmail.c:114:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*from, "\"%s\"", input_line+6+strspn(input_line+6, " "));
data/dnprogs-2.65/mail/sendvmsmail.c:117:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*real_from, input_line+6+strspn(input_line+6, " "));
data/dnprogs-2.65/mail/sendvmsmail.c:125:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*from, "%s::\"%s\"", config_hostname,
data/dnprogs-2.65/mail/sendvmsmail.c:129:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*real_from, input_line+6+strspn(input_line+6, " "));
data/dnprogs-2.65/mail/sendvmsmail.c:154:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*to, ptr);
data/dnprogs-2.65/mail/sendvmsmail.c:185:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*to, ptr);
data/dnprogs-2.65/mail/sendvmsmail.c:227:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", SENDMAIL_COMMAND);
data/dnprogs-2.65/mail/sendvmsmail.c:228:16: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
mailpipe = popen(buf, "w");
data/dnprogs-2.65/mail/sendvmsmail.c:281:18: [4] (misc) cuserid:
Exactly what cuserid() does is poorly defined (e.g., some systems use the
effective uid, like Linux, while others like System V use the real uid).
Thus, you can't trust what it does. It's certainly not portable (The
cuserid function was included in the 1988 version of POSIX, but removed
from the 1990 version). Also, if passed a non-null parameter, there's a
risk of a buffer overflow if the passed-in buffer is not at least L_cuserid
characters long (CWE-120). Use getpwuid(geteuid()) and extract the desired
information instead.
local_user = cuserid(NULL);
data/dnprogs-2.65/mail/sendvmsmail.c:288:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)accessdata.acc_acc, local_user);
data/dnprogs-2.65/mail/sendvmsmail.c:336:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "Cannot connect to VMS system: %s\n", strerror(errno));
data/dnprogs-2.65/mail/uulib/fptools.c:97:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (result, string);
data/dnprogs-2.65/mail/uulib/uucheck.c:749:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (temp, "%s.%03d", nofname, ++nofnum);
data/dnprogs-2.65/mail/uulib/uucheck.c:782:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (temp, "%s.%03d", nofname, ++nofnum);
data/dnprogs-2.65/mail/uulib/uucheck.c:836:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (temp, "%s.%03d", nofname, ++nofnum);
data/dnprogs-2.65/mail/uulib/uucheck.c:1440:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (uucheck_tempname, "%s.%03d", nofname, ++nofnum);
data/dnprogs-2.65/mail/uulib/uuencode.c:798:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (oname, "%s", diskname);
data/dnprogs-2.65/mail/uulib/uuencode.c:809:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (oname, "%s%s", (uusavepath)?uusavepath:"", diskname);
data/dnprogs-2.65/mail/uulib/uuencode.c:823:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (oname, "%s%s",
data/dnprogs-2.65/mail/uulib/uuencode.c:901:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (optr, uuencodeext);
data/dnprogs-2.65/mail/uulib/uuencode.c:1046:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (subline, "%s (001/001) - [ %s ]", subject, oname);
data/dnprogs-2.65/mail/uulib/uuencode.c:1048:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (subline, "[ %s ] (001/001)", oname);
data/dnprogs-2.65/mail/uulib/uuencode.c:1174:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (mimeid, "UUDV-%ld.%ld.%s",
data/dnprogs-2.65/mail/uulib/uuencode.c:1187:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (subline, "%s (%03d/%03d) - [ %s ]",
data/dnprogs-2.65/mail/uulib/uuencode.c:1190:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (subline, "[ %s ] (%03d/%03d)",
data/dnprogs-2.65/mail/uulib/uulib.c:284:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (uulib_msgstring, "%s(%d): %s", file, line, msgnames[level]);
data/dnprogs-2.65/mail/uulib/uulib.c:288:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (uulib_msgstring, "%s", msgnames[level]);
data/dnprogs-2.65/mail/uulib/uulib.c:293:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf (msgptr, format, ap);
data/dnprogs-2.65/mail/uulib/uulib.c:893:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (uugen_fnbuffer, destname);
data/dnprogs-2.65/mail/uulib/uulib.c:895:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (uugen_fnbuffer, "%s%s",
data/dnprogs-2.65/mail/uulib/uunconc.c:648:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (uuncdl_fulline+leftover, s);
data/dnprogs-2.65/mail/uulib/uunconc.c:678:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (uuncdl_fulline+leftover, s);
data/dnprogs-2.65/mail/vmsmaild.c:112:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config_vmsmailuser, optarg);
data/dnprogs-2.65/multinet/multinet.c:493:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "/sbin/ifconfig %s hw ether AA:00:04:00:%02X:%02X allmulti mtu %d up\n",
data/dnprogs-2.65/multinet/multinet.c:495:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/dnprogs-2.65/multinet/multinet.c:502:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "/proc/sys/net/decnet/conf/%s/forwarding", ifr.ifr_name);
data/dnprogs-2.65/multinet/multinet.c:514:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "/proc/sys/net/decnet/conf/%s/priority", ifr.ifr_name);
data/dnprogs-2.65/multinet/multinet.c:526:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "/proc/sys/net/decnet/conf/%s/t3", ifr.ifr_name);
data/dnprogs-2.65/nml/nml.c:122:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, ifr.ifr_name);
data/dnprogs-2.65/nml/nml.c:158:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(buf, "%s %s %s %s %s %s %s %s %s ethernet %s\n",
data/dnprogs-2.65/nml/nml.c:212:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&buf[ptr], device);
data/dnprogs-2.65/nml/nml.c:262:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&buf[ptr], rn->n_name);
data/dnprogs-2.65/nml/nml.c:289:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ident, "%s V%s on %s", IDENT_STRING, un.release, un.machine);
data/dnprogs-2.65/nml/nml.c:296:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&buf[ptr], ident);
data/dnprogs-2.65/nml/nml.c:463:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(buf, "%s %s %s %s %s %s %s %s %s %s %s\n",
data/dnprogs-2.65/nml/nml.c:550:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newobj->name, bufp);
data/dnprogs-2.65/nml/nml.c:553:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpbuf, bufp);
data/dnprogs-2.65/nml/nml.c:566:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpbuf, bufp);
data/dnprogs-2.65/nml/nml.c:570:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newobj->user, bufp);
data/dnprogs-2.65/nml/nml.c:573:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newobj->daemon, bufp);
data/dnprogs-2.65/nml/nml.c:578:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newobj->daemon, bufp);
data/dnprogs-2.65/nml/nml.c:638:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&buf[ptr], obj->name);
data/dnprogs-2.65/nml/nml.c:651:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&buf[ptr], obj->daemon);
data/dnprogs-2.65/nml/nml.c:660:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&buf[ptr], obj->user);
data/dnprogs-2.65/nml/nml.c:706:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(inbuf, "%s %s %s %s %s %s %s %s %s %s %s\n",
data/dnprogs-2.65/phone/backend.c:67:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(local_name, "%s::%s", dnet_htoa(addr), getenv("LOGNAME"));
data/dnprogs-2.65/phone/backend.c:91:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(local_name, "%s", dnet_htoa(addr));
data/dnprogs-2.65/phone/backend.c:118:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sockaddr.sun_path, SOCKETNAME);
data/dnprogs-2.65/phone/backend.c:333:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf+1, get_local_name());
data/dnprogs-2.65/phone/backend.c:334:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf+strlen(outbuf)+1, fds[i].remote_name);
data/dnprogs-2.65/phone/backend.c:351:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf+1, get_local_name());
data/dnprogs-2.65/phone/backend.c:410:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msgbuf, "%s just hung up the phone.", remote_name);
data/dnprogs-2.65/phone/backend.c:428:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message, "\007%s is phoning you on %s:: (%s)", buf+1, get_local_node(), d);
data/dnprogs-2.65/phone/backend.c:542:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf+1, get_local_name());
data/dnprogs-2.65/phone/backend.c:578:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf+1, get_local_name());
data/dnprogs-2.65/phone/backend.c:594:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf+1, get_local_name());
data/dnprogs-2.65/phone/backend.c:612:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf+1, get_local_name());
data/dnprogs-2.65/phone/backend.c:642:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf+1, get_local_name());
data/dnprogs-2.65/phone/backend.c:690:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(node, np->n_name);
data/dnprogs-2.65/phone/backend.c:710:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Ringing %s... (Press any key to cancel call and continue.)", colons+2);
data/dnprogs-2.65/phone/backend.c:720:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(node, np2->n_name);
data/dnprogs-2.65/phone/backend.c:733:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg+1, get_local_name());
data/dnprogs-2.65/phone/backend.c:734:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg+strlen(msg)+1, newuser);
data/dnprogs-2.65/phone/backend.c:767:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dial_user, remuser);
data/dnprogs-2.65/phone/backend.c:895:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "Directory of %s::", node);
data/dnprogs-2.65/phone/backend.c:914:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%d person%s listed.", num_users, num_users==1?"":"s");
data/dnprogs-2.65/phone/gtkphonesig.c:255:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "dial %s::%s", nodename, username);
data/dnprogs-2.65/phone/gtkphonesig.c:273:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "dir %s", nodename);
data/dnprogs-2.65/phone/gtkphonesig.c:295:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "fac %s", file);
data/dnprogs-2.65/phone/gtkphonesrc.c:96:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (full_filename, directory);
data/dnprogs-2.65/phone/gtkphonesrc.c:97:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (full_filename, G_DIR_SEPARATOR_S);
data/dnprogs-2.65/phone/gtkphonesrc.c:98:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (full_filename, filename);
data/dnprogs-2.65/phone/gtkphonesrc.c:651:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(node, nodename);
data/dnprogs-2.65/phone/gtkphonesrc.c:763:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(node, nodename);
data/dnprogs-2.65/phone/phone_gtk.c:87:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(userinfo[0].name, get_local_name());
data/dnprogs-2.65/phone/phone_gtk.c:193:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(userinfo[num_users].name, name);
data/dnprogs-2.65/phone/phone_gtk.c:362:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(title, userinfo[win].name);
data/dnprogs-2.65/phone/phone_gtk.c:366:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title, "(YOU HAVE HELD) %s", userinfo[win].name);
data/dnprogs-2.65/phone/phone_gtk.c:368:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title, "%s (HAS YOU HELD)", userinfo[win].name);
data/dnprogs-2.65/phone/phone_ncurses.c:457:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(userinfo[num].name, name);
data/dnprogs-2.65/phone/phone_ncurses.c:516:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(userinfo[num_users].name, name);
data/dnprogs-2.65/phone/phone_server.c:74:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(local_name, "%s", dnet_htoa(addr));
data/dnprogs-2.65/phone/phone_server.c:157:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message, "\n\7%s is phoning you on %s:: (%s)\n",
data/dnprogs-2.65/phone/phone_server.c:160:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(devname, "/dev/%s", realut->ut_line);
data/dnprogs-2.65/phone/phone_server.c:300:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(devname, "/dev/%s", realut->ut_line);
data/dnprogs-2.65/phone/phone_server.c:307:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message, "%-15s %-12s %-12s %s", cmdline, realut->ut_user, realut->ut_line, avail);
data/dnprogs-2.65/phone/phone_server.c:438:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fdarray[entry].remote_user, &buf[1]);
data/dnprogs-2.65/phone/phone_server.c:439:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fdarray[entry].local_user, buf+strlen(buf)+1);
data/dnprogs-2.65/phone/phoned.c:273:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sockaddr.sun_path, SOCKETNAME);
data/dnprogs-2.65/apps/copynodes.c:67:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!local_user) local_user = getenv("USER");
data/dnprogs-2.65/apps/ctermd.c:399:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?vVdhl:")) != EOF)
data/dnprogs-2.65/apps/dnmount.c:229:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
local_user = getenv("LOGNAME");
data/dnprogs-2.65/apps/dnmount.c:230:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!local_user) local_user = getenv("USER");
data/dnprogs-2.65/apps/dnmount.c:386:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ( (opt=getopt(argc,argv,"?hu:g:")) != EOF)
data/dnprogs-2.65/apps/dnping.c:123:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
local_user = getenv("LOGNAME");
data/dnprogs-2.65/apps/dnping.c:134:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
local_user = getenv("USER");
data/dnprogs-2.65/apps/dnping.c:198:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "c:di:qs:u:p:w:vt")) != EOF)
data/dnprogs-2.65/apps/rmtermd.c:293:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?vVdhl:")) != EOF)
data/dnprogs-2.65/apps/sethost.c:526:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
local_user = getenv("LOGNAME");
data/dnprogs-2.65/apps/sethost.c:527:36: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!local_user) local_user = getenv("USER");
data/dnprogs-2.65/apps/sethost.c:1795:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?Vhdte:")) != EOF)
data/dnprogs-2.65/dapfs/dapfs_dap.cc:94:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
local_user = getenv("LOGNAME");
data/dnprogs-2.65/dapfs/dapfs_dap.cc:96:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!local_user) local_user = getenv("USER");
data/dnprogs-2.65/dncopy/dncopy.cc:86:42: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
get_env_as_args(&env_argv, env_argc, getenv("DNCOPY_OPTIONS"));
data/dnprogs-2.65/dncopy/dncopy.cc:455:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?Vvhdr:a:b:kislm:p:PDET:")) != EOF)
data/dnprogs-2.65/dncopy/unixfile.cc:204:5: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
realpath(printname, realname);
data/dnprogs-2.65/dncopy/unixfile.cc:217:5: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
realpath(tmpname, realname);
data/dnprogs-2.65/dndel/dndel.cc:237:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?hvViT:")) != EOF)
data/dnprogs-2.65/dndir/dndir.cc:148:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?hvVvcepndlostbw:f:T:")) != EOF)
data/dnprogs-2.65/dnetd/dnetd.c:177:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?vVhp:sdl:")) != EOF)
data/dnprogs-2.65/dnetd/task_server.c:107:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
taskdir = getenv("DNTASKDIR");
data/dnprogs-2.65/dnlogin/dnlogin.c:131:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "?Vhd:te:T:")) != EOF)
data/dnprogs-2.65/dnlogin/found.c:275:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
local_user = getenv("LOGNAME");
data/dnprogs-2.65/dnlogin/found.c:277:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!local_user) local_user = getenv("USER");
data/dnprogs-2.65/dnroute/get_neigh.c:1001:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?VvhrdDnt:2")) != EOF)
data/dnprogs-2.65/dnsubmit/dnsubmit.cc:145:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?hvVT:")) != EOF)
data/dnprogs-2.65/dntask/dntask.c:243:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?hVibt:T:")) != EOF)
data/dnprogs-2.65/dntask/dntask.c:443:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
local_user = getenv("LOGNAME");
data/dnprogs-2.65/dntask/dntask.c:444:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!local_user) local_user = getenv("USER");
data/dnprogs-2.65/fal/fal.cc:81:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?vVhdmtul:a:f:r:")) != EOF)
data/dnprogs-2.65/fal/fal.cc:151:6: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
realpath(optarg, p.auto_file);
data/dnprogs-2.65/fal/server.cc:70:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("FAL_CHILD_DEBUG")) sleep(100000);
data/dnprogs-2.65/fal/task.cc:214:5: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
realpath(unixname, fullname);
data/dnprogs-2.65/libdap/connection.cc:281:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
local_user = getenv("LOGNAME");
data/dnprogs-2.65/libdap/connection.cc:283:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!local_user) local_user = getenv("USER");
data/dnprogs-2.65/libdnet/cuserid.c:28:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
return getenv("USER");
data/dnprogs-2.65/libdnet/getobjectbyX.c:73:33: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (_dnet_objhinum_string = getenv(DNOBJ_HINUM_ENV)) == NULL )
data/dnprogs-2.65/libdnet/getobjectbyX.c:117:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (search_order = getenv(DNOBJ_SEARCH_ENV)) == NULL )
data/dnprogs-2.65/libdnet/getobjectbyX.c:151:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( (search_order = getenv(DNOBJ_SEARCH_ENV)) == NULL )
data/dnprogs-2.65/librms/open.cc:61:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("LIBRMS_VERBOSE"))
data/dnprogs-2.65/librms/open.cc:63:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
verbose = atoi(getenv("LIBRMS_VERBOSE"));
data/dnprogs-2.65/mail/sendvmsmail.c:283:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
local_user = getenv("LOGNAME");
data/dnprogs-2.65/mail/sendvmsmail.c:284:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!local_user) local_user = getenv("USER");
data/dnprogs-2.65/mail/uulib/acconfig.h:42:8: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
#undef tempnam
data/dnprogs-2.65/mail/uulib/fptools.c:511:22: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
return _FP_strdup (tmpnam (NULL));
data/dnprogs-2.65/mail/uulib/uunconc.c:1159:24: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
if ((data->binfile = tempnam (NULL, "uu")) == NULL) {
data/dnprogs-2.65/mail/uulib/uunconc.c:1321:17: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
if ((ntmp = tempnam (NULL, "uu")) == NULL) {
data/dnprogs-2.65/mail/vmsmaild.c:77:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?vVdhu:Ufl:")) != EOF)
data/dnprogs-2.65/multinet/multinet.c:601:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"vp:12m:P:t:H:D?h")) != EOF)
data/dnprogs-2.65/nml/main.c:63:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?vVdh")) != EOF)
data/dnprogs-2.65/phone/backend.c:67:49: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sprintf(local_name, "%s::%s", dnet_htoa(addr), getenv("LOGNAME"));
data/dnprogs-2.65/phone/main.c:44:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?Vhns:")) != EOF)
data/dnprogs-2.65/phone/phoned.c:90:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt=getopt(argc,argv,"?vu:Vhd")) != EOF)
data/dnprogs-2.65/apps/copynodes.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[BUFLEN];
data/dnprogs-2.65/apps/copynodes.c:39:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reply[BUFLEN];
data/dnprogs-2.65/apps/copynodes.c:111:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sockaddr.sdn_add.a_addr, np->n_addr,2);
data/dnprogs-2.65/apps/copynodes.c:150:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node, reply+7, namelen);
data/dnprogs-2.65/apps/cterm.h:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char terminal_type[6];
data/dnprogs-2.65/apps/ctermd.c:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/dnprogs-2.65/apps/ctermd.c:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cterm_unbind_msg[3] = {0x02,0x03,0x00};
data/dnprogs-2.65/apps/ctermd.c:137:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry.ut_line,p,strlen(p));
data/dnprogs-2.65/apps/ctermd.c:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4000];
data/dnprogs-2.65/apps/ctermd.c:202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lclbuf[1400];
data/dnprogs-2.65/apps/ctermd.c:207:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lclbuf[0],cterm_write_msg,9);
data/dnprogs-2.65/apps/ctermd.c:213:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lclbuf[9],buf,strlen(buf));
data/dnprogs-2.65/apps/ctermd.c:226:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/dnprogs-2.65/apps/ctermd.c:321:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (pty=open(line,O_RDWR)) > 0)
data/dnprogs-2.65/apps/ctermd.c:337:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (t=open(line,O_RDWR)) < 0)
data/dnprogs-2.65/apps/dnmount.c:56:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[MAX_NODE+1],dirname[250],
data/dnprogs-2.65/apps/dnmount.c:282:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[100];
data/dnprogs-2.65/apps/dnmount.c:283:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char confmsg[17] = {
data/dnprogs-2.65/apps/dnmount.c:324:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vms_mount_point[250];
data/dnprogs-2.65/apps/dnmount.c:329:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(vms_mount_point,"::");
data/dnprogs-2.65/apps/dnmount.c:341:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (MFD = open (MOUNTED "~", O_RDWR | O_CREAT | O_EXCL, 0600)) < 0)
data/dnprogs-2.65/apps/dnmount.c:396:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data.uid=atoi(optarg);
data/dnprogs-2.65/apps/dnmount.c:409:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data.gid=atoi(optarg);
data/dnprogs-2.65/apps/dnmount.c:429:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vms_directory,argv[optind],strlen((char *)argv[optind]));
data/dnprogs-2.65/apps/dnmount.c:429:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
memcpy(vms_directory,argv[optind],strlen((char *)argv[optind]));
data/dnprogs-2.65/apps/dnmount.c:431:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mount_point,argv[optind],strlen((char *)argv[optind]));
data/dnprogs-2.65/apps/dnmount.c:431:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
memcpy(mount_point,argv[optind],strlen((char *)argv[optind]));
data/dnprogs-2.65/apps/dnmount.c:463:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sockaddr.sdn_add.a_addr, dp->n_addr,2);
data/dnprogs-2.65/apps/dnmount.c:464:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data.sockaddr,&sockaddr,sizeof(sockaddr));
data/dnprogs-2.65/apps/dnmount.c:465:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data.accessdata,&accessdata,sizeof(accessdata));
data/dnprogs-2.65/apps/dnping.c:98:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(accessdata->acc_user, user, MIN(strlen(user),DN_MAXACCL));
data/dnprogs-2.65/apps/dnping.c:116:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(accessdata->acc_pass, password, MIN(strlen(password),DN_MAXACCL));
data/dnprogs-2.65/apps/dnping.c:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodename[20],
data/dnprogs-2.65/apps/dnping.c:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[DN_MAXACCL],password[DN_MAXACCL];
data/dnprogs-2.65/apps/dnping.c:203:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
npackets = atoi(optarg);
data/dnprogs-2.65/apps/dnping.c:218:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
interval = atoi(optarg);
data/dnprogs-2.65/apps/dnping.c:231:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
datalen = atoi(optarg) - MAX_DN_HDRSIZE;
data/dnprogs-2.65/apps/dnping.c:256:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout_sec = atoi(optarg);
data/dnprogs-2.65/apps/dnping.c:277:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
npackets=atoi(argv[argc-1]);
data/dnprogs-2.65/apps/dnping.c:351:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sockaddr.sdn_add.a_addr, np->n_addr,2);
data/dnprogs-2.65/apps/rmtermd.c:88:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry.ut_line,p,strlen(p));
data/dnprogs-2.65/apps/rmtermd.c:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4000];
data/dnprogs-2.65/apps/rmtermd.c:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/dnprogs-2.65/apps/rmtermd.c:218:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (pty=open(line,O_RDWR)) > 0)
data/dnprogs-2.65/apps/rmtermd.c:234:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (t=open(line,O_RDWR)) < 0)
data/dnprogs-2.65/apps/sethost.c:51:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char char_attr[256];
data/dnprogs-2.65/apps/sethost.c:53:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *nodename,inpbuf[132],buf[1600],
data/dnprogs-2.65/apps/sethost.c:67:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char term_tab[32];
data/dnprogs-2.65/apps/sethost.c:72:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char escbuf[32];
data/dnprogs-2.65/apps/sethost.c:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char escend [23] = {'A','B','C','D','M','P','Q','R','S',
data/dnprogs-2.65/apps/sethost.c:193:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readbuf[132];
data/dnprogs-2.65/apps/sethost.c:276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clrchar[3] = {0x08,0x20,0x08};
data/dnprogs-2.65/apps/sethost.c:321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[7] = {0x09,0x00,0x03,0x00,0x04,0x00,0x00};
data/dnprogs-2.65/apps/sethost.c:396:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[6] = {0x09,0x00,0x02,0x00,0x0E,0x01};
data/dnprogs-2.65/apps/sethost.c:421:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rsts_bind[3] = {0x01,0x03,0x00};
data/dnprogs-2.65/apps/sethost.c:422:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rsts_ctrl[8] = {0x02,0x08,0x00,0x01,0x09,0x01,0x00,0x00};
data/dnprogs-2.65/apps/sethost.c:424:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rsxm_bind[3] = {0x01,0x03,0x00};
data/dnprogs-2.65/apps/sethost.c:425:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rsxm_ctrl[8] = {0x02,0x08,0x00,0x01,0x04,0x02,0x00,0x00};
data/dnprogs-2.65/apps/sethost.c:505:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char initsq[31]={0x09,0x00,27,0x00,0x01,0x00,0x01,0x04,0x00,
data/dnprogs-2.65/apps/sethost.c:551:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sockaddr.sdn_add.a_addr, np->n_addr,2);
data/dnprogs-2.65/apps/sethost.c:685:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((ttyfd=open("/dev/tty",O_RDWR)) < 0)
data/dnprogs-2.65/apps/sethost.c:692:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&raw,&cooked,sizeof(struct termio));
data/dnprogs-2.65/apps/sethost.c:718:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/dnprogs-2.65/apps/sethost.c:766:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[84];
data/dnprogs-2.65/apps/sethost.c:807:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/dnprogs-2.65/apps/sethost.c:973:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[8] = {0x09,0x00,0x08,0x00,0x00,0x00,0x00,0x00};
data/dnprogs-2.65/apps/sethost.c:1056:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char outbuf[300];
data/dnprogs-2.65/apps/sethost.c:1224:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)p,log_char.terminal_type,6);
data/dnprogs-2.65/apps/sethost.c:1621:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[8] = {0x09,0x00,0x04,0x00,0x0D,0x00,0x00,0x00};
data/dnprogs-2.65/apps/startnet.c:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devname[5];
data/dnprogs-2.65/apps/startnet.c:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exec_addr[6];
data/dnprogs-2.65/apps/startnet.c:48:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dn_hiord_addr[6] = {0xAA,0x00,0x04,0x00,0x00,0x00};
data/dnprogs-2.65/apps/startnet.c:73:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&if_arg.devname,exec_dev,5);
data/dnprogs-2.65/apps/startnet.c:81:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&if_arg.exec_addr,dn_hiord_addr,6);
data/dnprogs-2.65/apps/startnet.c:92:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[256];
data/dnprogs-2.65/apps/startnet.c:216:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ifr->ifr_hwaddr.sa_data, if_arg.exec_addr, 6);
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetcat.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetcat.c:88:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char node[16] = {0};
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetcat.c:170:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
objnum = atoi(object+1);
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetcat.c:207:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char*)sockaddr.sdn_objname, "#%u", sockaddr.sdn_objnum);
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[8];
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char object[32];
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:54:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int objnum = atoi(number);
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:55:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[16];
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:82:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "::");
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char state[32], immed[32];
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[1024] = {0}, * outdir = out+57;
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char conid[8] = {0,0,0,0,0,0,0,0}, *lid, *rid;
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:166:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outdir, "LOC", 3);
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:176:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conid, lid, 4);
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:177:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conid+4, rid, 4);
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:218:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fh = fopen(file, "r")) == NULL ) {
data/dnprogs-2.65/contrib/ph3-der-loewe/node.c:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[2];
data/dnprogs-2.65/dapfs/dapfs.c:58:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mountdir[BUFLEN];
data/dnprogs-2.65/dapfs/dapfs.c:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[BUFLEN];
data/dnprogs-2.65/dapfs/dapfs.c:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vername[strlen(path)+3];
data/dnprogs-2.65/dapfs/dapfs.c:166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[strlen(path)+7];
data/dnprogs-2.65/dapfs/dapfs.c:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs.c:168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmsname[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs.c:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[BUFLEN];
data/dnprogs-2.65/dapfs/dapfs.c:205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs.c:206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmsname[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs.c:236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs.c:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmsname[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs.c:238:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[BUFLEN];
data/dnprogs-2.65/dapfs/dapfs.c:279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[BUFLEN];
data/dnprogs-2.65/dapfs/dapfs.c:308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs.c:309:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmsname[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs.c:331:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs.c:332:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmsname[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs.c:394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[RMS_BUF_SIZE];
data/dnprogs-2.65/dapfs/dapfs.c:569:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[BUFLEN];
data/dnprogs-2.65/dapfs/dapfs.c:628:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debuglevel = atoi(option);
data/dnprogs-2.65/dapfs/dapfs.c:708:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(prefix, "::");
data/dnprogs-2.65/dapfs/dapfs_dap.cc:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[256] = {'\0'};
data/dnprogs-2.65/dapfs/dapfs_dap.cc:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[BUFLEN], filespec[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:124:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sockaddr.sdn_objname, "DAPFS", 5);
data/dnprogs-2.65/dapfs/dapfs_dap.cc:126:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sockaddr.sdn_add.a_addr, np->n_addr,2);
data/dnprogs-2.65/dapfs/dapfs_dap.cc:212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmsname[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[80];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmsname[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wildname[strlen(path)+2];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[80];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:298:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(wildname, "/*.*");
data/dnprogs-2.65/dapfs/dapfs_dap.cc:318:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volname[256];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:331:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unixname[BUFLEN];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:405:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unixname[BUFLEN];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:421:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmsname[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:422:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[80];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:471:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmsfrom[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:472:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmsto[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:473:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[BUFLEN];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:481:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dirname, ".dir");
data/dnprogs-2.65/dapfs/dapfs_dap.cc:495:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setprot[BUFLEN];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:496:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[BUFLEN];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:507:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(vmsto, "DIR");
data/dnprogs-2.65/dapfs/dapfs_dap.cc:509:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(vmsto, ".DIR");
data/dnprogs-2.65/dapfs/dapfs_dap.cc:555:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[BUFLEN], filespec[VMSNAME_LEN];
data/dnprogs-2.65/dapfs/filenames.c:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[PATH_MAX];
data/dnprogs-2.65/dapfs/filenames.c:167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume[PATH_MAX];
data/dnprogs-2.65/dapfs/filenames.c:168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[PATH_MAX];
data/dnprogs-2.65/dapfs/filenames.c:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_MAX];
data/dnprogs-2.65/dapfs/filenames.c:263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[strlen(unixname)+1];
data/dnprogs-2.65/dapfs/kfifo.c:135:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fifo->buffer + (fifo->in & (fifo->size - 1)), buffer, l);
data/dnprogs-2.65/dapfs/kfifo.c:138:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fifo->buffer, buffer + l, len - l);
data/dnprogs-2.65/dapfs/kfifo.c:166:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, fifo->buffer + (fifo->out & (fifo->size - 1)), l);
data/dnprogs-2.65/dapfs/kfifo.c:169:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + l, fifo->buffer, len - l);
data/dnprogs-2.65/dncopy/dncopy.cc:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char protection[255]={'\0'};
data/dnprogs-2.65/dncopy/dncopy.cc:204:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (in->open("r"))
data/dnprogs-2.65/dncopy/dncopy.cc:212:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[80];
data/dnprogs-2.65/dncopy/dncopy.cc:234:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (out->open(in->get_basename(keep_version), "w+"))
data/dnprogs-2.65/dncopy/dncopy.cc:246:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (out->open("w+"))
data/dnprogs-2.65/dncopy/dncopy.cc:479:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
connect_timeout = atoi(optarg);
data/dnprogs-2.65/dncopy/dncopy.cc:541:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
user_bufsize = atoi(optarg);
data/dnprogs-2.65/dncopy/dnetfile.cc:116:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int dnetfile::open(const char *filename, const char *mode)
data/dnprogs-2.65/dncopy/dnetfile.cc:121:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open(mode);
data/dnprogs-2.65/dncopy/dnetfile.cc:125:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int dnetfile::open(const char *mode)
data/dnprogs-2.65/dncopy/dnetfile.cc:368:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pname[1024];
data/dnprogs-2.65/dncopy/dnetfile.cc:375:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (*password) strcat(pname, " password");
data/dnprogs-2.65/dncopy/dnetfile.cc:378:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(pname, "::");
data/dnprogs-2.65/dncopy/dnetfile.h:16:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual int open(const char *mode);
data/dnprogs-2.65/dncopy/dnetfile.h:17:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual int open(const char *basename, const char *mode);
data/dnprogs-2.65/dncopy/dnetfile.h:49:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstring[80];
data/dnprogs-2.65/dncopy/dnetfile.h:62:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[MAX_NAME+1]; // Full name as supplied by the user
data/dnprogs-2.65/dncopy/dnetfile.h:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[MAX_NODE+1];
data/dnprogs-2.65/dncopy/dnetfile.h:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[MAX_USER+1];
data/dnprogs-2.65/dncopy/dnetfile.h:65:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[MAX_PASSWORD+1];
data/dnprogs-2.65/dncopy/dnetfile.h:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME+1];
data/dnprogs-2.65/dncopy/dnetfile.h:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[MAX_BASENAME+1];
data/dnprogs-2.65/dncopy/dnetfile.h:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filname[80];
data/dnprogs-2.65/dncopy/dnetfile.h:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volname[80];
data/dnprogs-2.65/dncopy/dnetfile.h:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[80];
data/dnprogs-2.65/dncopy/dnetfile_dap.cc:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sentname[strlen(filname)+1];
data/dnprogs-2.65/dncopy/dnetfile_dap.cc:296:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rec, dm->get_dataptr(), len);
data/dnprogs-2.65/dncopy/file.h:21:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual int open(const char *mode) = 0;
data/dnprogs-2.65/dncopy/file.h:22:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual int open(const char *basename, const char *mode) = 0;
data/dnprogs-2.65/dncopy/unixfile.cc:31:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int unixfile::open(const char *mode)
data/dnprogs-2.65/dncopy/unixfile.cc:44:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(filename, mode);
data/dnprogs-2.65/dncopy/unixfile.cc:57:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int unixfile::open(const char *basename, const char *mode)
data/dnprogs-2.65/dncopy/unixfile.cc:63:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(printname, mode);
data/dnprogs-2.65/dncopy/unixfile.cc:202:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char realname[MAX_PATH];
data/dnprogs-2.65/dncopy/unixfile.cc:210:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char realname[MAX_PATH];
data/dnprogs-2.65/dncopy/unixfile.cc:211:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmpname[MAX_PATH];
data/dnprogs-2.65/dncopy/unixfile.h:11:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual int open(const char *mode);
data/dnprogs-2.65/dncopy/unixfile.h:12:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual int open(const char *basename, const char *mode);
data/dnprogs-2.65/dncopy/unixfile.h:30:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_PATH+1];
data/dnprogs-2.65/dncopy/unixfile.h:31:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char printname[MAX_PATH+1];
data/dnprogs-2.65/dndel/dndel.cc:142:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char volume[256];
data/dnprogs-2.65/dndel/dndel.cc:143:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dir[256];
data/dnprogs-2.65/dndel/dndel.cc:222:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/dnprogs-2.65/dndel/dndel.cc:252:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
connect_timeout = atoi(optarg);
data/dnprogs-2.65/dndel/dndel.cc:316:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[255];
data/dnprogs-2.65/dndir/dndir.cc:94:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[80],cdt[25],owner[20],prot[22];
data/dnprogs-2.65/dndir/dndir.cc:220:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
term_width=atoi(optarg);
data/dnprogs-2.65/dndir/dndir.cc:224:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
connect_timeout=atoi(optarg);
data/dnprogs-2.65/dndir/dndir.cc:228:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
filename_width=atoi(optarg);
data/dnprogs-2.65/dndir/dndir.cc:252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[256] = {'\0'};
data/dnprogs-2.65/dndir/dndir.cc:268:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dirname, "*.*;*");
data/dnprogs-2.65/dndir/dndir.cc:295:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volname[256];
data/dnprogs-2.65/dndir/dndir.cc:753:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prot[64];
data/dnprogs-2.65/dnetd/dnetd.c:56:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char binary_dir[PATH_MAX];
data/dnprogs-2.65/dnetd/dnetd.c:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAX_ARGS];
data/dnprogs-2.65/dnetd/dnetd.c:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PATH_MAX];
data/dnprogs-2.65/dnetd/dnetd.c:90:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
err = open("/dev/null", O_RDWR);
data/dnprogs-2.65/dnetd/dnetd.c:134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ibuf[4097];
data/dnprogs-2.65/dnetd/dnetd.c:171:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(binary_dir, "/sbin");
data/dnprogs-2.65/dnetd/task_server.c:52:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[200];
data/dnprogs-2.65/dnetd/task_server.c:53:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tryname[PATH_MAX];
data/dnprogs-2.65/dnetd/task_server.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tryname, "/usr/local/decnet/tasks/");
data/dnprogs-2.65/dnetd/task_server.c:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[2] = {name, NULL};
data/dnprogs-2.65/dnetd/task_server.c:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *env[2] = {NULL};
data/dnprogs-2.65/dnetd/task_server.c:171:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (pty=open(line,O_RDWR)) > 0)
data/dnprogs-2.65/dnetd/task_server.c:188:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (t=open(line,O_RDWR)) < 0)
data/dnprogs-2.65/dnetd/task_server.c:242:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/dnprogs-2.65/dnlogin/cterm.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char terminal_type[6];
data/dnprogs-2.65/dnlogin/cterm.c:125:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char char_attr[256];
data/dnprogs-2.65/dnlogin/cterm.c:266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newbuf[6];
data/dnprogs-2.65/dnlogin/cterm.c:367:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[256];
data/dnprogs-2.65/dnlogin/cterm.c:455:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&outbuf[outptr],log_char.terminal_type, 6);
data/dnprogs-2.65/dnlogin/cterm.c:671:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newbuf[4];
data/dnprogs-2.65/dnlogin/cterm.c:756:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newbuf[3];
data/dnprogs-2.65/dnlogin/cterm.c:788:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newbuf[len+9];
data/dnprogs-2.65/dnlogin/cterm.c:800:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newbuf+8, buf, len);
data/dnprogs-2.65/dnlogin/cterm.c:807:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newbuf[2];
data/dnprogs-2.65/dnlogin/dnlogin.c:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[1024];
data/dnprogs-2.65/dnlogin/dnlogin.c:153:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
connect_timeout = atoi(optarg);
data/dnprogs-2.65/dnlogin/dnlogin.c:157:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(optarg);
data/dnprogs-2.65/dnlogin/found.c:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[1024];
data/dnprogs-2.65/dnlogin/found.c:293:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sockaddr.sdn_add.a_addr, np->n_addr, 2);
data/dnprogs-2.65/dnlogin/tty.c:41:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char terminators[32];
data/dnprogs-2.65/dnlogin/tty.c:42:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char rahead_buf[128];
data/dnprogs-2.65/dnlogin/tty.c:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char input_buf[1024];
data/dnprogs-2.65/dnlogin/tty.c:47:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char prompt_buf[1024];
data/dnprogs-2.65/dnlogin/tty.c:50:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char esc_buf[132];
data/dnprogs-2.65/dnlogin/tty.c:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/dnprogs-2.65/dnlogin/tty.c:161:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, input_buf, input_len);
data/dnprogs-2.65/dnlogin/tty.c:330:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(terminators, buf, len);
data/dnprogs-2.65/dnlogin/tty.c:344:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prompt_buf, prompt, promptlen);
data/dnprogs-2.65/dnlogin/tty.c:354:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(input_buf, prompt+promptlen, len-promptlen);
data/dnprogs-2.65/dnlogin/tty.c:401:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
termfd = open(name, O_RDWR);
data/dnprogs-2.65/dnlogin/tty.c:455:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/dnprogs-2.65/dnlogin/tty.c:457:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "\r\033[%dC", hpos);
data/dnprogs-2.65/dnlogin/tty.c:580:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(input_buf+input_len, esc_buf, esc_len);
data/dnprogs-2.65/dnroute/dneigh.c:73:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hwa[20];
data/dnprogs-2.65/dnroute/dneigh.c:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/dnprogs-2.65/dnroute/dneigh.c:154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/dnprogs-2.65/dnroute/dneigh.c:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pid[8];
data/dnprogs-2.65/dnroute/dneigh.c:225:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fh = fopen(DNRP_FILE, "r")) != NULL ) {
data/dnprogs-2.65/dnroute/dneigh.c:228:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dnetinfo = atoi(pid);
data/dnprogs-2.65/dnroute/dneigh.c:248:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
} else fh = fopen(DNRS_FILE, "r");
data/dnprogs-2.65/dnroute/dneigh.c:260:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fh = fopen(file, "r")) == NULL ) {
data/dnprogs-2.65/dnroute/dnrtlink.c:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/dnprogs-2.65/dnroute/dnrtlink.c:211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/dnprogs-2.65/dnroute/dnrtlink.c:288:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(answer, h, h->nlmsg_len);
data/dnprogs-2.65/dnroute/dnrtlink.c:296:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(answer, h, h->nlmsg_len);
data/dnprogs-2.65/dnroute/dnrtlink.c:324:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/dnprogs-2.65/dnroute/dnrtlink.c:396:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/dnprogs-2.65/dnroute/get_neigh.c:75:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char cost[MAX_DEVICES];
data/dnprogs-2.65/dnroute/get_neigh.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[255];
data/dnprogs-2.65/dnroute/get_neigh.c:132:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(SYSCONF_PREFIX "/etc/dnroute.conf", "r");
data/dnprogs-2.65/dnroute/get_neigh.c:152:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cost[ifindex] = atoi(space+1);
data/dnprogs-2.65/dnroute/get_neigh.c:159:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int level = atoi(space+1);
data/dnprogs-2.65/dnroute/get_neigh.c:177:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
routing_multicast_timer = atoi(space+1);
data/dnprogs-2.65/dnroute/get_neigh.c:183:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int area = atoi(space+1);
data/dnprogs-2.65/dnroute/get_neigh.c:203:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dn_addr[2];
data/dnprogs-2.65/dnroute/get_neigh.c:345:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/dnprogs-2.65/dnroute/get_neigh.c:387:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/dnprogs-2.65/dnroute/get_neigh.c:393:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodename[32];
data/dnprogs-2.65/dnroute/get_neigh.c:781:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[32];
data/dnprogs-2.65/dnroute/get_neigh.c:867:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[32];
data/dnprogs-2.65/dnroute/get_neigh.c:1034:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
routing_multicast_timer = atoi(optarg);
data/dnprogs-2.65/dnroute/get_neigh.c:1071:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
devnull = open("/dev/null", O_RDWR);
data/dnprogs-2.65/dnroute/get_neigh.c:1146:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2048];
data/dnprogs-2.65/dnroute/hash.c:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[0];
data/dnprogs-2.65/dnroute/hash.c:72:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n->key, str, len);
data/dnprogs-2.65/dnroute/netlink/include/utils.h:27:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define SPRINT_BUF(x) char x[SPRINT_BSIZE]
data/dnprogs-2.65/dnroute/netlink/include/utils.h:49:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char a_addr[DN_MAXADDL];
data/dnprogs-2.65/dnroute/netlink/libnetlink.c:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/dnprogs-2.65/dnroute/netlink/libnetlink.c:217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/dnprogs-2.65/dnroute/netlink/libnetlink.c:293:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(answer, h, h->nlmsg_len);
data/dnprogs-2.65/dnroute/netlink/libnetlink.c:301:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(answer, h, h->nlmsg_len);
data/dnprogs-2.65/dnroute/netlink/libnetlink.c:329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/dnprogs-2.65/dnroute/netlink/libnetlink.c:401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/dnprogs-2.65/dnroute/netlink/libnetlink.c:460:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(rta), &data, 4);
data/dnprogs-2.65/dnroute/netlink/libnetlink.c:475:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(rta), data, alen);
data/dnprogs-2.65/dnroute/netlink/libnetlink.c:490:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(subrta), &data, 4);
data/dnprogs-2.65/dnroute/netlink/libnetlink.c:505:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(subrta), data, alen);
data/dnprogs-2.65/dnroute/netlink/ll_map.c:32:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char addr[8];
data/dnprogs-2.65/dnroute/netlink/ll_map.c:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/dnprogs-2.65/dnroute/netlink/ll_map.c:79:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(im->addr, RTA_DATA(tb[IFLA_ADDRESS]), alen);
data/dnprogs-2.65/dnroute/netlink/ll_map.c:104:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nbuf[16];
data/dnprogs-2.65/dnroute/netlink/ll_map.c:136:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ncache[16];
data/dnprogs-2.65/dnroute/pidfile.c:14:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/dnprogs-2.65/dnroute/pidfile.c:18:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd = open(pidFile, O_WRONLY | O_CREAT,
data/dnprogs-2.65/dnroute/routing_msg.c:43:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[64];
data/dnprogs-2.65/dnroute/routing_msg.c:55:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "if%d", ifindex);
data/dnprogs-2.65/dnroute/routing_msg.c:65:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[64];
data/dnprogs-2.65/dnroute/routing_msg.c:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[32];
data/dnprogs-2.65/dnroute/routing_msg.c:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[32];
data/dnprogs-2.65/dnroute/send_route.c:60:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char packet[1600];
data/dnprogs-2.65/dnsubmit/dnsubmit.cc:162:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
connect_timeout = atoi(optarg);
data/dnprogs-2.65/dnsubmit/dnsubmit.cc:182:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[256] = {'\0'};
data/dnprogs-2.65/dntask/dntask.c:32:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char node[20];
data/dnprogs-2.65/dntask/dntask.c:40:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char filename[128];
data/dnprogs-2.65/dntask/dntask.c:41:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[32760];
data/dnprogs-2.65/dntask/dntask.c:187:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(filename, "TASK");
data/dnprogs-2.65/dntask/dntask.c:210:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sockaddr.sdn_objname, filename, strlen(filename));
data/dnprogs-2.65/dntask/dntask.c:212:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sockaddr.sdn_add.a_addr, np->n_addr,2);
data/dnprogs-2.65/dntask/dntask.c:260:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(optarg);
data/dnprogs-2.65/dntask/dntask.c:264:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
connect_timeout = atoi(optarg);
data/dnprogs-2.65/fal/directory.cc:72:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume[PATH_MAX];
data/dnprogs-2.65/fal/directory.cc:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[PATH_MAX];
data/dnprogs-2.65/fal/directory.cc:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filespec[PATH_MAX];
data/dnprogs-2.65/fal/directory.cc:98:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(filespec, "[]*.*");
data/dnprogs-2.65/fal/directory.cc:152:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(filespec, "/*");
data/dnprogs-2.65/fal/directory.cc:173:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_path[PATH_MAX] = {'\0'};
data/dnprogs-2.65/fal/directory.cc:183:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir_path[PATH_MAX];
data/dnprogs-2.65/fal/directory.cc:190:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filespec[PATH_MAX];
data/dnprogs-2.65/fal/directory.cc:257:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmsname[PATH_MAX];
data/dnprogs-2.65/fal/directory.cc:294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char publicname[PATH_MAX];
data/dnprogs-2.65/fal/erase.cc:66:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unixname[PATH_MAX];
data/dnprogs-2.65/fal/fal.cc:207:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(LOCAL_AUTO_FILE, "r");
data/dnprogs-2.65/fal/fal.cc:210:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[132];
data/dnprogs-2.65/fal/open.cc:88:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume[PATH_MAX];
data/dnprogs-2.65/fal/open.cc:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[PATH_MAX];
data/dnprogs-2.65/fal/open.cc:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filespec[PATH_MAX];
data/dnprogs-2.65/fal/open.cc:139:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(gl.gl_pathv[glob_entry], write_access?"r+":"r");
data/dnprogs-2.65/fal/open.cc:293:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(gl.gl_pathv[glob_entry], write_access?"w":"r");
data/dnprogs-2.65/fal/open.cc:582:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, record_lengths, sizeof(unsigned short)*current_record);
data/dnprogs-2.65/fal/open.cc:605:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[strlen(gl.gl_pathv[glob_entry])+strlen(PRINT_COMMAND)+2];
data/dnprogs-2.65/fal/open.cc:673:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unixname[PATH_MAX];
data/dnprogs-2.65/fal/open.cc:692:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(unixname, O_CREAT | O_RDWR, protect_msg->get_mode());
data/dnprogs-2.65/fal/open.cc:699:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(unixname, O_CREAT | O_RDWR, 0666 & ~mask);
data/dnprogs-2.65/fal/params.h:9:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char auto_file[PATH_MAX];
data/dnprogs-2.65/fal/params.h:10:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vroot[PATH_MAX];
data/dnprogs-2.65/fal/rename.cc:81:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[PATH_MAX];
data/dnprogs-2.65/fal/rename.cc:144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmsname[PATH_MAX];
data/dnprogs-2.65/fal/rename.h:10:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldname[PATH_MAX];
data/dnprogs-2.65/fal/server.cc:310:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char num[32];
data/dnprogs-2.65/fal/server.cc:333:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(num, "UNKNOWN: %d", number);
data/dnprogs-2.65/fal/submit.cc:71:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unixname[PATH_MAX];
data/dnprogs-2.65/fal/submit.cc:129:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[PATH_MAX + strlen(SUBMIT_COMMAND)+1];
data/dnprogs-2.65/fal/task.cc:172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unixname[PATH_MAX];
data/dnprogs-2.65/fal/task.cc:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmsname[PATH_MAX];
data/dnprogs-2.65/fal/task.cc:208:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[PATH_MAX];
data/dnprogs-2.65/fal/task.cc:235:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fullname, "DIR;1"); // last dot has already been added
data/dnprogs-2.65/fal/task.cc:240:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fullname, ";1");
data/dnprogs-2.65/fal/task.cc:290:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(vmsname, ":[");
data/dnprogs-2.65/fal/task.cc:303:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(vmsname, ":[");
data/dnprogs-2.65/fal/task.cc:370:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume[PATH_MAX];
data/dnprogs-2.65/fal/task.cc:371:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[PATH_MAX];
data/dnprogs-2.65/fal/task.cc:372:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_MAX];
data/dnprogs-2.65/fal/task.cc:475:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[strlen(unixname)+1];
data/dnprogs-2.65/fal/task.cc:598:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vmsname[PATH_MAX];
data/dnprogs-2.65/fal/task.cc:674:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[132]; // Arbitrary amounts R us
data/dnprogs-2.65/fal/task.cc:677:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(name, "r");
data/dnprogs-2.65/fal/task.cc:777:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
auto_file_fd = open(params.auto_file, O_RDONLY);
data/dnprogs-2.65/fal/task.cc:811:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extension[40];
data/dnprogs-2.65/fal/task.cc:837:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[40];
data/dnprogs-2.65/fal/task.cc:846:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
block_size = atoi(num);
data/dnprogs-2.65/fal/task.cc:899:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(adfname, ".$ADF$");
data/dnprogs-2.65/fal/task.cc:902:32: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (!strchr(adfname, ';')) strcat(adfname, ";1");
data/dnprogs-2.65/fal/task.cc:955:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char metafile[PATH_MAX];
data/dnprogs-2.65/fal/task.cc:962:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *mf = fopen(metafile, "r");
data/dnprogs-2.65/fal/task.cc:1033:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char metafile[PATH_MAX];
data/dnprogs-2.65/fal/task.cc:1038:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *mf = fopen(metafile, "w+");
data/dnprogs-2.65/fal/task.cc:1087:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adfname[PATH_MAX];
data/dnprogs-2.65/fal/task.cc:1094:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
adf = fopen(adfname, "r");
data/dnprogs-2.65/fal/task.cc:1136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char old_metafile[PATH_MAX];
data/dnprogs-2.65/fal/task.cc:1137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_metafile[PATH_MAX];
data/dnprogs-2.65/fal/task.cc:1156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char metafile[PATH_MAX];
data/dnprogs-2.65/fal/task.h:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[40];
data/dnprogs-2.65/fal/task.h:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown1[6];
data/dnprogs-2.65/fal/task.h:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown2[4];
data/dnprogs-2.65/fal/task.h:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown3[10];
data/dnprogs-2.65/include/kernel/netdnet/dn.h:75:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char a_addr[DN_MAXADDL];
data/dnprogs-2.65/include/kernel/netdnet/dn.h:84:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sdn_objname[DN_MAXOBJL];
data/dnprogs-2.65/include/kernel/netdnet/dn.h:99:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char opt_data[16]; /* User data */
data/dnprogs-2.65/include/kernel/netdnet/dn.h:105:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char acc_acc[DN_MAXACCL];
data/dnprogs-2.65/include/kernel/netdnet/dn.h:107:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char acc_pass[DN_MAXACCL];
data/dnprogs-2.65/include/kernel/netdnet/dn.h:109:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char acc_user[DN_MAXACCL];
data/dnprogs-2.65/include/kernel/netdnet/dn.h:124:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dne_addr[6]; /* Full ethernet address */
data/dnprogs-2.65/include/kernel/netdnet/dn.h:126:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dne_hiord[4]; /* DECnet HIORD prefix */
data/dnprogs-2.65/include/kernel/netdnet/dn.h:127:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dne_nodeaddr[2]; /* DECnet node address */
data/dnprogs-2.65/include/netdnet/dn.h:75:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char a_addr[DN_MAXADDL];
data/dnprogs-2.65/include/netdnet/dn.h:84:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sdn_objname[DN_MAXOBJL];
data/dnprogs-2.65/include/netdnet/dn.h:99:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char opt_data[16]; /* User data */
data/dnprogs-2.65/include/netdnet/dn.h:105:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char acc_acc[DN_MAXACCL];
data/dnprogs-2.65/include/netdnet/dn.h:107:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char acc_pass[DN_MAXACCL];
data/dnprogs-2.65/include/netdnet/dn.h:109:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char acc_user[DN_MAXACCL];
data/dnprogs-2.65/include/netdnet/dn.h:124:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dne_addr[6]; /* Full ethernet address */
data/dnprogs-2.65/include/netdnet/dn.h:126:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dne_hiord[4]; /* DECnet HIORD prefix */
data/dnprogs-2.65/include/netdnet/dn.h:127:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dne_nodeaddr[2]; /* DECnet node address */
data/dnprogs-2.65/include/netdnet/dnetdb.h:19:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char n_reserved[16]; /* reserved */
data/dnprogs-2.65/libdaemon/dnet_daemon.c:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[NODE_LENGTH];
data/dnprogs-2.65/libdaemon/dnet_daemon.c:65:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remuser[USERNAME_LENGTH];
data/dnprogs-2.65/libdaemon/dnet_daemon.c:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localuser[USERNAME_LENGTH];
data/dnprogs-2.65/libdaemon/dnet_daemon.c:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[USERNAME_LENGTH]; // Object name
data/dnprogs-2.65/libdaemon/dnet_daemon.c:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[USERNAME_LENGTH]; // User to use if proxies not used
data/dnprogs-2.65/libdaemon/dnet_daemon.c:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char daemon[PATH_MAX]; // Name of daemon
data/dnprogs-2.65/libdaemon/dnet_daemon.c:94:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char errstring[1024];
data/dnprogs-2.65/libdaemon/dnet_daemon.c:133:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/dnprogs-2.65/libdaemon/dnet_daemon.c:138:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(proxy_filename, "r");
data/dnprogs-2.65/libdaemon/dnet_daemon.c:369:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[USERNAME_LENGTH];
data/dnprogs-2.65/libdaemon/dnet_daemon.c:370:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[USERNAME_LENGTH];
data/dnprogs-2.65/libdaemon/dnet_daemon.c:371:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remote_user[USERNAME_LENGTH];
data/dnprogs-2.65/libdaemon/dnet_daemon.c:372:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodename[NODE_LENGTH];
data/dnprogs-2.65/libdaemon/dnet_daemon.c:433:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(username, accessdata.acc_user, accessdata.acc_userl);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:436:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(password, accessdata.acc_pass, accessdata.acc_passl);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:439:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(remote_user, sockaddr.sdn_objname, dn_ntohs(sockaddr.sdn_objnamel));
data/dnprogs-2.65/libdaemon/dnet_daemon.c:442:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(remote_user, accessdata.acc_acc, accessdata.acc_accl);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:634:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/dnprogs-2.65/libdaemon/dnet_daemon.c:638:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(dnetd_filename, "r");
data/dnprogs-2.65/libdaemon/dnet_daemon.c:650:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[1024];
data/dnprogs-2.65/libdaemon/dnet_daemon.c:696:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newobj->number = atoi(tmpbuf);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:1057:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (len && data) memcpy(optdata.opt_data, data, len);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:1075:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (data && len) memcpy(optdata.opt_data, data, len);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:1098:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (len && data) memcpy(optdata.opt_data, data, len);
data/dnprogs-2.65/libdaemon/dnet_priv_check.c:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN];
data/dnprogs-2.65/libdaemon/dnet_priv_check.c:39:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodeaddr[12];
data/dnprogs-2.65/libdaemon/dnet_priv_check.c:48:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fh = fopen(file, "r")) == NULL )
data/dnprogs-2.65/libdaemon/dnet_priv_check.c:86:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( atoi(c) == local->sdn_objnum )
data/dnprogs-2.65/libdaemon/dnetlog.c:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[4096];
data/dnprogs-2.65/libdaemon/dnetlog.c:71:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fd) fd = open("/dev/mono", O_WRONLY);
data/dnprogs-2.65/libdaemon/dnetlog.c:72:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fd) fd = open("/dev/tty13", O_WRONLY);
data/dnprogs-2.65/libdaemon/dnetlog.c:75:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf, "[%d] ", getpid());
data/dnprogs-2.65/libdap/connection.cc:163:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(errstring, "connect: object name too long");
data/dnprogs-2.65/libdap/connection.cc:167:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sockaddr.sdn_objname, object, strlen(object));
data/dnprogs-2.65/libdap/connection.cc:194:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[MAX_NODE+1];
data/dnprogs-2.65/libdap/connection.cc:214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[MAX_NODE+1];
data/dnprogs-2.65/libdap/connection.cc:225:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(errstring, "connect: object name too long");
data/dnprogs-2.65/libdap/connection.cc:229:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sockaddr.sdn_objname, object, strlen(object));
data/dnprogs-2.65/libdap/connection.cc:250:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(errstring, "Unknown node name");
data/dnprogs-2.65/libdap/connection.cc:262:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(errstring, "Password input cancelled");
data/dnprogs-2.65/libdap/connection.cc:269:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(accessdata.acc_user, user, strlen(user));
data/dnprogs-2.65/libdap/connection.cc:270:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(accessdata.acc_pass, password, strlen(password));
data/dnprogs-2.65/libdap/connection.cc:405:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&outbuf[last_msg_start+2], &len, sizeof(unsigned short));
data/dnprogs-2.65/libdap/connection.cc:518:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&outbuf[outbufptr], bytes, num);
data/dnprogs-2.65/libdap/connection.cc:662:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(errstring, "bind: object name too long");
data/dnprogs-2.65/libdap/connection.cc:666:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bind_sockaddr.sdn_objname, object, strlen(object));
data/dnprogs-2.65/libdap/connection.cc:932:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crcbuf[2] = {crc&0xff, crc>>8};
data/dnprogs-2.65/libdap/connection.h:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstring[256];
data/dnprogs-2.65/libdap/logging.cc:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[4096];
data/dnprogs-2.65/libdap/logging.cc:71:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fd) fd = open("/dev/mono", O_WRONLY);
data/dnprogs-2.65/libdap/logging.cc:72:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fd) fd = open("/dev/tty13", O_WRONLY);
data/dnprogs-2.65/libdap/logging.cc:75:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf, "[%d] ", getpid());
data/dnprogs-2.65/libdap/protocol.cc:54:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, b, length);
data/dnprogs-2.65/libdap/protocol.cc:128:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)value, newval, len);
data/dnprogs-2.65/libdap/protocol.cc:228:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, b, real_length);
data/dnprogs-2.65/libdap/protocol.cc:291:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)value, newval, len);
data/dnprogs-2.65/libdap/protocol.cc:521:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[32];
data/dnprogs-2.65/libdap/protocol.cc:558:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "UNKNOWN (%d)", msg_type);
data/dnprogs-2.65/libdap/protocol.cc:1244:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, data, length);
data/dnprogs-2.65/libdap/protocol.cc:1251:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, d, len);
data/dnprogs-2.65/libdap/protocol.cc:2033:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char d[25];
data/dnprogs-2.65/libdap/protocol.cc:2050:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char month[5];
data/dnprogs-2.65/libdap/protocol.cc:2081:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char y2kdate[25];
data/dnprogs-2.65/libdap/protocol.cc:2110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yearstr[5];
data/dnprogs-2.65/libdap/protocol.cc:2111:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(yearstr, "%04d", year);
data/dnprogs-2.65/libdap/protocol.cc:2223:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char protstring[60];
data/dnprogs-2.65/libdap/protocol.cc:2282:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ownuid[32];
data/dnprogs-2.65/libdap/protocol.cc:2290:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ownuid[32];
data/dnprogs-2.65/libdap/protocol.cc:2291:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ownuid, "[%o,%o]", g,o);
data/dnprogs-2.65/libdnet/dnet_addr.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nodetag[80],nametag[80],nodeadr[80],nodename[80];
data/dnprogs-2.65/libdnet/dnet_addr.c:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodeln[80];
data/dnprogs-2.65/libdnet/dnet_addr.c:42:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dnhosts = fopen(SYSCONF_PREFIX "/etc/decnet.conf","r")) == NULL)
data/dnprogs-2.65/libdnet/dnet_conn.c:123:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char*)sdn->sdn_objname, "%d", uid);
data/dnprogs-2.65/libdnet/dnet_conn.c:134:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sdn->sdn_objnum = atoi(name + 1);
data/dnprogs-2.65/libdnet/dnet_conn.c:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hname[DN_MAXNODEL + 1];
data/dnprogs-2.65/libdnet/dnet_conn.c:198:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saddr.sdn_nodeaddr, ne->n_addr, 2);
data/dnprogs-2.65/libdnet/dnet_conn.c:223:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sa_bind.sdn_add, dna, sizeof(*dna));
data/dnprogs-2.65/libdnet/dnet_getnode.c:27:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nodetag[80],nametag[80],nodeadr[80],nodename[80];
data/dnprogs-2.65/libdnet/dnet_getnode.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char asc_addr[6];
data/dnprogs-2.65/libdnet/dnet_getnode.c:33:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[32];
data/dnprogs-2.65/libdnet/dnet_getnode.c:42:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((gs->fp = fopen(SYSCONF_PREFIX "/etc/decnet.conf","r")) == NULL)
data/dnprogs-2.65/libdnet/dnet_getnode.c:54:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/dnprogs-2.65/libdnet/dnet_htoa.c:27:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nodetag[80],nametag[80],nodeadr[80],nodename[80];
data/dnprogs-2.65/libdnet/dnet_htoa.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char asc_addr[6];
data/dnprogs-2.65/libdnet/dnet_htoa.c:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodeln[80];
data/dnprogs-2.65/libdnet/dnet_htoa.c:35:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(asc_addr,"%d.%d",(addr->a_addr[1] >> 2),
data/dnprogs-2.65/libdnet/dnet_htoa.c:38:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dnhosts = fopen(SYSCONF_PREFIX "/etc/decnet.conf","r")) == NULL)
data/dnprogs-2.65/libdnet/dnet_ntoa.c:27:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char asc_addr[6];
data/dnprogs-2.65/libdnet/dnet_ntoa.c:31:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(asc_addr,"%d.%d",(addr->a_addr[1] >> 2),
data/dnprogs-2.65/libdnet/dnet_ntop.c:56:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr1, dna->a_addr, sizeof(u_int16_t));
data/dnprogs-2.65/libdnet/dnet_pton.c:63:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dna->a_addr, &addr, sizeof (u_int16_t));
data/dnprogs-2.65/libdnet/getexecdev.c:28:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nodetag[80],nametag[80],nodeadr[80],nodename[80];
data/dnprogs-2.65/libdnet/getexecdev.c:29:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linetag[80],devicename[80];
data/dnprogs-2.65/libdnet/getexecdev.c:34:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodeln[80];
data/dnprogs-2.65/libdnet/getexecdev.c:36:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dnhosts = fopen(SYSCONF_PREFIX "/etc/decnet.conf","r")) == NULL)
data/dnprogs-2.65/libdnet/getnodeadd.c:27:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nodetag[80],nametag[80],nodeadr[80],nodename[80];
data/dnprogs-2.65/libdnet/getnodeadd.c:34:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodeln[80];
data/dnprogs-2.65/libdnet/getnodeadd.c:37:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dnhosts = fopen(SYSCONF_PREFIX "/etc/decnet.conf","r")) == NULL)
data/dnprogs-2.65/libdnet/getnodeadd.c:60:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ldnaddr,naddr,sizeof(struct dn_naddr));
data/dnprogs-2.65/libdnet/getnodebyaddr.c:37:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nodetag[80],nametag[80],nodeadr[80],nodename[80];
data/dnprogs-2.65/libdnet/getnodebyaddr.c:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char asc_addr[6];
data/dnprogs-2.65/libdnet/getnodebyaddr.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char laddr[2];
data/dnprogs-2.65/libdnet/getnodebyaddr.c:46:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)laddr, (void*)inaddr, 2);
data/dnprogs-2.65/libdnet/getnodebyaddr.c:52:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)&ea.ether_addr_octet[4], (void*)laddr, 2);
data/dnprogs-2.65/libdnet/getnodebyaddr.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodeln[80];
data/dnprogs-2.65/libdnet/getnodebyaddr.c:74:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (asc_addr,"%d.%d",((unsigned char)*(addr+1) >> 2),
data/dnprogs-2.65/libdnet/getnodebyaddr.c:78:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dnhosts = fopen(SYSCONF_PREFIX "/etc/decnet.conf","r")) == NULL)
data/dnprogs-2.65/libdnet/getnodebyaddr.c:99:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(laddr,addr,len);
data/dnprogs-2.65/libdnet/getnodebyname.c:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nodetag[80],nametag[80],nodeadr[80],nodename[80];
data/dnprogs-2.65/libdnet/getnodebyname.c:45:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char search[3][32] = {{0}, {0}, {0}};
data/dnprogs-2.65/libdnet/getnodebyname.c:55:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (conf = fopen(RESOLV_CONF, "r")) != NULL ) {
data/dnprogs-2.65/libdnet/getnodebyname.c:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodeln[80];
data/dnprogs-2.65/libdnet/getnodebyname.c:112:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dnhosts = fopen(SYSCONF_PREFIX "/etc/decnet.conf","r")) == NULL)
data/dnprogs-2.65/libdnet/getnodename.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nodetag[80],nametag[80],nodeadr[80],nodename[80];
data/dnprogs-2.65/libdnet/getnodename.c:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodeln[80];
data/dnprogs-2.65/libdnet/getnodename.c:35:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dnhosts = fopen(SYSCONF_PREFIX "/etc/decnet.conf","r")) == NULL)
data/dnprogs-2.65/libdnet/getobjectbyX.c:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proto[16];
data/dnprogs-2.65/libdnet/getobjectbyX.c:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proto[16];
data/dnprogs-2.65/libdnet/getobjectbyX.c:211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024], cname[16], rest[1024];
data/dnprogs-2.65/libdnet/getobjectbyX.c:215:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (dnd = fopen(DNETD_FILE, "r")) == NULL ) {
data/dnprogs-2.65/libdnet/getobjectbyX.c:239:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cname[16]; // this is not thread safe
data/dnprogs-2.65/libdnet/getobjectbyX.c:240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024], rest[1024];
data/dnprogs-2.65/libdnet/getobjectbyX.c:244:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (dnd = fopen(DNETD_FILE, "r")) == NULL ) {
data/dnprogs-2.65/libdnet/setnodename.c:33:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* procfile = fopen("/proc/sys/net/decnet/nodename", "w");
data/dnprogs-2.65/librms/example.c:22:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[10240];
data/dnprogs-2.65/librms/example.c:45:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b+8, "????", 4);
data/dnprogs-2.65/librms/open.cc:55:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[256];
data/dnprogs-2.65/librms/open.cc:56:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[256];
data/dnprogs-2.65/librms/open.cc:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[256];
data/dnprogs-2.65/librms/open.cc:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[256];
data/dnprogs-2.65/librms/open.cc:63:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
verbose = atoi(getenv("LIBRMS_VERBOSE"));
data/dnprogs-2.65/librms/parse.cc:174:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(value, "%d", intval);
data/dnprogs-2.65/librms/parse.cc:181:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, charval, len);
data/dnprogs-2.65/librms/parse.cc:209:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[4]; // All option names are 3 letters
data/dnprogs-2.65/librms/parse.cc:210:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[256]; // All values are shorter than 256 bytes
data/dnprogs-2.65/librms/parse.cc:256:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rc->key, string, rab->rab$b_ksz);
data/dnprogs-2.65/librms/parse.cc:281:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*(char *)ptr = atoi(string);
data/dnprogs-2.65/librms/parse.cc:284:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*(short *)ptr = atoi(string);
data/dnprogs-2.65/librms/parse.cc:287:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*(int *)ptr = atoi(string);
data/dnprogs-2.65/librms/readwrite.cc:70:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, rc->record, rc->dlen);
data/dnprogs-2.65/librms/readwrite.cc:146:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char err[1024];
data/dnprogs-2.65/librms/rmsp.h:34:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[256];
data/dnprogs-2.65/librms/t_example.c:21:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[10240];
data/dnprogs-2.65/librms/t_example.c:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[256];
data/dnprogs-2.65/librms/t_example.c:28:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key, "\0\0\0CHRISSIE\0", keylen);
data/dnprogs-2.65/librms/t_example.c:41:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b+8, "PATWHO?", 7);
data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c:389:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char c[4]; unsigned int l; } vaxpart;
data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c:500:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char c[4]; unsigned int l; } vaxpart;
data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c:609:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char c[4]; unsigned int l; } vaxpart;
data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c:745:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char c[4]; unsigned int l; } vaxpart;
data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c:998:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char c[4]; unsigned int l; } vaxpart;
data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c:1101:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char c[4]; unsigned int l; } vaxpart;
data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c:1233:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char c[4]; unsigned int l; } vaxpart;
data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c:1364:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char c[4]; unsigned int l; } vaxpart;
data/dnprogs-2.65/libvaxdata/src/is_little_endian.c:58:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[sizeof( unsigned int)];
data/dnprogs-2.65/libvaxdata/src/test.c:289:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( vax_copy, vax_d8, sizeof( vax_d8 ) );
data/dnprogs-2.65/mail/configfile.c:19:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_hostname[1024];
data/dnprogs-2.65/mail/configfile.c:20:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_vmsmailuser[1024];
data/dnprogs-2.65/mail/configfile.c:21:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_smtphost[1024];
data/dnprogs-2.65/mail/configfile.c:31:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cfgline[1024];
data/dnprogs-2.65/mail/configfile.c:34:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(config_vmsmailuser, "vmsmail");
data/dnprogs-2.65/mail/configfile.c:38:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cf = fopen(SYSCONF_PREFIX "/etc/vmsmail.conf", "r");
data/dnprogs-2.65/mail/configfile.h:8:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char config_hostname[1024];
data/dnprogs-2.65/mail/configfile.h:9:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char config_vmsmailuser[1024];
data/dnprogs-2.65/mail/configfile.h:10:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char config_smtphost[1024];
data/dnprogs-2.65/mail/receive.c:82:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[1024];
data/dnprogs-2.65/mail/receive.c:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remote_user[256]; // VMS only sends 12 but...just in case!
data/dnprogs-2.65/mail/receive.c:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_user[256];
data/dnprogs-2.65/mail/receive.c:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addressees[65536];
data/dnprogs-2.65/mail/receive.c:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cc_addressees[65536];
data/dnprogs-2.65/mail/receive.c:117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char full_user[256];
data/dnprogs-2.65/mail/receive.c:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subject[256];
data/dnprogs-2.65/mail/receive.c:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remote_hostname[256];
data/dnprogs-2.65/mail/receive.c:153:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(remote_hostname, "%d.%d",
data/dnprogs-2.65/mail/receive.c:237:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char bcc[255];
data/dnprogs-2.65/mail/receive.c:393:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[65536];
data/dnprogs-2.65/mail/receive.c:441:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char codestring[5];
data/dnprogs-2.65/mail/receive.c:451:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status = atoi(codestring);
data/dnprogs-2.65/mail/receive.c:466:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newbuf[len];
data/dnprogs-2.65/mail/receive.c:555:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[65535];
data/dnprogs-2.65/mail/receive.c:587:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempname[PATH_MAX];
data/dnprogs-2.65/mail/receive.c:590:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempname, "/tmp/vmsmailXXXXXX");
data/dnprogs-2.65/mail/receive.c:591:13: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
tempfile = mkstemp(tempname);
data/dnprogs-2.65/mail/sendvmsmail.c:72:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/dnprogs-2.65/mail/sendvmsmail.c:92:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_line[1024];
data/dnprogs-2.65/mail/sendvmsmail.c:200:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(*subject, "No subject");
data/dnprogs-2.65/mail/sendvmsmail.c:223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/dnprogs-2.65/mail/sendvmsmail.c:304:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sockaddr.sdn_add.a_addr, np->n_addr,2);
data/dnprogs-2.65/mail/sendvmsmail.c:321:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[7];
data/dnprogs-2.65/mail/sendvmsmail.c:322:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[256];
data/dnprogs-2.65/mail/sendvmsmail.c:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/dnprogs-2.65/mail/uulib/fptools.c:136:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (result, ptr, len);
data/dnprogs-2.65/mail/uulib/fptools.c:497:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char number[8];
data/dnprogs-2.65/mail/uulib/fptools.c:499:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (number, "%03d", errcode);
data/dnprogs-2.65/mail/uulib/uucheck.c:356:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (result, ptr, length);
data/dnprogs-2.65/mail/uulib/uucheck.c:684:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi (iter);
data/dnprogs-2.65/mail/uulib/uucheck.c:694:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *where, *whend, temp[80], *ptr, *p2;
data/dnprogs-2.65/mail/uulib/uucheck.c:1400:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (liter->haveparts, haveparts, havecount*sizeof(int));
data/dnprogs-2.65/mail/uulib/uucheck.c:1407:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (liter->misparts, misparts, miscount*sizeof(int));
data/dnprogs-2.65/mail/uulib/uudeview.h:164:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curfile[256]; /* the file we are working on, incl. path */
data/dnprogs-2.65/mail/uulib/uuencode.c:123:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char UUEncodeTable[64] = {
data/dnprogs-2.65/mail/uulib/uuencode.c:135:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char B64EncodeTable[64] = {
data/dnprogs-2.65/mail/uulib/uuencode.c:146:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char XXEncodeTable[64] = {
data/dnprogs-2.65/mail/uulib/uuencode.c:157:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char BHEncodeTable[64] = {
data/dnprogs-2.65/mail/uulib/uuencode.c:216:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char *etables[5] = {
data/dnprogs-2.65/mail/uulib/uuencode.c:388:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((theifile = fopen (infname, "rb")) == NULL) {
data/dnprogs-2.65/mail/uulib/uuencode.c:520:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((theifile = fopen (infname, "rb")) == NULL) {
data/dnprogs-2.65/mail/uulib/uuencode.c:700:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((theifile = fopen (infname, "rb")) == NULL) {
data/dnprogs-2.65/mail/uulib/uuencode.c:855:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((theifile = fopen (infname, "rb")) == NULL) {
data/dnprogs-2.65/mail/uulib/uuencode.c:903:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (optr, "%03d", part);
data/dnprogs-2.65/mail/uulib/uuencode.c:940:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outfile = fopen (oname, "w")) == NULL) {
data/dnprogs-2.65/mail/uulib/uuencode.c:1085:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mimeid[64];
data/dnprogs-2.65/mail/uulib/uuencode.c:1113:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((theifile = fopen (infname, "rb")) == NULL) {
data/dnprogs-2.65/mail/uulib/uulib.c:155:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uulibversion[256] = VERSION "pl" PATCH;
data/dnprogs-2.65/mail/uulib/uulib.c:464:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (cvalue, &progress, sizeof (uuprogress));
data/dnprogs-2.65/mail/uulib/uulib.c:649:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((datei = fopen (filename, "rb")) == NULL) {
data/dnprogs-2.65/mail/uulib/uulib.c:863:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((source = fopen (thefile->binfile, "rb")) == NULL) {
data/dnprogs-2.65/mail/uulib/uulib.c:934:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fildes = open (uugen_fnbuffer,
data/dnprogs-2.65/mail/uulib/uulib.c:1035:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((inpfile = fopen (uugen_fnbuffer, "rb")) == NULL) {
data/dnprogs-2.65/mail/uulib/uulib.c:1045:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((inpfile = fopen (thefile->thisfile->data->sfname, "rb")) == NULL) {
data/dnprogs-2.65/mail/uulib/uunconc.c:102:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *save[3];
data/dnprogs-2.65/mail/uulib/uunconc.c:1137:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char r[8];
data/dnprogs-2.65/mail/uulib/uunconc.c:1165:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dataout = fopen (data->binfile, mode)) == NULL) {
data/dnprogs-2.65/mail/uulib/uunconc.c:1249:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((datain = fopen (uugen_fnbuffer, "rb")) == NULL) {
data/dnprogs-2.65/mail/uulib/uunconc.c:1260:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((datain = fopen (iter->data->sfname, "rb")) == NULL) {
data/dnprogs-2.65/mail/uulib/uunconc.c:1327:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((datain = fopen (data->binfile, "rb")) == NULL) {
data/dnprogs-2.65/mail/uulib/uunconc.c:1335:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dataout = fopen (ntmp, "wb")) == NULL) {
data/dnprogs-2.65/mail/uulib/uuscan.c:398:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
theheaders->partno = atoi (thenew);
data/dnprogs-2.65/mail/uulib/uuscan.c:403:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
theheaders->numparts = atoi (thenew);
data/dnprogs-2.65/mail/uulib/uuscan.c:688:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
result->partno = atoi (line + 8);
data/dnprogs-2.65/mail/uulib/uuscan.c:742:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
result->partno = atoi (ptr);
data/dnprogs-2.65/mail/uulib/uuscan.c:746:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
result->maxpno = atoi (ptr);
data/dnprogs-2.65/mail/uulib/uuscan.c:875:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (bhds1, bhds2+1, (int) bhds2[0]);
data/dnprogs-2.65/mail/uulib/uuscan.c:881:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (bhds1, bhds2+1, 255);
data/dnprogs-2.65/mail/uulib/uuscan.c:1419:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line, "%04d.txt", ++mimseqno);
data/dnprogs-2.65/mail/uulib/uuscan.c:1492:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line, "%04d.txt", ++mimseqno);
data/dnprogs-2.65/mail/uulib/uuscan.c:1607:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&sstate, &(multistack[mssdepth]), sizeof (scanstate));
data/dnprogs-2.65/mail/uulib/uuscan.c:1662:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line, "%04d.txt", ++mimseqno);
data/dnprogs-2.65/mail/uulib/uuscan.c:1797:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&multistack[mssdepth], &sstate, sizeof (scanstate));
data/dnprogs-2.65/mail/uulib/uuscan.c:1798:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&sstate.envelope, &localenv, sizeof (headers));
data/dnprogs-2.65/mail/uulib/uuscan.c:1957:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line, "%04d.txt", ++mimseqno);
data/dnprogs-2.65/mail/uulib/uuscan.c:2116:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line, "%04d.txt", ++mimseqno);
data/dnprogs-2.65/mail/uulib/uuscan.c:2383:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line, "%04d.txt", ++mimseqno);
data/dnprogs-2.65/mail/uulib/uuscan.c:2547:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line, "%04d.txt", ++mimseqno);
data/dnprogs-2.65/mail/uulib/uuscan.c:2697:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line, "%04d.txt", ++mimseqno);
data/dnprogs-2.65/mail/uulib/uustring.c:131:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *codenames[7] = {
data/dnprogs-2.65/mail/uulib/uustring.c:139:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *msgnames[6] = {
data/dnprogs-2.65/multinet/multinet.c:58:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char remote_decnet_addr[2];
data/dnprogs-2.65/multinet/multinet.c:68:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char old_default[1024];
data/dnprogs-2.65/multinet/multinet.c:95:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&remote_addr, ainfo->ai_addr, sizeof(struct sockaddr_in));
data/dnprogs-2.65/multinet/multinet.c:152:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[38];
data/dnprogs-2.65/multinet/multinet.c:234:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[4];
data/dnprogs-2.65/multinet/multinet.c:317:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1600];
data/dnprogs-2.65/multinet/multinet.c:415:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1600];
data/dnprogs-2.65/multinet/multinet.c:470:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[132];
data/dnprogs-2.65/multinet/multinet.c:473:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tunfd = open("/dev/net/tun", O_RDWR);
data/dnprogs-2.65/multinet/multinet.c:481:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ifr.ifr_name, "tap%d");
data/dnprogs-2.65/multinet/multinet.c:503:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
procfile = fopen(cmd, "w");
data/dnprogs-2.65/multinet/multinet.c:515:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
procfile = fopen(cmd, "w");
data/dnprogs-2.65/multinet/multinet.c:527:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
procfile = fopen(cmd, "w");
data/dnprogs-2.65/multinet/multinet.c:540:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
procfile = fopen("/proc/sys/net/decnet/default_device", "w+");
data/dnprogs-2.65/multinet/multinet.c:562:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
procfile = fopen("/proc/sys/net/decnet/default_device", "w+");
data/dnprogs-2.65/multinet/multinet.c:617:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
router_priority = atoi(optarg);
data/dnprogs-2.65/multinet/multinet.c:625:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(optarg);
data/dnprogs-2.65/multinet/multinet.c:633:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hello_timer = atoi(optarg);
data/dnprogs-2.65/multinet/multinet.c:637:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ip_timeout = atoi(optarg);
data/dnprogs-2.65/multinet/multinet.c:641:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mtu = atoi(optarg);
data/dnprogs-2.65/nml/nml.c:82:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[USERNAME_LENGTH]; // Object name
data/dnprogs-2.65/nml/nml.c:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[USERNAME_LENGTH]; // User to use if proxies not used
data/dnprogs-2.65/nml/nml.c:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char daemon[PATH_MAX]; // Name of daemon
data/dnprogs-2.65/nml/nml.c:114:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[64];
data/dnprogs-2.65/nml/nml.c:126:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "if%d", ifindex);
data/dnprogs-2.65/nml/nml.c:137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/dnprogs-2.65/nml/nml.c:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var1[32];
data/dnprogs-2.65/nml/nml.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var2[32];
data/dnprogs-2.65/nml/nml.c:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var3[32];
data/dnprogs-2.65/nml/nml.c:141:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var4[32];
data/dnprogs-2.65/nml/nml.c:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var5[32];
data/dnprogs-2.65/nml/nml.c:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var6[32];
data/dnprogs-2.65/nml/nml.c:144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var7[32];
data/dnprogs-2.65/nml/nml.c:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var8[32];
data/dnprogs-2.65/nml/nml.c:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var9[32];
data/dnprogs-2.65/nml/nml.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var10[32];
data/dnprogs-2.65/nml/nml.c:148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var11[32];
data/dnprogs-2.65/nml/nml.c:150:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *procfile = fopen(PROC_DECNET_DEV, "r");
data/dnprogs-2.65/nml/nml.c:191:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/dnprogs-2.65/nml/nml.c:202:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[ptr], n->n_name, strlen(n->n_name));
data/dnprogs-2.65/nml/nml.c:220:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char scratch_na[2];
data/dnprogs-2.65/nml/nml.c:286:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ident[256];
data/dnprogs-2.65/nml/nml.c:367:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tne_addr[2];
data/dnprogs-2.65/nml/nml.c:441:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/dnprogs-2.65/nml/nml.c:442:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var1[32];
data/dnprogs-2.65/nml/nml.c:443:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var2[32];
data/dnprogs-2.65/nml/nml.c:444:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var3[32];
data/dnprogs-2.65/nml/nml.c:445:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var4[32];
data/dnprogs-2.65/nml/nml.c:446:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var5[32];
data/dnprogs-2.65/nml/nml.c:447:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var6[32];
data/dnprogs-2.65/nml/nml.c:448:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var7[32];
data/dnprogs-2.65/nml/nml.c:449:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var8[32];
data/dnprogs-2.65/nml/nml.c:450:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var9[32];
data/dnprogs-2.65/nml/nml.c:451:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var10[32];
data/dnprogs-2.65/nml/nml.c:452:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var11[32];
data/dnprogs-2.65/nml/nml.c:454:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *procfile = fopen(PROC_DECNET, "r");
data/dnprogs-2.65/nml/nml.c:499:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/dnprogs-2.65/nml/nml.c:503:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("/etc/dnetd.conf", "r");
data/dnprogs-2.65/nml/nml.c:515:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[1024];
data/dnprogs-2.65/nml/nml.c:561:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newobj->number = atoi(tmpbuf);
data/dnprogs-2.65/nml/nml.c:612:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/dnprogs-2.65/nml/nml.c:676:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[256];
data/dnprogs-2.65/nml/nml.c:677:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/dnprogs-2.65/nml/nml.c:678:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var1[32];
data/dnprogs-2.65/nml/nml.c:679:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var2[32];
data/dnprogs-2.65/nml/nml.c:680:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var3[32];
data/dnprogs-2.65/nml/nml.c:681:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var4[32];
data/dnprogs-2.65/nml/nml.c:682:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char luser[32];
data/dnprogs-2.65/nml/nml.c:683:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var6[32];
data/dnprogs-2.65/nml/nml.c:684:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var7[32];
data/dnprogs-2.65/nml/nml.c:685:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var8[32];
data/dnprogs-2.65/nml/nml.c:686:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var9[32];
data/dnprogs-2.65/nml/nml.c:687:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ruser[32];
data/dnprogs-2.65/nml/nml.c:688:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char state[32];
data/dnprogs-2.65/nml/nml.c:692:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *procfile = fopen(PROC_DECNET, "r");
data/dnprogs-2.65/nml/nml.c:710:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char scratch_na[2];
data/dnprogs-2.65/nml/nml.c:732:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
objnum = atoi(luser);
data/dnprogs-2.65/nml/nml.c:736:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
objnum = atoi(ruser);
data/dnprogs-2.65/nml/nml.c:760:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[ptr], ruser, strlen(ruser));
data/dnprogs-2.65/nml/nml.c:767:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[ptr], luser, strlen(luser));
data/dnprogs-2.65/nml/nml.c:780:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[ptr], nent->n_name, strlen(nent->n_name));
data/dnprogs-2.65/nml/nml.c:842:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/dnprogs-2.65/nml/nml.c:852:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4096];
data/dnprogs-2.65/phone/backend.c:49:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dial_user[64];
data/dnprogs-2.65/phone/backend.c:55:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char local_name[64] = {'\0'};
data/dnprogs-2.65/phone/backend.c:82:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char local_name[16] = {'\0'};
data/dnprogs-2.65/phone/backend.c:233:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(filename, "r");
data/dnprogs-2.65/phone/backend.c:240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/dnprogs-2.65/phone/backend.c:288:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[128];
data/dnprogs-2.65/phone/backend.c:386:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/dnprogs-2.65/phone/backend.c:387:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuf[256];
data/dnprogs-2.65/phone/backend.c:421:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[25];
data/dnprogs-2.65/phone/backend.c:422:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[132];
data/dnprogs-2.65/phone/backend.c:470:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ptr, buf[2];
data/dnprogs-2.65/phone/backend.c:534:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/dnprogs-2.65/phone/backend.c:575:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/dnprogs-2.65/phone/backend.c:579:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+strlen(buf)+1, text, len);
data/dnprogs-2.65/phone/backend.c:589:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/dnprogs-2.65/phone/backend.c:605:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/dnprogs-2.65/phone/backend.c:635:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/dnprogs-2.65/phone/backend.c:652:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[128];
data/dnprogs-2.65/phone/backend.c:653:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[128];
data/dnprogs-2.65/phone/backend.c:654:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newuser[128];
data/dnprogs-2.65/phone/backend.c:655:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/dnprogs-2.65/phone/backend.c:698:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sockaddr.sdn_add.a_addr, np->n_addr,2);
data/dnprogs-2.65/phone/backend.c:778:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sockname[32];
data/dnprogs-2.65/phone/backend.c:780:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inhead[2];
data/dnprogs-2.65/phone/backend.c:796:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char replybuf[1];
data/dnprogs-2.65/phone/backend.c:808:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/dnprogs-2.65/phone/backend.c:851:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[128];
data/dnprogs-2.65/phone/backend.c:852:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/dnprogs-2.65/phone/backend.c:882:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sockaddr.sdn_add.a_addr, np->n_addr,2);
data/dnprogs-2.65/phone/gtkphonesig.c:218:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[2];
data/dnprogs-2.65/phone/gtkphonesig.c:247:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/dnprogs-2.65/phone/gtkphonesig.c:267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/dnprogs-2.65/phone/gtkphonesig.c:291:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[PATH_MAX+5];
data/dnprogs-2.65/phone/phone_gtk.c:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/dnprogs-2.65/phone/phone_gtk.c:360:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[255];
data/dnprogs-2.65/phone/phone_ncurses.c:61:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char command[80];
data/dnprogs-2.65/phone/phone_ncurses.c:70:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/dnprogs-2.65/phone/phone_ncurses.c:272:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_title[255];
data/dnprogs-2.65/phone/phone_ncurses.c:373:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[32];
data/dnprogs-2.65/phone/phone_server.c:65:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char local_name[16] = {'\0'};
data/dnprogs-2.65/phone/phone_server.c:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char replybuf[1];
data/dnprogs-2.65/phone/phone_server.c:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char replybuf[64];
data/dnprogs-2.65/phone/phone_server.c:145:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devname[64];
data/dnprogs-2.65/phone/phone_server.c:146:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[256];
data/dnprogs-2.65/phone/phone_server.c:148:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[25];
data/dnprogs-2.65/phone/phone_server.c:172:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(devname, O_WRONLY|O_NONBLOCK);
data/dnprogs-2.65/phone/phone_server.c:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2];
data/dnprogs-2.65/phone/phone_server.c:261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char replybuf[64];
data/dnprogs-2.65/phone/phone_server.c:276:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[256];
data/dnprogs-2.65/phone/phone_server.c:277:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_name[64];
data/dnprogs-2.65/phone/phone_server.c:278:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devname[64];
data/dnprogs-2.65/phone/phone_server.c:279:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[128];
data/dnprogs-2.65/phone/phone_server.c:285:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(proc_name, "/proc/%d/cmdline", realut->ut_pid);
data/dnprogs-2.65/phone/phone_server.c:286:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
proc_fd = open(proc_name, O_RDONLY);
data/dnprogs-2.65/phone/phone_server.c:332:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msghead[2];
data/dnprogs-2.65/phone/phone_server.c:429:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/dnprogs-2.65/phone/phoned.h:7:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_user[64]; // node::user in CAPS
data/dnprogs-2.65/phone/phoned.h:8:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_login[64]; // user in lower
data/dnprogs-2.65/phone/phoned.h:9:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remote_user[32]; // remote node::user in CAPS
data/dnprogs-2.65/apps/copynodes.c:71:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_accl = strlen((char *)accessdata.acc_acc);
data/dnprogs-2.65/apps/copynodes.c:129:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
status = read(sockfd, reply, BUFLEN);
data/dnprogs-2.65/apps/ctermd.c:95:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(net,buf,sizeof(buf)) < 0)
data/dnprogs-2.65/apps/ctermd.c:112:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(net,buf,sizeof(buf)) < 0)
data/dnprogs-2.65/apps/ctermd.c:137:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(entry.ut_line,p,strlen(p));
data/dnprogs-2.65/apps/ctermd.c:138:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entry.ut_line[strlen(p)]='\0';
data/dnprogs-2.65/apps/ctermd.c:167:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(pty,buf,numbytes);
data/dnprogs-2.65/apps/ctermd.c:209:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = 5 + strlen(buf);
data/dnprogs-2.65/apps/ctermd.c:213:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(&lclbuf[9],buf,strlen(buf));
data/dnprogs-2.65/apps/ctermd.c:214:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wrtlen=strlen(buf)+9;
data/dnprogs-2.65/apps/ctermd.c:256:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt=read(pty,buf,sizeof(buf)-1);
data/dnprogs-2.65/apps/ctermd.c:264:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt=read(net,buf,sizeof(buf));
data/dnprogs-2.65/apps/ctermd.c:314:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen("/dev/pty")] = c;
data/dnprogs-2.65/apps/ctermd.c:315:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen("/dev/ptyC")] = '0';
data/dnprogs-2.65/apps/ctermd.c:320:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen("/dev/ptyC")]= "0123456789abcdef"[i];
data/dnprogs-2.65/apps/ctermd.c:336:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen("/dev/")] = 't';
data/dnprogs-2.65/apps/dnmount.c:235:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_accl = strlen((char *)accessdata.acc_acc);
data/dnprogs-2.65/apps/dnmount.c:244:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_userl = strlen(accessdata.acc_user);
data/dnprogs-2.65/apps/dnmount.c:245:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_passl = strlen(accessdata.acc_pass);
data/dnprogs-2.65/apps/dnmount.c:246:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_accl = strlen(accessdata.acc_acc);
data/dnprogs-2.65/apps/dnmount.c:303:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((er=read(sockfd,buf,sizeof(buf))) < 0)
data/dnprogs-2.65/apps/dnmount.c:429:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(vms_directory,argv[optind],strlen((char *)argv[optind]));
data/dnprogs-2.65/apps/dnmount.c:431:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(mount_point,argv[optind],strlen((char *)argv[optind]));
data/dnprogs-2.65/apps/dnping.c:98:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(accessdata->acc_user, user, MIN(strlen(user),DN_MAXACCL));
data/dnprogs-2.65/apps/dnping.c:100:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata->acc_userl = strlen((char *)accessdata->acc_user);
data/dnprogs-2.65/apps/dnping.c:108:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (password == NULL || strlen(password) > (unsigned int)DN_MAXACCL)
data/dnprogs-2.65/apps/dnping.c:116:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(accessdata->acc_pass, password, MIN(strlen(password),DN_MAXACCL));
data/dnprogs-2.65/apps/dnping.c:118:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata->acc_passl = strlen((char *)accessdata->acc_pass);
data/dnprogs-2.65/apps/dnping.c:145:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)accessdata->acc_acc, local_user,
data/dnprogs-2.65/apps/dnping.c:146:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MIN(strlen(local_user),DN_MAXACCL));
data/dnprogs-2.65/apps/dnping.c:148:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata->acc_accl = strlen((char *)accessdata->acc_acc);
data/dnprogs-2.65/apps/dnping.c:441:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
num = read(sockfd,ibuf,sizeof(ibuf));
data/dnprogs-2.65/apps/dnping.c:503:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(interval);
data/dnprogs-2.65/apps/rmtermd.c:88:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(entry.ut_line,p,strlen(p));
data/dnprogs-2.65/apps/rmtermd.c:89:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entry.ut_line[strlen(p)]='\0';
data/dnprogs-2.65/apps/rmtermd.c:118:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(pty,buf,numbytes);
data/dnprogs-2.65/apps/rmtermd.c:125:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(net,buf,strlen(buf)) < 0)
data/dnprogs-2.65/apps/rmtermd.c:166:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt=read(pty,buf,sizeof(buf)-1);
data/dnprogs-2.65/apps/rmtermd.c:180:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt=read(net,buf,sizeof(buf));
data/dnprogs-2.65/apps/rmtermd.c:211:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen("/dev/pty")] = c;
data/dnprogs-2.65/apps/rmtermd.c:212:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen("/dev/ptyC")] = '0';
data/dnprogs-2.65/apps/rmtermd.c:217:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen("/dev/ptyC")]= "0123456789abcdef"[i];
data/dnprogs-2.65/apps/rmtermd.c:233:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen("/dev/")] = 't';
data/dnprogs-2.65/apps/sethost.c:532:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_accl = strlen((char *)accessdata.acc_acc);
data/dnprogs-2.65/apps/sethost.c:538:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_accl = strlen(accessdata.acc_acc);
data/dnprogs-2.65/apps/sethost.c:722:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cntx=read(ttyfd,&buf,80);
data/dnprogs-2.65/apps/sethost.c:770:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cntx=read(ttyfd, &buf[4], 80);
data/dnprogs-2.65/apps/sethost.c:811:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cntx=read(ttyfd, &buf, 80);
data/dnprogs-2.65/apps/startnet.c:105:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
exec_dev, strlen(exec_dev));
data/dnprogs-2.65/apps/startnet.c:115:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
node->n_name, strlen(node->n_name));
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetcat.c:72:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (len = read(sock, buf, 1024)) == -1 )
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetcat.c:77:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (len = read(local_in, buf, 1024)) == -1 )
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetcat.c:99:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(node, dp->n_name, 15);
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:73:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf, "*");
data/dnprogs-2.65/contrib/ph3-der-loewe/dnetstat.c:85:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "*");
data/dnprogs-2.65/dapfs/dapfs.c:140:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char vername[strlen(path)+3];
data/dnprogs-2.65/dapfs/dapfs.c:166:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char dirname[strlen(path)+7];
data/dnprogs-2.65/dapfs/dapfs.c:180:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (vmsname[strlen(vmsname)-1] == '.')
data/dnprogs-2.65/dapfs/dapfs.c:181:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vmsname[strlen(vmsname)-1] = '\0';
data/dnprogs-2.65/dapfs/dapfs.c:250:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(vmsname+2, vmsname, strlen(vmsname)+1);
data/dnprogs-2.65/dapfs/dapfs.c:263:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (vmsname[strlen(vmsname)-1] == '.')
data/dnprogs-2.65/dapfs/dapfs.c:264:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vmsname[strlen(vmsname)-1] = '\0';
data/dnprogs-2.65/dapfs/dapfs.c:265:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(vmsname, "]");
data/dnprogs-2.65/dapfs/dapfs.c:661:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[i]) == 2) {
data/dnprogs-2.65/dapfs/dapfs_dap.cc:100:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_accl = strlen((char *)accessdata.acc_acc);
data/dnprogs-2.65/dapfs/dapfs_dap.cc:136:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(sockfd, command, strlen(command)) < (int)strlen(command))
data/dnprogs-2.65/dapfs/dapfs_dap.cc:136:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(sockfd, command, strlen(command)) < (int)strlen(command))
data/dnprogs-2.65/dapfs/dapfs_dap.cc:153:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
status = read(sockfd, reply, BUFLEN);
data/dnprogs-2.65/dapfs/dapfs_dap.cc:279:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char wildname[strlen(path)+2];
data/dnprogs-2.65/dapfs/dapfs_dap.cc:292:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (path[strlen(path)-1] == '/') {
data/dnprogs-2.65/dapfs/dapfs_dap.cc:334:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strstr(unixname, ".dir") == unixname+strlen(unixname)-4)
data/dnprogs-2.65/dapfs/dapfs_dap.cc:407:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strstr(unixname, ".dir") == unixname+strlen(unixname)-4)
data/dnprogs-2.65/dapfs/dapfs_dap.cc:428:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (vmsname[strlen(vmsname)-1] == '.')
data/dnprogs-2.65/dapfs/dapfs_dap.cc:429:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vmsname[strlen(vmsname)-1] = '\0';
data/dnprogs-2.65/dapfs/dapfs_dap.cc:506:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (vmsto[strlen(vmsto)-1] == '.')
data/dnprogs-2.65/dapfs/filenames.c:68:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastslash = fullname + strlen(fullname);
data/dnprogs-2.65/dapfs/filenames.c:74:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fullname, ".");
data/dnprogs-2.65/dapfs/filenames.c:79:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i<(int)strlen(fullname); i++)
data/dnprogs-2.65/dapfs/filenames.c:96:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i<=(int)strlen(fullname); i++)
data/dnprogs-2.65/dapfs/filenames.c:158:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(file, ptr, strlen(ptr)+1);
data/dnprogs-2.65/dapfs/filenames.c:180:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (file[strlen(file)-1] == '.')
data/dnprogs-2.65/dapfs/filenames.c:181:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file[strlen(file)-1] = '\0';
data/dnprogs-2.65/dapfs/filenames.c:189:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (volume[strlen(volume)-1] == ':')
data/dnprogs-2.65/dapfs/filenames.c:190:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
volume[strlen(volume)-1] = '\0';
data/dnprogs-2.65/dapfs/filenames.c:196:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(unixname, "/");
data/dnprogs-2.65/dapfs/filenames.c:202:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(unixname, "/");
data/dnprogs-2.65/dapfs/filenames.c:206:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = strlen(unixname);
data/dnprogs-2.65/dapfs/filenames.c:209:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i< (int)strlen(dir); i++)
data/dnprogs-2.65/dapfs/filenames.c:249:35: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if (strcmp(file, "*.*") == 0) strcpy(file, "*");
data/dnprogs-2.65/dapfs/filenames.c:261:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strstr(unixname, ".dir") == unixname+strlen(unixname)-4)
data/dnprogs-2.65/dapfs/filenames.c:263:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char dirname[strlen(unixname)+1];
data/dnprogs-2.65/dncopy/dncopy.cc:257:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( ((buflen = in->read(buf, bufsize))) >= 0 )
data/dnprogs-2.65/dncopy/dncopy.cc:414:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *arglist = (char *)malloc(strlen(env)+1);
data/dnprogs-2.65/dncopy/dncopy.cc:436:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pargv[count] = (char *)malloc(strlen(ptr)+1);
data/dnprogs-2.65/dncopy/dnetfile.cc:211:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int dnetfile::read(char *buf, int len)
data/dnprogs-2.65/dncopy/dnetfile.cc:319:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fname[strlen(fname)-1] == ':' ||
data/dnprogs-2.65/dncopy/dnetfile.cc:320:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname)-1] == ']')
data/dnprogs-2.65/dncopy/dnetfile.cc:358:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i < strlen(basename); i++)
data/dnprogs-2.65/dncopy/dnetfile.cc:373:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pname, "\"");
data/dnprogs-2.65/dncopy/dnetfile.cc:376:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pname, "\"");
data/dnprogs-2.65/dncopy/dnetfile.h:19:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(char *buf, int len);
data/dnprogs-2.65/dncopy/dnetfile_dap.cc:118:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char sentname[strlen(filname)+1];
data/dnprogs-2.65/dncopy/file.h:24:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(char *buf, int len) = 0;
data/dnprogs-2.65/dncopy/unixfile.cc:60:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(printname, "/");
data/dnprogs-2.65/dncopy/unixfile.cc:72:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int unixfile::read(char *buf, int len)
data/dnprogs-2.65/dncopy/unixfile.cc:214:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tmpname, "/");
data/dnprogs-2.65/dncopy/unixfile.h:14:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(char *buf, int len);
data/dnprogs-2.65/dndir/dndir.cc:266:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dirname[0]) lastchar = dirname[strlen(dirname)-1];
data/dnprogs-2.65/dndir/dndir.cc:592:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) >= filename_width &&
data/dnprogs-2.65/dndir/dndir.cc:617:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) >= filename_width && *printed)
data/dnprogs-2.65/dndir/dndir.cc:626:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("%-*s",(int)(filename_width-(strlen(name)-filename_width)), "");
data/dnprogs-2.65/dndir/dndir.cc:755:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prot[strlen(prot)-1] = '\0';
data/dnprogs-2.65/dnetd/dnetd.c:107:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(binary_dir)+strlen(daemon_name)+1 > PATH_MAX)
data/dnprogs-2.65/dnetd/dnetd.c:107:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(binary_dir)+strlen(daemon_name)+1 > PATH_MAX)
data/dnprogs-2.65/dnetd/dnetd.c:113:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "/");
data/dnprogs-2.65/dnetd/dnetd.c:118:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(daemon_name) > PATH_MAX)
data/dnprogs-2.65/dnetd/dnetd.c:140:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (readnum=read(insock,ibuf,sizeof(ibuf))) > 0)
data/dnprogs-2.65/dnetd/task_server.c:64:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, (char*)sockaddr.sdn_objname, dn_ntohs(sockaddr.sdn_objnamel));
data/dnprogs-2.65/dnetd/task_server.c:75:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i<strlen(name); i++)
data/dnprogs-2.65/dnetd/task_server.c:111:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tryname, "/");
data/dnprogs-2.65/dnetd/task_server.c:164:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen("/dev/pty")] = c;
data/dnprogs-2.65/dnetd/task_server.c:165:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen("/dev/ptyC")] = '0';
data/dnprogs-2.65/dnetd/task_server.c:170:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen("/dev/ptyC")]= "0123456789abcdef"[i];
data/dnprogs-2.65/dnetd/task_server.c:187:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen("/dev/")] = 't';
data/dnprogs-2.65/dnetd/task_server.c:269:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt=read(pty,buf,sizeof(buf));
data/dnprogs-2.65/dnetd/task_server.c:275:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt=read(sock,buf,sizeof(buf));
data/dnprogs-2.65/dnlogin/dnlogin.c:75:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (len=read(termfd, inbuf, sizeof(inbuf))) <= 0)
data/dnprogs-2.65/dnlogin/found.c:281:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_accl = strlen((char *)accessdata.acc_acc);
data/dnprogs-2.65/dnlogin/tty.c:458:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tty_write(buf, strlen(buf));
data/dnprogs-2.65/dnroute/dneigh.c:174:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(un.sun_path, file, sizeof(un.sun_path) - 1);
data/dnprogs-2.65/dnroute/dneigh.c:215:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(progname);
data/dnprogs-2.65/dnroute/get_neigh.c:1086:12: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
oldmode = umask(0);
data/dnprogs-2.65/dnroute/get_neigh.c:1088:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(oldmode);
data/dnprogs-2.65/dnroute/hash.c:204:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return dm_hash_lookup_binary(t, key, strlen(key) + 1);
data/dnprogs-2.65/dnroute/hash.c:209:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return dm_hash_insert_binary(t, key, strlen(key) + 1, data);
data/dnprogs-2.65/dnroute/hash.c:214:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dm_hash_remove_binary(t, key, strlen(key) + 1);
data/dnprogs-2.65/dnroute/pidfile.c:44:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(fd, buf, strlen(buf)) != strlen(buf)) {
data/dnprogs-2.65/dnroute/pidfile.c:44:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(fd, buf, strlen(buf)) != strlen(buf)) {
data/dnprogs-2.65/dntask/dntask.c:82:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(sockfd, buf, sizeof(buf));
data/dnprogs-2.65/dntask/dntask.c:106:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(STDIN_FILENO, buf, sizeof(buf));
data/dnprogs-2.65/dntask/dntask.c:134:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( ((len = read(sockfd, buf, sizeof(buf)))) )
data/dnprogs-2.65/dntask/dntask.c:172:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) > 16)
data/dnprogs-2.65/dntask/dntask.c:210:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(sockaddr.sdn_objname, filename, strlen(filename));
data/dnprogs-2.65/dntask/dntask.c:211:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sockaddr.sdn_objnamel = dn_htons(strlen(filename));
data/dnprogs-2.65/dntask/dntask.c:450:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_accl = strlen((char *)accessdata.acc_acc);
data/dnprogs-2.65/dntask/dntask.c:464:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (password == NULL || strlen(password) > (unsigned int)MAX_PASSWORD)
data/dnprogs-2.65/dntask/dntask.c:474:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_userl = strlen(accessdata.acc_user);
data/dnprogs-2.65/dntask/dntask.c:475:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_passl = strlen(accessdata.acc_pass);
data/dnprogs-2.65/dntask/dntask.c:476:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_accl = strlen(accessdata.acc_acc);
data/dnprogs-2.65/fal/directory.cc:210:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (gl.gl_pathv[pathno][strlen(gl.gl_pathv[pathno])-1] == '/')
data/dnprogs-2.65/fal/directory.cc:260:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int lastdot = strlen(vmsname);
data/dnprogs-2.65/fal/directory.cc:271:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i< strlen(vmsname); i++)
data/dnprogs-2.65/fal/directory.cc:285:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i< strlen(vmsname); i++)
data/dnprogs-2.65/fal/fal.cc:117:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p.vroot[strlen(p.vroot)-1] != '/')
data/dnprogs-2.65/fal/fal.cc:118:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p.vroot, "/");
data/dnprogs-2.65/fal/fal.cc:119:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p.vroot_len = strlen(p.vroot);
data/dnprogs-2.65/fal/open.cc:425:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
newchar = getc(stream);
data/dnprogs-2.65/fal/open.cc:605:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char cmd[strlen(gl.gl_pathv[glob_entry])+strlen(PRINT_COMMAND)+2];
data/dnprogs-2.65/fal/open.cc:605:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char cmd[strlen(gl.gl_pathv[glob_entry])+strlen(PRINT_COMMAND)+2];
data/dnprogs-2.65/fal/open.cc:696:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
int mask = umask(0);
data/dnprogs-2.65/fal/open.cc:697:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/dnprogs-2.65/fal/submit.cc:129:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char cmd[PATH_MAX + strlen(SUBMIT_COMMAND)+1];
data/dnprogs-2.65/fal/task.cc:93:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i<strlen(name); i++)
data/dnprogs-2.65/fal/task.cc:97:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (allupper && strlen(name))
data/dnprogs-2.65/fal/task.cc:109:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int oldlen = strlen(name);
data/dnprogs-2.65/fal/task.cc:136:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(name, name + params.vroot_len-1, strlen(name)+1);
data/dnprogs-2.65/fal/task.cc:220:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastslash = fullname + strlen(fullname);
data/dnprogs-2.65/fal/task.cc:226:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fullname, ".");
data/dnprogs-2.65/fal/task.cc:232:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fullname[strlen(fullname)-1] != '.')
data/dnprogs-2.65/fal/task.cc:233:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fullname, ".");
data/dnprogs-2.65/fal/task.cc:246:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i=strlen(fullname);
data/dnprogs-2.65/fal/task.cc:266:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i<(int)strlen(fullname); i++)
data/dnprogs-2.65/fal/task.cc:292:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(vmsname, "]");
data/dnprogs-2.65/fal/task.cc:315:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(vmsname, ".");
data/dnprogs-2.65/fal/task.cc:319:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vmsname[strlen(vmsname)-1] = ']';
data/dnprogs-2.65/fal/task.cc:361:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(file, ptr, strlen(ptr)+1);
data/dnprogs-2.65/fal/task.cc:383:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (file[strlen(file)-1] == '.')
data/dnprogs-2.65/fal/task.cc:384:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file[strlen(file)-1] = '\0';
data/dnprogs-2.65/fal/task.cc:392:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (volume[strlen(volume)-1] == ':')
data/dnprogs-2.65/fal/task.cc:393:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
volume[strlen(volume)-1] = '\0';
data/dnprogs-2.65/fal/task.cc:399:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(unixname, "/");
data/dnprogs-2.65/fal/task.cc:405:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(unixname, "/");
data/dnprogs-2.65/fal/task.cc:409:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = strlen(unixname);
data/dnprogs-2.65/fal/task.cc:412:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i< (int)strlen(dir); i++)
data/dnprogs-2.65/fal/task.cc:461:35: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if (strcmp(file, "*.*") == 0) strcpy(file, "*");
data/dnprogs-2.65/fal/task.cc:473:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strstr(unixname, ".dir") == unixname+strlen(unixname)-4)
data/dnprogs-2.65/fal/task.cc:475:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char dirname[strlen(unixname)+1];
data/dnprogs-2.65/fal/task.cc:498:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int i = strlen(filespec);
data/dnprogs-2.65/fal/task.cc:742:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcmp(current->ext, name+(strlen(name) - current->len)) == 0)
data/dnprogs-2.65/fal/task.cc:830:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(extension, fileptr, extlen);
data/dnprogs-2.65/fal/task.cc:843:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(num, fileptr, numlen);
data/dnprogs-2.65/fal/task.cc:890:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(adfname, file, pathlen);
data/dnprogs-2.65/fal/task.cc:927:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(metafile, file, pathlen);
data/dnprogs-2.65/fal/task.cc:943:21: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mode_t old_umask = umask(0);
data/dnprogs-2.65/fal/task.cc:945:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_umask);
data/dnprogs-2.65/fal/task.cc:947:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(metafile, "/");
data/dnprogs-2.65/fal/task.h:98:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ext);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:161:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf)-1] == '\n') buf[strlen(buf)-1] = '\0';
data/dnprogs-2.65/libdaemon/dnet_daemon.c:161:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf)-1] == '\n') buf[strlen(buf)-1] = '\0';
data/dnprogs-2.65/libdaemon/dnet_daemon.c:178:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(bufp) > 20)
data/dnprogs-2.65/libdaemon/dnet_daemon.c:184:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(colons+2) > 65)
data/dnprogs-2.65/libdaemon/dnet_daemon.c:189:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(space+1) > 65)
data/dnprogs-2.65/libdaemon/dnet_daemon.c:205:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(local) == 0)
data/dnprogs-2.65/libdaemon/dnet_daemon.c:666:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf)-1] == '\n') buf[strlen(buf)-1] = '\0';
data/dnprogs-2.65/libdaemon/dnet_daemon.c:666:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf)-1] == '\n') buf[strlen(buf)-1] = '\0';
data/dnprogs-2.65/libdaemon/dnet_daemon.c:680:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *nextspace = bufp+strlen(bufp);
data/dnprogs-2.65/libdaemon/dnet_daemon.c:726:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(newobj->daemon, " ");
data/dnprogs-2.65/libdaemon/dnet_daemon.c:791:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bind_sockaddr.sdn_objnamel = dn_htons(strlen(object));
data/dnprogs-2.65/libdaemon/dnet_priv_check.c:66:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = &clients[strlen(clients) - 1];
data/dnprogs-2.65/libdaemon/dnetlog.c:76:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fd, outbuf, strlen(outbuf));
data/dnprogs-2.65/libdaemon/dnetlog.c:80:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fd, outbuf, strlen(outbuf));
data/dnprogs-2.65/libdap/connection.cc:161:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(object) > 16)
data/dnprogs-2.65/libdap/connection.cc:167:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(sockaddr.sdn_objname, object, strlen(object));
data/dnprogs-2.65/libdap/connection.cc:168:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sockaddr.sdn_objnamel = dn_htons(strlen(object));
data/dnprogs-2.65/libdap/connection.cc:223:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(object) > 16)
data/dnprogs-2.65/libdap/connection.cc:229:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(sockaddr.sdn_objname, object, strlen(object));
data/dnprogs-2.65/libdap/connection.cc:230:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sockaddr.sdn_objnamel = dn_htons(strlen(object));
data/dnprogs-2.65/libdap/connection.cc:260:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (password == NULL || strlen(password) > (unsigned int)MAX_PASSWORD)
data/dnprogs-2.65/libdap/connection.cc:269:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(accessdata.acc_user, user, strlen(user));
data/dnprogs-2.65/libdap/connection.cc:270:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(accessdata.acc_pass, password, strlen(password));
data/dnprogs-2.65/libdap/connection.cc:287:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_accl = strlen((char *)accessdata.acc_acc);
data/dnprogs-2.65/libdap/connection.cc:294:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_userl = strlen(user);
data/dnprogs-2.65/libdap/connection.cc:295:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_passl = strlen(password);
data/dnprogs-2.65/libdap/connection.cc:338:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int dap_connection::read(bool block)
data/dnprogs-2.65/libdap/connection.cc:389:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(block);
data/dnprogs-2.65/libdap/connection.cc:660:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(object) > 16)
data/dnprogs-2.65/libdap/connection.cc:666:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(bind_sockaddr.sdn_objname, object, strlen(object));
data/dnprogs-2.65/libdap/connection.cc:667:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bind_sockaddr.sdn_objnamel = dn_htons(strlen(object));
data/dnprogs-2.65/libdap/connection.cc:915:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_userl = strlen((char *)accessdata.acc_user);
data/dnprogs-2.65/libdap/connection.cc:916:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_passl = strlen((char *)accessdata.acc_pass);
data/dnprogs-2.65/libdap/connection.cc:917:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_accl = strlen((char *)accessdata.acc_acc);
data/dnprogs-2.65/libdap/connection.h:32:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read(bool);
data/dnprogs-2.65/libdap/logging.cc:76:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fd, outbuf, strlen(outbuf));
data/dnprogs-2.65/libdap/logging.cc:80:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fd, outbuf, strlen(outbuf));
data/dnprogs-2.65/libdap/protocol.cc:49:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_bytes::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:121:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(newval);
data/dnprogs-2.65/libdap/protocol.cc:131:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_ex::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:219:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_image::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:285:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
real_length = strlen(s);
data/dnprogs-2.65/libdap/protocol.cc:495:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!m->read(c)) return NULL;
data/dnprogs-2.65/libdap/protocol.cc:624:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_config_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:626:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!bufsiz.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:627:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!ostype.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:628:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!filesys.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:629:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!version.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:630:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!syscap.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:679:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_attrib_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:681:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
attmenu.read(c);
data/dnprogs-2.65/libdap/protocol.cc:682:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(0) && !datatype.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:683:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(1) && !org.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:684:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(2) && !rfm.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:685:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(3) && !rat.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:686:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(4) && !bls.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:687:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(5) && !mrs.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:688:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(6) && !alq.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:689:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(7) && !bks.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:690:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(8) && !fsz.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:691:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(9) && !mrn.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:692:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(10) && !runsys.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:693:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(11) && !deq.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:694:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(12) && !fop.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:695:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(13) && !bsz.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:696:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(14) && !dev.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:697:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(15) && !sdc.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:698:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(16) && !lrl.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:699:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(17) && !hbk.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:700:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(18) && !ebk.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:701:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(19) && !ffb.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:702:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (attmenu.get_bit(20) && !sbn.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:845:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_access_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:847:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!accfunc.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:848:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!accopt.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:849:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!filespec.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:850:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (c.have_bytes(1) && !fac.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:851:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (c.have_bytes(1) && !shr.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:852:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (c.have_bytes(1) && !display.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:853:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (c.have_bytes(1) && !password.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:947:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_control_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:949:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!ctlfunc.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:950:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!ctlmenu.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:951:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ctlmenu.get_bit(0) && !rac.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:952:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ctlmenu.get_bit(1) && !key.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:953:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ctlmenu.get_bit(2) && !krf.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:954:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ctlmenu.get_bit(3) && !rop.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:955:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ctlmenu.get_bit(4) && !hsh.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:956:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ctlmenu.get_bit(5) && !display.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:957:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ctlmenu.get_bit(6) && !blkcnt.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:958:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ctlmenu.get_bit(7) && !usz.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1095:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_contran_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:1097:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!confunc.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1120:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_ack_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:1137:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_accomp_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:1139:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!cmpfunc.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1140:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (c.have_bytes(1) && !fop.read(c)) return false; // Optional
data/dnprogs-2.65/libdap/protocol.cc:1141:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (c.have_bytes(1) && !check.read(c)) return false; // Optional
data/dnprogs-2.65/libdap/protocol.cc:1215:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_data_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:1217:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!recnum.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1282:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_status_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:1284:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!stscode.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1285:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (c.have_bytes(1) && !rfa.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1286:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (c.have_bytes(1) && !recnum.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1287:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (c.have_bytes(1) && !stv.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1888:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_name_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:1890:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!nametype.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1891:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!namespec.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1930:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_date_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:1932:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
datmenu.read(c);
data/dnprogs-2.65/libdap/protocol.cc:1933:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (datmenu.get_bit(0) && !cdt.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1934:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (datmenu.get_bit(1) && !rdt.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1935:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (datmenu.get_bit(2) && !edt.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1936:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (datmenu.get_bit(3) && !rvn.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1937:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (datmenu.get_bit(4) && !bdt.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1942:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (datmenu.get_bit(5) && !udt.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:1943:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (datmenu.get_bit(6) && !udt.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2053:5: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(d, "%02d-%3s-%02d %02d:%02d:%02d",
data/dnprogs-2.65/libdap/protocol.cc:2119:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(y2kdate, "0");
data/dnprogs-2.65/libdap/protocol.cc:2130:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_alloc_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:2132:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
allmenu.read(c);
data/dnprogs-2.65/libdap/protocol.cc:2133:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (allmenu.get_bit(0) && !vol.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2134:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (allmenu.get_bit(1) && !aln.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2135:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (allmenu.get_bit(2) && !aop.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2136:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (allmenu.get_bit(3) && !loc.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2137:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (allmenu.get_bit(4) && !rfi.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2138:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (allmenu.get_bit(5) && !alq.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2139:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (allmenu.get_bit(6) && !aid.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2140:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (allmenu.get_bit(7) && !bkz.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2141:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (allmenu.get_bit(8) && !deq.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2164:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_protect_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:2166:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
protmenu.read(c);
data/dnprogs-2.65/libdap/protocol.cc:2167:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (protmenu.get_bit(0) && !owner.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2168:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (protmenu.get_bit(1) && !protsys.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2169:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (protmenu.get_bit(2) && !protown.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2170:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (protmenu.get_bit(3) && !protgrp.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2171:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (protmenu.get_bit(4) && !protwld.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2328:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(prot);
data/dnprogs-2.65/libdap/protocol.cc:2402:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_summary_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:2404:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
summenu.read(c);
data/dnprogs-2.65/libdap/protocol.cc:2405:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (summenu.get_bit(0) && !nok.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2406:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (summenu.get_bit(1) && !noa.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2407:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (summenu.get_bit(2) && !nor.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2408:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (summenu.get_bit(3) && !pvn.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2469:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool dap_key_message::read(dap_connection &c)
data/dnprogs-2.65/libdap/protocol.cc:2471:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
keymenu.read(c);
data/dnprogs-2.65/libdap/protocol.cc:2472:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(0) && !flg.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2473:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(1) && !dfl.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2474:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(2) && !ifl.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2475:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(3) && !nsg.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2486:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pos[i]->read(c);
data/dnprogs-2.65/libdap/protocol.cc:2487:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
siz[i]->read(c);
data/dnprogs-2.65/libdap/protocol.cc:2490:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(4) && !ref.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2491:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(5) && !knm.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2492:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(6) && !nul.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2493:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(7) && !ian.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2494:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(8) && !lan.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2495:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(9) && !dan.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2496:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(10) && !dtp.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2497:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(11) && !rvb.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2498:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(12) && !hal.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2499:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(13) && !dvb.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2500:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(14) && !dbs.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2501:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(15) && !ibs.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2502:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(16) && !lvl.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2503:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(17) && !tks.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.cc:2504:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (keymenu.get_bit(18) && !mrl.read(c)) return false;
data/dnprogs-2.65/libdap/protocol.h:17:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&) = 0;
data/dnprogs-2.65/libdap/protocol.h:48:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:73:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:106:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:132:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&)=0;
data/dnprogs-2.65/libdap/protocol.h:199:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:285:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:494:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:585:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:683:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:707:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:723:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:765:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:795:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:843:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:905:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:933:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:963:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:1020:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdap/protocol.h:1053:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(dap_connection&);
data/dnprogs-2.65/libdnet/dnet_conn.c:110:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(uname);
data/dnprogs-2.65/libdnet/dnet_conn.c:113:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)sdn->sdn_objname, uname, len);
data/dnprogs-2.65/libdnet/dnet_conn.c:125:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sdn->sdn_objnamel = dn_htons(strlen((char*)sdn->sdn_objname));
data/dnprogs-2.65/libdnet/dnet_conn.c:138:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name);
data/dnprogs-2.65/libdnet/dnet_conn.c:141:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)sdn->sdn_objname, name, len);
data/dnprogs-2.65/libdnet/getnodename.c:56:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, nodename, len);
data/dnprogs-2.65/libdnet/getobjectbyX.c:127:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(proto, cur, 16);
data/dnprogs-2.65/libdnet/getobjectbyX.c:129:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(proto, cur, next-cur);
data/dnprogs-2.65/libdnet/getobjectbyX.c:163:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(proto, cur, 16);
data/dnprogs-2.65/libdnet/getobjectbyX.c:165:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(proto, cur, next-cur);
data/dnprogs-2.65/libdnet/getobjectbyX.c:220:8: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if ( sscanf(line, "%15s %i %1024s\n", cname, &curr, rest) == 3 ) {
data/dnprogs-2.65/libdnet/getobjectbyX.c:249:8: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if ( sscanf(line, "%15s %i %1024s\n", cname, &curr, rest) == 3 ) {
data/dnprogs-2.65/libdnet/getobjectbyX.c:302:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, rname, name_len-1);
data/dnprogs-2.65/librms/parse.cc:94:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (option_ptr+4 >= strlen(options)) return false;
data/dnprogs-2.65/librms/parse.cc:97:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(key, &options[option_ptr], 3);
data/dnprogs-2.65/librms/parse.cc:129:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (option_ptr < strlen(options))
data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c:364:22: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
#error MANTISSA_MASK mismatch in from_vax_r4()
data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c:584:22: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
#error MANTISSA_MASK mismatch in from_vax_g8()
data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c:720:22: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
#error MANTISSA_MASK mismatch in from_vax_h16()
data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c:979:22: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
#error MANTISSA_MASK mismatch in to_vax_r4()
data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c:1214:22: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
#error MANTISSA_MASK mismatch in to_vax_g8()
data/dnprogs-2.65/libvaxdata/src/convert_vax_data.c:1345:22: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
#error MANTISSA_MASK mismatch in to_vax_h16()
data/dnprogs-2.65/mail/configfile.c:46:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (cfgline[strlen(cfgline)-1] == '\n')
data/dnprogs-2.65/mail/configfile.c:47:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cfgline[strlen(cfgline)-1] = '\0';
data/dnprogs-2.65/mail/receive.c:67:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define read(x,y,z) dnet_recv(x,y,z,MSG_EOR)
data/dnprogs-2.65/mail/receive.c:161:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stat = read(sock, remote_user, sizeof(remote_user));
data/dnprogs-2.65/mail/receive.c:179:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stat = read(sock, local_user, sizeof(local_user));
data/dnprogs-2.65/mail/receive.c:190:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(addressees, ",");
data/dnprogs-2.65/mail/receive.c:200:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
addressees[strlen(addressees)-1] = '\0';
data/dnprogs-2.65/mail/receive.c:204:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i<strlen(addressees); i++)
data/dnprogs-2.65/mail/receive.c:210:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stat = read(sock, full_user, sizeof(full_user));
data/dnprogs-2.65/mail/receive.c:219:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stat = read(sock, cc_addressees, sizeof(cc_addressees));
data/dnprogs-2.65/mail/receive.c:221:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i<strlen(cc_addressees); i++)
data/dnprogs-2.65/mail/receive.c:228:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stat = read(sock, subject, sizeof(subject));
data/dnprogs-2.65/mail/receive.c:238:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stat = read(sock, bcc, sizeof(bcc));
data/dnprogs-2.65/mail/receive.c:449:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(codestring, response, 3);
data/dnprogs-2.65/mail/receive.c:564:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stat = read(dnsock, buf, sizeof(buf));
data/dnprogs-2.65/mail/receive.c:597:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (len=read(dnsock, buf, sizeof(buf))) > 1)
data/dnprogs-2.65/mail/sendvmsmail.c:100:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
input_line[strlen(input_line)-1] = '\0';
data/dnprogs-2.65/mail/sendvmsmail.c:105:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*subject = malloc(strlen(input_line));
data/dnprogs-2.65/mail/sendvmsmail.c:112:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*from = malloc(strlen(input_line));
data/dnprogs-2.65/mail/sendvmsmail.c:113:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*real_from = malloc(strlen(input_line));
data/dnprogs-2.65/mail/sendvmsmail.c:123:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*from = malloc(strlen(input_line)+strlen(config_hostname));
data/dnprogs-2.65/mail/sendvmsmail.c:123:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*from = malloc(strlen(input_line)+strlen(config_hostname));
data/dnprogs-2.65/mail/sendvmsmail.c:124:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*real_from = malloc(strlen(input_line));
data/dnprogs-2.65/mail/sendvmsmail.c:153:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*to = malloc(strlen(ptr)+1);
data/dnprogs-2.65/mail/sendvmsmail.c:171:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = strlen(input_line)-1;
data/dnprogs-2.65/mail/sendvmsmail.c:184:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*to = malloc(strlen(ptr)+1);
data/dnprogs-2.65/mail/sendvmsmail.c:289:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accessdata.acc_accl = strlen((char *)accessdata.acc_acc);
data/dnprogs-2.65/mail/sendvmsmail.c:329:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(node, to, 7); // Guarantee we have a colon in the name
data/dnprogs-2.65/mail/sendvmsmail.c:342:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(sockfd, from, strlen(from)) < 0) return -1;
data/dnprogs-2.65/mail/sendvmsmail.c:345:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(sockfd, vmsuser, strlen(vmsuser)) < 0) return -1;
data/dnprogs-2.65/mail/sendvmsmail.c:347:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
recvlen = read(sockfd, recvbuf, sizeof(recvbuf));
data/dnprogs-2.65/mail/sendvmsmail.c:354:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
recvlen = read(sockfd, recvbuf, sizeof(recvbuf));
data/dnprogs-2.65/mail/sendvmsmail.c:365:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(sockfd, to, strlen(to)) < 0) return -1;
data/dnprogs-2.65/mail/sendvmsmail.c:366:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(sockfd, subject, strlen(subject)) < 0) return -1;
data/dnprogs-2.65/mail/sendvmsmail.c:372:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (recvbuf[strlen(recvbuf)-1] == '\n')
data/dnprogs-2.65/mail/sendvmsmail.c:373:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
recvbuf[strlen(recvbuf)-1] = '\0';
data/dnprogs-2.65/mail/sendvmsmail.c:382:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(sockfd, recvbuf, strlen(recvbuf)) < 0) return -1;
data/dnprogs-2.65/mail/sendvmsmail.c:391:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
recvlen = read(sockfd, recvbuf, sizeof(recvbuf));
data/dnprogs-2.65/mail/sendvmsmail.c:395:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
recvlen = read(sockfd, recvbuf, sizeof(recvbuf));
data/dnprogs-2.65/mail/uulib/fptools.c:94:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((result = (char *) malloc (strlen (string) + 1)) == NULL)
data/dnprogs-2.65/mail/uulib/fptools.c:399:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = string + strlen (string) - 1;
data/dnprogs-2.65/mail/uulib/fptools.c:449:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = fgetc (stream)) == EOF) {
data/dnprogs-2.65/mail/uulib/fptools.c:465:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = fgetc (stream)) != '\012')
data/dnprogs-2.65/mail/uulib/uucheck.c:347:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (nofname);
data/dnprogs-2.65/mail/uulib/uucheck.c:593:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count = strlen(subject) - 1;
data/dnprogs-2.65/mail/uulib/uucheck.c:665:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = (*whend += strlen (delim));
data/dnprogs-2.65/mail/uulib/uucheck.c:723:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (data->filename)+1);
data/dnprogs-2.65/mail/uulib/uucheck.c:760:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(temp)+1):(strlen(result->filename)+1));
data/dnprogs-2.65/mail/uulib/uucheck.c:760:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(temp)+1):(strlen(result->filename)+1));
data/dnprogs-2.65/mail/uulib/uucheck.c:792:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(result->filename)+1):(strlen(temp)+1));
data/dnprogs-2.65/mail/uulib/uucheck.c:792:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(result->filename)+1):(strlen(temp)+1));
data/dnprogs-2.65/mail/uulib/uucheck.c:843:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(result->filename)+1):(strlen(temp)+1));
data/dnprogs-2.65/mail/uulib/uucheck.c:843:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(result->filename)+1):(strlen(temp)+1));
data/dnprogs-2.65/mail/uulib/uuencode.c:346:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
llen += strlen ((char *) eolstring);
data/dnprogs-2.65/mail/uulib/uuencode.c:791:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (diskname) + ((uuencodeext)?strlen(uuencodeext):3) + 5;
data/dnprogs-2.65/mail/uulib/uuencode.c:791:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (diskname) + ((uuencodeext)?strlen(uuencodeext):3) + 5;
data/dnprogs-2.65/mail/uulib/uuencode.c:801:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = ((uusavepath)?strlen(uusavepath):0) + strlen (diskname)
data/dnprogs-2.65/mail/uulib/uuencode.c:801:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = ((uusavepath)?strlen(uusavepath):0) + strlen (diskname)
data/dnprogs-2.65/mail/uulib/uuencode.c:802:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ ((uuencodeext)?strlen(uuencodeext):0) + 5;
data/dnprogs-2.65/mail/uulib/uuencode.c:813:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = ((uusavepath) ? strlen (uusavepath) : 0) +
data/dnprogs-2.65/mail/uulib/uuencode.c:814:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(UUFNameFilter(infname)) +
data/dnprogs-2.65/mail/uulib/uuencode.c:815:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((uuencodeext)?strlen(uuencodeext):0) + 5;
data/dnprogs-2.65/mail/uulib/uuencode.c:835:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optr = oname + strlen (oname);
data/dnprogs-2.65/mail/uulib/uuencode.c:839:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optr = oname + strlen (oname);
data/dnprogs-2.65/mail/uulib/uuencode.c:1029:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = ((subject)?strlen(subject):0) + strlen(oname) + 40;
data/dnprogs-2.65/mail/uulib/uuencode.c:1029:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = ((subject)?strlen(subject):0) + strlen(oname) + 40;
data/dnprogs-2.65/mail/uulib/uuencode.c:1100:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = ((subject)?strlen(subject):0) + strlen (oname) + 40;
data/dnprogs-2.65/mail/uulib/uuencode.c:1100:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = ((subject)?strlen(subject):0) + strlen (oname) + 40;
data/dnprogs-2.65/mail/uulib/uuencode.c:1176:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(oname)>16)?"oops":oname);
data/dnprogs-2.65/mail/uulib/uulib.c:285:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msgptr = uulib_msgstring + strlen (uulib_msgstring);
data/dnprogs-2.65/mail/uulib/uulib.c:289:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msgptr = uulib_msgstring + strlen (uulib_msgstring);
data/dnprogs-2.65/mail/uulib/uulib.c:675:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uustring (S_OUT_OF_MEMORY), strlen(filename)+1);
data/dnprogs-2.65/mail/uulib/uulib.c:691:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(filename)>255)?
data/dnprogs-2.65/mail/uulib/uulib.c:692:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(filename+strlen(filename)-255):filename,
data/dnprogs-2.65/mail/uulib/uulib.c:703:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = fgetc (datei);
data/dnprogs-2.65/mail/uulib/uulib.c:924:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(uugen_fnbuffer)>255)?
data/dnprogs-2.65/mail/uulib/uulib.c:925:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uugen_fnbuffer+strlen(uugen_fnbuffer)-255):uugen_fnbuffer,
data/dnprogs-2.65/mail/uulib/uunconc.c:195:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (string==NULL || (len=strlen(string))<3)
data/dnprogs-2.65/mail/uulib/uunconc.c:540:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = line + strlen (line);
data/dnprogs-2.65/mail/uulib/uunconc.c:574:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = line + strlen(line);
data/dnprogs-2.65/mail/uulib/uunconc.c:740:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp (line+2, boundary, strlen (boundary)) == 0) {
data/dnprogs-2.65/mail/uulib/uunconc.c:741:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line[strlen(boundary)+2]=='-')
data/dnprogs-2.65/mail/uulib/uunconc.c:837:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp (line+2, boundary, strlen (boundary)) == 0) {
data/dnprogs-2.65/mail/uulib/uunconc.c:838:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line[strlen(boundary)+2]=='-')
data/dnprogs-2.65/mail/uulib/uunconc.c:851:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = line + strlen (line);
data/dnprogs-2.65/mail/uulib/uunconc.c:955:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp (line+2, boundary, strlen (boundary)) == 0) {
data/dnprogs-2.65/mail/uulib/uunconc.c:956:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line[strlen(boundary)+2]=='-')
data/dnprogs-2.65/mail/uulib/uunconc.c:1203:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(data->filename)>255)?
data/dnprogs-2.65/mail/uulib/uunconc.c:1204:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(data->filename+strlen(data->filename)-255):data->filename,
data/dnprogs-2.65/mail/uulib/uunconc.c:1209:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(data->binfile)>255)?
data/dnprogs-2.65/mail/uulib/uunconc.c:1210:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(data->binfile+strlen(data->binfile)-255):data->binfile,
data/dnprogs-2.65/mail/uulib/uunconc.c:1347:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r[0] = fgetc (datain);
data/dnprogs-2.65/mail/uulib/uuscan.c:182:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
llength = strlen (uuscan_shlline);
data/dnprogs-2.65/mail/uulib/uuscan.c:198:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc (datei);
data/dnprogs-2.65/mail/uulib/uuscan.c:213:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc (datei);
data/dnprogs-2.65/mail/uulib/uuscan.c:244:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = strlen (ptr);
data/dnprogs-2.65/mail/uulib/uuscan.c:470:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (_FP_strnicmp (line, *iter, strlen (*iter)) == 0)
data/dnprogs-2.65/mail/uulib/uuscan.c:478:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (_FP_strnicmp (line, *iter, strlen (*iter)) == 0)
data/dnprogs-2.65/mail/uulib/uuscan.c:543:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blen = strlen (boundary);
data/dnprogs-2.65/mail/uulib/uuscan.c:659:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (isspace (result->filename[strlen(result->filename)-1]))
data/dnprogs-2.65/mail/uulib/uuscan.c:660:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result->filename[strlen(result->filename)-1] = '\0';
data/dnprogs-2.65/mail/uulib/uuscan.c:1355:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blen = strlen (sstate.envelope.boundary);
data/dnprogs-2.65/mail/uulib/uuscan.c:1518:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blen = strlen (multistack[mssdepth-1].envelope.boundary);
data/dnprogs-2.65/mail/uulib/uuscan.c:1609:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr1 = line + 2 + strlen (sstate.envelope.boundary);
data/dnprogs-2.65/mail/uulib/uuscan.c:1841:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blen = strlen (sstate.envelope.boundary);
data/dnprogs-2.65/mail/uulib/uuscan.c:2008:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blen = strlen (sstate.envelope.boundary);
data/dnprogs-2.65/multinet/multinet.c:418:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(tunfd, buf, sizeof(buf));
data/dnprogs-2.65/nml/nml.c:201:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[ptr++] = strlen(n->n_name) | (exec?0x80:0);
data/dnprogs-2.65/nml/nml.c:202:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(&buf[ptr], n->n_name, strlen(n->n_name));
data/dnprogs-2.65/nml/nml.c:203:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(n->n_name);
data/dnprogs-2.65/nml/nml.c:211:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[ptr++] = strlen(device);
data/dnprogs-2.65/nml/nml.c:213:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(device);
data/dnprogs-2.65/nml/nml.c:261:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[ptr++] = strlen(rn->n_name);
data/dnprogs-2.65/nml/nml.c:263:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(rn->n_name);
data/dnprogs-2.65/nml/nml.c:295:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[ptr++] = strlen(ident);
data/dnprogs-2.65/nml/nml.c:297:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ident);
data/dnprogs-2.65/nml/nml.c:531:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf)-1] == '\n') buf[strlen(buf)-1] = '\0';
data/dnprogs-2.65/nml/nml.c:531:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf)-1] == '\n') buf[strlen(buf)-1] = '\0';
data/dnprogs-2.65/nml/nml.c:545:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *nextspace = bufp+strlen(bufp);
data/dnprogs-2.65/nml/nml.c:577:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(newobj->daemon, " ");
data/dnprogs-2.65/nml/nml.c:637:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[ptr++] = strlen(obj->name);
data/dnprogs-2.65/nml/nml.c:639:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr+=strlen(obj->name);
data/dnprogs-2.65/nml/nml.c:650:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[ptr++] = strlen(obj->daemon);
data/dnprogs-2.65/nml/nml.c:652:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr+=strlen(obj->daemon);
data/dnprogs-2.65/nml/nml.c:659:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[ptr++] = strlen(obj->user);
data/dnprogs-2.65/nml/nml.c:661:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr+=strlen(obj->user);
data/dnprogs-2.65/nml/nml.c:759:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[ptr++] = strlen(ruser);
data/dnprogs-2.65/nml/nml.c:760:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(&buf[ptr], ruser, strlen(ruser));
data/dnprogs-2.65/nml/nml.c:761:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ruser);
data/dnprogs-2.65/nml/nml.c:766:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[ptr++] = strlen(luser);
data/dnprogs-2.65/nml/nml.c:767:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(&buf[ptr], luser, strlen(luser));
data/dnprogs-2.65/nml/nml.c:768:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(luser);
data/dnprogs-2.65/nml/nml.c:778:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[ptr++] = strlen(nent->n_name);
data/dnprogs-2.65/nml/nml.c:780:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(&buf[ptr], nent->n_name, strlen(nent->n_name));
data/dnprogs-2.65/nml/nml.c:781:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(nent->n_name);
data/dnprogs-2.65/nml/nml.c:858:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
status = read(sock, buf, sizeof(buf));
data/dnprogs-2.65/phone/backend.c:71:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i<strlen(local_name); i++)
data/dnprogs-2.65/phone/backend.c:95:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i<strlen(local_name); i++)
data/dnprogs-2.65/phone/backend.c:131:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(localname)+1; // make sure it includes \0
data/dnprogs-2.65/phone/backend.c:225:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cmd) > 0)
data/dnprogs-2.65/phone/backend.c:246:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf)-1] == '\n')
data/dnprogs-2.65/phone/backend.c:247:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)-1] = '\r';
data/dnprogs-2.65/phone/backend.c:250:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf)-1] != '\r')
data/dnprogs-2.65/phone/backend.c:251:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "\r");
data/dnprogs-2.65/phone/backend.c:254:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_data(fds[i].out_fd, buf, strlen(buf));
data/dnprogs-2.65/phone/backend.c:334:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(outbuf+strlen(outbuf)+1, fds[i].remote_name);
data/dnprogs-2.65/phone/backend.c:335:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(out_fd, outbuf, strlen(outbuf)+strlen(fds[i].remote_name)+1) < 0)
data/dnprogs-2.65/phone/backend.c:335:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(out_fd, outbuf, strlen(outbuf)+strlen(fds[i].remote_name)+1) < 0)
data/dnprogs-2.65/phone/backend.c:352:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(out_fd, outbuf, strlen(outbuf)+1) < 0)
data/dnprogs-2.65/phone/backend.c:391:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
status = read(fd, buf, sizeof(buf));
data/dnprogs-2.65/phone/backend.c:394:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *text = buf+strlen(buf)+1;
data/dnprogs-2.65/phone/backend.c:546:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fds[i].out_fd, buf, strlen(buf)+1);
data/dnprogs-2.65/phone/backend.c:579:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(buf+strlen(buf)+1, text, len);
data/dnprogs-2.65/phone/backend.c:581:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fd, buf, strlen(buf)+1+len);
data/dnprogs-2.65/phone/backend.c:595:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fd, buf, strlen(buf)+1);
data/dnprogs-2.65/phone/backend.c:598:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fd, buf, strlen(buf)+1);
data/dnprogs-2.65/phone/backend.c:613:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)+1] = dial_flag;
data/dnprogs-2.65/phone/backend.c:614:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(dial_fd, buf, strlen(buf)+2);
data/dnprogs-2.65/phone/backend.c:616:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(dial_fd, buf, 1);
data/dnprogs-2.65/phone/backend.c:643:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fd, buf, strlen(buf)+1);
data/dnprogs-2.65/phone/backend.c:663:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!colons || strlen(colons) < 3)
data/dnprogs-2.65/phone/backend.c:726:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i<strlen(newuser); i++)
data/dnprogs-2.65/phone/backend.c:734:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(msg+strlen(msg)+1, newuser);
data/dnprogs-2.65/phone/backend.c:736:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(sockfd, msg, strlen(msg)+strlen(newuser)+1) < 0)
data/dnprogs-2.65/phone/backend.c:736:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(sockfd, msg, strlen(msg)+strlen(newuser)+1) < 0)
data/dnprogs-2.65/phone/backend.c:744:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (len=read(sockfd, buf, 1)) < 1)
data/dnprogs-2.65/phone/backend.c:783:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(user_pipe, inhead, 2) < 2) return -1;
data/dnprogs-2.65/phone/backend.c:784:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(user_pipe, inbuf, inhead[0]) <= 0) return -1;
data/dnprogs-2.65/phone/backend.c:905:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (status=read(sockfd, buf, sizeof(buf))) > 0)
data/dnprogs-2.65/phone/gtkphonesrc.c:95:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full_filename = g_malloc (strlen (directory) + 1 + strlen (filename) + 1);
data/dnprogs-2.65/phone/gtkphonesrc.c:95:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full_filename = g_malloc (strlen (directory) + 1 + strlen (filename) + 1);
data/dnprogs-2.65/phone/gtkphonesrc.c:650:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *node = malloc(strlen(nodename)+1);
data/dnprogs-2.65/phone/gtkphonesrc.c:762:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *node = malloc(strlen(nodename)+1);
data/dnprogs-2.65/phone/phone_gtk.c:136:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_data(userinfo[i].out_fd, text, strlen(text));
data/dnprogs-2.65/phone/phone_gtk.c:261:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j=0; j<strlen(msg); j++)
data/dnprogs-2.65/phone/phone_ncurses.c:560:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j=0; j<strlen(msg); j++)
data/dnprogs-2.65/phone/phone_ncurses.c:670:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Screen_Width/2-strlen(userinfo[win].name)/2, "%s",
data/dnprogs-2.65/phone/phone_server.c:78:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i<strlen(local_name); i++)
data/dnprogs-2.65/phone/phone_server.c:99:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uptr = strchr((buf+strlen(buf)+1), ':') + 2;
data/dnprogs-2.65/phone/phone_server.c:102:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i<=strlen(uptr); i++)
data/dnprogs-2.65/phone/phone_server.c:175:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fd, message, strlen(message));
data/dnprogs-2.65/phone/phone_server.c:291:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(proc_fd, cmdline, sizeof(cmdline));
data/dnprogs-2.65/phone/phone_server.c:308:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fd, message, strlen(message));
data/dnprogs-2.65/phone/phone_server.c:347:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msghead[0] = strlen(fdarray[decnet_fd].remote_user)+1; // send NUL
data/dnprogs-2.65/phone/phone_server.c:432:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (status = read(fdarray[entry].fd, buf, sizeof(buf))) >0 )
data/dnprogs-2.65/phone/phone_server.c:439:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(fdarray[entry].local_user, buf+strlen(buf)+1);
data/dnprogs-2.65/phone/phone_server.c:500:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fdarray[entry].fd, &len, 1) <= 0)
data/dnprogs-2.65/phone/phone_server.c:512:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fdarray[entry].fd, fdarray[entry].local_user, len);
ANALYSIS SUMMARY:
Hits = 1777
Lines analyzed = 51323 in approximately 1.55 seconds (33072 lines/second)
Physical Source Lines of Code (SLOC) = 37934
Hits@level = [0] 937 [1] 594 [2] 784 [3] 54 [4] 335 [5] 10
Hits@level+ = [0+] 2714 [1+] 1777 [2+] 1183 [3+] 399 [4+] 345 [5+] 10
Hits/KSLOC@level+ = [0+] 71.5453 [1+] 46.8445 [2+] 31.1857 [3+] 10.5183 [4+] 9.09474 [5+] 0.263616
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.