Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/hcxtools-6.0.2/com_aes.c
Examining data/hcxtools-6.0.2/com_formats.c
Examining data/hcxtools-6.0.2/com_md5_64.c
Examining data/hcxtools-6.0.2/com_md5_64.h
Examining data/hcxtools-6.0.2/com_wpa.c
Examining data/hcxtools-6.0.2/common.c
Examining data/hcxtools-6.0.2/common.h
Examining data/hcxtools-6.0.2/hcxessidtool.c
Examining data/hcxtools-6.0.2/hcxhash2cap.c
Examining data/hcxtools-6.0.2/hcxhashcattool.c
Examining data/hcxtools-6.0.2/hcxhashtool.c
Examining data/hcxtools-6.0.2/hcxmactool.c
Examining data/hcxtools-6.0.2/hcxpcapngtool.c
Examining data/hcxtools-6.0.2/hcxpcaptool.c
Examining data/hcxtools-6.0.2/hcxpmkidtool.c
Examining data/hcxtools-6.0.2/hcxpsktool.c
Examining data/hcxtools-6.0.2/hcxwltool.c
Examining data/hcxtools-6.0.2/include/byteops.c
Examining data/hcxtools-6.0.2/include/fileops.c
Examining data/hcxtools-6.0.2/include/fileops.h
Examining data/hcxtools-6.0.2/include/gzops.c
Examining data/hcxtools-6.0.2/include/gzops.h
Examining data/hcxtools-6.0.2/include/hashcatops.c
Examining data/hcxtools-6.0.2/include/hashcatops.h
Examining data/hcxtools-6.0.2/include/hashops.c
Examining data/hcxtools-6.0.2/include/hashops.h
Examining data/hcxtools-6.0.2/include/hcxessidtool.h
Examining data/hcxtools-6.0.2/include/hcxhash2cap.h
Examining data/hcxtools-6.0.2/include/hcxhashtool.h
Examining data/hcxtools-6.0.2/include/hcxmactool.h
Examining data/hcxtools-6.0.2/include/hcxpcapngtool.h
Examining data/hcxtools-6.0.2/include/hcxpcaptool.h
Examining data/hcxtools-6.0.2/include/hcxpmkidtool.h
Examining data/hcxtools-6.0.2/include/hcxpsktool.h
Examining data/hcxtools-6.0.2/include/hcxwltool.h
Examining data/hcxtools-6.0.2/include/ieee80211.c
Examining data/hcxtools-6.0.2/include/ieee80211.h
Examining data/hcxtools-6.0.2/include/ieee80211.old.c
Examining data/hcxtools-6.0.2/include/ieee80211.old.h
Examining data/hcxtools-6.0.2/include/johnops.c
Examining data/hcxtools-6.0.2/include/pcap.c
Examining data/hcxtools-6.0.2/include/pcap.h
Examining data/hcxtools-6.0.2/include/strings.c
Examining data/hcxtools-6.0.2/whoismac.c
Examining data/hcxtools-6.0.2/wlancap2wpasec.c
Examining data/hcxtools-6.0.2/wlanhcx2john.c
Examining data/hcxtools-6.0.2/wlanhcx2ssid.c
Examining data/hcxtools-6.0.2/wlanhcxcat.c
Examining data/hcxtools-6.0.2/wlanhcxinfo.c
Examining data/hcxtools-6.0.2/wlanjohn2hcx.c
Examining data/hcxtools-6.0.2/wlanpmk2hcx.c
Examining data/hcxtools-6.0.2/wlanwkp2hcx.c
FINAL RESULTS:
data/hcxtools-6.0.2/hcxhashtool.c:1493:1: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(ouinameuserpath, ouinameuser, PATH_MAX -1);
data/hcxtools-6.0.2/hcxhashtool.c:1549:1: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(ouinameuserpath, ouipath, PATH_MAX -1);
data/hcxtools-6.0.2/hcxhashtool.c:1558:1: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(ouinameuserpath, ouiname, PATH_MAX -1);
data/hcxtools-6.0.2/hcxmactool.c:723:2: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(ouinameuserhome, ouinameuser, PATH_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:4563:2: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(pmkideapolprefix, pmkideapolsuffix, PREFIX_BUFFER_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:4567:2: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(essidprefix, essidsuffix, PREFIX_BUFFER_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:4571:2: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(identityprefix, identitysuffix, PREFIX_BUFFER_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:4575:2: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(usernameprefix, usernamesuffix, PREFIX_BUFFER_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:4579:2: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(eapmd5prefix, eapmd5suffix, PREFIX_BUFFER_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:4583:2: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(eapleapprefix, eapleapsuffix, PREFIX_BUFFER_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:4587:2: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(nmeaprefix, nmeasuffix, PREFIX_BUFFER_MAX);
data/hcxtools-6.0.2/com_formats.c:204:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(out, "%08x%08x%08x%08x:%02x%02x%02x%02x%02x%02x:%02x%02x%02x%02x%02x%02x:%s:%s",
data/hcxtools-6.0.2/com_formats.c:213:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(out, "%08x%08x%08x%08x:%02x%02x%02x%02x%02x%02x:%02x%02x%02x%02x%02x%02x:%s",
data/hcxtools-6.0.2/hcxpcaptool.c:6971:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pcapnghwinfo, unknown);
data/hcxtools-6.0.2/hcxpcaptool.c:6972:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pcapngosinfo, unknown);
data/hcxtools-6.0.2/hcxpcaptool.c:6973:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pcapngapplinfo, unknown);
data/hcxtools-6.0.2/hcxpcaptool.c:7649:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefixhccapxname, prefixoutname);
data/hcxtools-6.0.2/hcxpcaptool.c:7653:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefix16800name, prefixoutname);
data/hcxtools-6.0.2/hcxpcaptool.c:7657:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefixnetntlm1name, prefixoutname);
data/hcxtools-6.0.2/hcxpcaptool.c:7661:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefixmd5name, prefixoutname);
data/hcxtools-6.0.2/hcxpcaptool.c:7665:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefixtacacspname, prefixoutname);
data/hcxtools-6.0.2/hcxpcaptool.c:7669:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefixessidname, prefixoutname);
data/hcxtools-6.0.2/hcxpcaptool.c:7673:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefixidentityname, prefixoutname);
data/hcxtools-6.0.2/hcxpcaptool.c:7677:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefixusername, prefixoutname);
data/hcxtools-6.0.2/hcxpcaptool.c:7681:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefiximsiname, prefixoutname);
data/hcxtools-6.0.2/hcxpcaptool.c:7685:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefixnetworkname, prefixoutname);
data/hcxtools-6.0.2/hcxpcaptool.c:7689:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefixtrafficname, prefixoutname);
data/hcxtools-6.0.2/hcxpcaptool.c:7693:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefixstaessidname, prefixoutname);
data/hcxtools-6.0.2/hcxpcaptool.c:7697:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefixdeviceinfoname, prefixoutname);
data/hcxtools-6.0.2/include/pcap.c:39:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newcapdumpname, capdumpname);
data/hcxtools-6.0.2/wlanhcx2ssid.c:307:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(keyveroutname, "%s.%x.hccapx", keyvername, keyver);
data/hcxtools-6.0.2/wlanhcx2ssid.c:793:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(vendoroutname, vendorstring);
data/hcxtools-6.0.2/wlanhcx2ssid.c:794:1: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(vendoroutname,hccapxstr);
data/hcxtools-6.0.2/hcxessidtool.c:1198:18: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((auswahl = getopt_long (argc, argv, short_options, long_options, &index)) != -1)
data/hcxtools-6.0.2/hcxhash2cap.c:55:1: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/hcxtools-6.0.2/hcxhash2cap.c:1608:18: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((auswahl = getopt_long (argc, argv, short_options, long_options, &index)) != -1)
data/hcxtools-6.0.2/hcxhashcattool.c:595:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((auswahl = getopt(argc, argv, "p:P:hv")) != -1)
data/hcxtools-6.0.2/hcxhashtool.c:1760:18: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((auswahl = getopt_long (argc, argv, short_options, long_options, &index)) != -1)
data/hcxtools-6.0.2/hcxmactool.c:853:18: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((auswahl = getopt_long (argc, argv, short_options, long_options, &index)) != -1)
data/hcxtools-6.0.2/hcxpcapngtool.c:4432:18: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((auswahl = getopt_long (argc, argv, short_options, long_options, &index)) != -1)
data/hcxtools-6.0.2/hcxpcaptool.c:355:1: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/hcxtools-6.0.2/hcxpcaptool.c:7378:18: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((auswahl = getopt_long (argc, argv, short_options, long_options, &index)) != -1)
data/hcxtools-6.0.2/hcxpmkidtool.c:534:18: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((auswahl = getopt_long (argc, argv, short_options, long_options, &index)) != -1)
data/hcxtools-6.0.2/hcxpsktool.c:1992:18: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((auswahl = getopt_long (argc, argv, short_options, long_options, &index)) != -1)
data/hcxtools-6.0.2/hcxwltool.c:696:18: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((auswahl = getopt_long (argc, argv, short_options, long_options, &index)) != -1)
data/hcxtools-6.0.2/whoismac.c:469:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((auswahl = getopt(argc, argv, "m:v:p:P:e:x:dh")) != -1)
data/hcxtools-6.0.2/wlancap2wpasec.c:158:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((auswahl = getopt(argc, argv, "k:u:t:e:Rhv")) != -1)
data/hcxtools-6.0.2/wlanhcx2john.c:236:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((auswahl = getopt(argc, argv, "o:hv")) != -1)
data/hcxtools-6.0.2/wlanhcx2ssid.c:1312:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((auswahl = getopt(argc, argv, "i:A:S:O:V:E:X:x:p:l:L:w:W:r:R:N:n:g:G:0:1:2:3:4:5:k:F:D:asoeh")) != -1)
data/hcxtools-6.0.2/wlanhcxcat.c:696:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((auswahl = getopt(argc, argv, "i:e:p:P:w:o:hv")) != -1)
data/hcxtools-6.0.2/wlanhcxinfo.c:696:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((auswahl = getopt(argc, argv, "i:j:o:aAsSMRwpPlehv")) != -1)
data/hcxtools-6.0.2/wlanjohn2hcx.c:327:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((auswahl = getopt(argc, argv, "o:e:hv")) != -1)
data/hcxtools-6.0.2/wlanpmk2hcx.c:214:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((auswahl = getopt(argc, argv, "i:o:j:e:p:h")) != -1)
data/hcxtools-6.0.2/wlanwkp2hcx.c:258:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((auswahl = getopt(argc, argv, "o:e:hv")) != -1)
data/hcxtools-6.0.2/com_formats.c:8:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pke_ptr, "Pairwise key expansion", 22);
data/hcxtools-6.0.2/com_formats.c:11:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pke_ptr + 22, hcxrecord->mac_ap.addr, 6);
data/hcxtools-6.0.2/com_formats.c:12:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pke_ptr + 28, hcxrecord->mac_sta.addr, 6);
data/hcxtools-6.0.2/com_formats.c:16:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pke_ptr + 22, hcxrecord->mac_sta.addr, 6);
data/hcxtools-6.0.2/com_formats.c:17:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pke_ptr + 28, hcxrecord->mac_ap.addr, 6);
data/hcxtools-6.0.2/com_formats.c:21:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pke_ptr + 34, hcxrecord->nonce_ap, 32);
data/hcxtools-6.0.2/com_formats.c:22:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pke_ptr + 66, hcxrecord->nonce_sta, 32);
data/hcxtools-6.0.2/com_formats.c:26:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pke_ptr + 34, hcxrecord->nonce_sta, 32);
data/hcxtools-6.0.2/com_formats.c:27:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pke_ptr + 66, hcxrecord->nonce_ap, 32);
data/hcxtools-6.0.2/com_formats.c:34:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pke_ptr, "Pairwise key expansion", 23);
data/hcxtools-6.0.2/com_formats.c:37:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pke_ptr + 23, hcxrecord->mac_ap.addr, 6);
data/hcxtools-6.0.2/com_formats.c:38:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pke_ptr + 29, hcxrecord->mac_sta.addr, 6);
data/hcxtools-6.0.2/com_formats.c:42:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pke_ptr + 23, hcxrecord->mac_sta.addr, 6);
data/hcxtools-6.0.2/com_formats.c:43:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pke_ptr + 29, hcxrecord->mac_ap.addr, 6);
data/hcxtools-6.0.2/com_formats.c:48:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pke_ptr + 35, hcxrecord->nonce_ap, 32);
data/hcxtools-6.0.2/com_formats.c:49:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pke_ptr + 67, hcxrecord->nonce_sta, 32);
data/hcxtools-6.0.2/com_formats.c:53:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pke_ptr + 35, hcxrecord->nonce_sta, 32);
data/hcxtools-6.0.2/com_formats.c:54:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pke_ptr + 67, hcxrecord->nonce_ap, 32);
data/hcxtools-6.0.2/com_formats.c:69:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwstr[256];
data/hcxtools-6.0.2/com_formats.c:70:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essidstr[256];
data/hcxtools-6.0.2/com_formats.c:84:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hashrec.salt_buf, hcxrecord->essid, hcxrecord->essid_len);
data/hcxtools-6.0.2/com_formats.c:109:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eapol_ptr, hcxrecord->eapol, hcxrecord->eapol_len);
data/hcxtools-6.0.2/com_formats.c:113:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&hashrec.keymic, hcxrecord->keymic, 16);
data/hcxtools-6.0.2/com_formats.c:191:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidstr, hcxrecord->essid, hcxrecord->essid_len);
data/hcxtools-6.0.2/com_formats.c:202:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pwstr, password, pwlen);
data/hcxtools-6.0.2/com_wpa.c:40:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkedata_prf + 2, pkedata, 98);
data/hcxtools-6.0.2/common.h:735:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[258];
data/hcxtools-6.0.2/common.h:756:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char usernames[258];
data/hcxtools-6.0.2/common.h:757:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char usernamec[258];
data/hcxtools-6.0.2/hcxessidtool.c:100:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(essidmacapoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxessidtool.c:138:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(essidmacapoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxessidtool.c:176:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(essidoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxessidtool.c:212:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(essidoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxessidtool.c:300:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digit[16] = {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
data/hcxtools-6.0.2/hcxessidtool.c:302:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char groupoutname[256];
data/hcxtools-6.0.2/hcxessidtool.c:324:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(&groupoutname[ceo], ".hccapx");
data/hcxtools-6.0.2/hcxessidtool.c:326:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd_file = open(groupoutname, O_WRONLY | O_CREAT | O_APPEND, 0644)) == -1)
data/hcxtools-6.0.2/hcxessidtool.c:378:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd_file = open(hccapxoutname, O_WRONLY | O_CREAT | O_APPEND, 0644)) == -1)
data/hcxtools-6.0.2/hcxessidtool.c:401:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd_file = open(hccapx2outname, O_WRONLY | O_CREAT | O_APPEND, 0644)) == -1)
data/hcxtools-6.0.2/hcxessidtool.c:430:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd_file = open(hccapx1outname, O_WRONLY | O_CREAT | O_APPEND, 0644)) == -1)
data/hcxtools-6.0.2/hcxessidtool.c:458:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd_file = open(hccapx12outname, O_WRONLY | O_CREAT, 0644)) == -1)
data/hcxtools-6.0.2/hcxessidtool.c:519:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd_file = open(hccapx2name, O_RDONLY)) == -1)
data/hcxtools-6.0.2/hcxessidtool.c:572:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd_file = open(hccapx1name, O_RDONLY)) == -1)
data/hcxtools-6.0.2/hcxessidtool.c:674:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digit[16] = {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
data/hcxtools-6.0.2/hcxessidtool.c:676:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char groupoutname[256];
data/hcxtools-6.0.2/hcxessidtool.c:698:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(&groupoutname[ceo], ".16800");
data/hcxtools-6.0.2/hcxessidtool.c:699:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(groupoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxessidtool.c:751:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(pmkidoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxessidtool.c:772:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(pmkid2outname, "a")) == NULL)
data/hcxtools-6.0.2/hcxessidtool.c:798:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(pmkid1outname, "a")) == NULL)
data/hcxtools-6.0.2/hcxessidtool.c:824:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(pmkid12outname, "w+")) == NULL)
data/hcxtools-6.0.2/hcxessidtool.c:903:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[PMKID_LINE_LEN];
data/hcxtools-6.0.2/hcxessidtool.c:917:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(pmkid2name, "r")) == NULL)
data/hcxtools-6.0.2/hcxessidtool.c:1008:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[PMKID_LINE_LEN];
data/hcxtools-6.0.2/hcxessidtool.c:1022:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(pmkid1name, "r")) == NULL)
data/hcxtools-6.0.2/hcxhash2cap.c:107:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packetout[PCAPREC_SIZE], &m1wpa1data, M1WPA1DATA_SIZE);
data/hcxtools-6.0.2/hcxhash2cap.c:109:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr1, macsta, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:110:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr2, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:111:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr3, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:167:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packetout[PCAPREC_SIZE], &m1wpa2data, M1WPA2DATA_SIZE);
data/hcxtools-6.0.2/hcxhash2cap.c:169:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr1, macsta, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:170:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr2, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:171:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr3, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:226:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packetout[PCAPREC_SIZE], &m1wpa2keyver3data, M1WPA2KEYVER3DATA_SIZE);
data/hcxtools-6.0.2/hcxhash2cap.c:228:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr1, macsta, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:229:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr2, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:230:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr3, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:284:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packetout[PCAPREC_SIZE], &pmkiddata, PMKIDDATA_SIZE);
data/hcxtools-6.0.2/hcxhash2cap.c:286:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr1, macsta, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:287:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr2, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:288:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr3, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:289:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packetout[PCAPREC_SIZE +0x8b], pmkid, 16);
data/hcxtools-6.0.2/hcxhash2cap.c:322:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packetout[PCAPREC_SIZE], &m2data, M2DATA_SIZE);
data/hcxtools-6.0.2/hcxhash2cap.c:324:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr1, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:325:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr2, macsta, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:326:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr3, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:327:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packetout[PCAPREC_SIZE +M2DATA_SIZE], eapol, eapollen);
data/hcxtools-6.0.2/hcxhash2cap.c:328:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packetout[PCAPREC_SIZE +M2DATA_SIZE +0x51], mic, 16);
data/hcxtools-6.0.2/hcxhash2cap.c:365:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr1, &mac_broadcast, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:366:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr2, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:367:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr3, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:378:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2], essid, essidlen);
data/hcxtools-6.0.2/hcxhash2cap.c:379:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2 +essidlen], &beacondata, BEACONDATA_SIZE);
data/hcxtools-6.0.2/hcxhash2cap.c:417:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr1, &mac_broadcast, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:418:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr2, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:419:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr3, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:430:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2], essid, essidlen);
data/hcxtools-6.0.2/hcxhash2cap.c:431:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2 +essidlen], &beacondata, BEACONDATA_SIZE);
data/hcxtools-6.0.2/hcxhash2cap.c:469:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr1, &mac_broadcast, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:470:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr2, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:471:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mach->addr3, macap, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:482:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2], essid, essidlen);
data/hcxtools-6.0.2/hcxhash2cap.c:483:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packetout[PCAPREC_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +2 +essidlen], &beacondata, BEACONDATA_SIZE);
data/hcxtools-6.0.2/hcxhash2cap.c:582:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[PMKIDEAPOL_LINE_LEN +1];
data/hcxtools-6.0.2/hcxhash2cap.c:590:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char singlecapname[PATH_MAX +2];
data/hcxtools-6.0.2/hcxhash2cap.c:592:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhpmkideapol = fopen(pmkideapolname, "r")) == NULL)
data/hcxtools-6.0.2/hcxhash2cap.c:621:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hash, &buffer, 16);
data/hcxtools-6.0.2/hcxhash2cap.c:628:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&macap, &buffer, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:634:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&macsta, &buffer, 6);
data/hcxtools-6.0.2/hcxhash2cap.c:641:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essid, &buffer, essidlen);
data/hcxtools-6.0.2/hcxhash2cap.c:674:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&anonce, &buffer, 32);
data/hcxtools-6.0.2/hcxhash2cap.c:682:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&eapol, &buffer, eapauthlen);
data/hcxtools-6.0.2/hcxhash2cap.c:798:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[PMKID_LINE_LEN];
data/hcxtools-6.0.2/hcxhash2cap.c:803:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char singlecapname[PATH_MAX +2];
data/hcxtools-6.0.2/hcxhash2cap.c:805:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhpmkid = fopen(pmkidname, "r")) == NULL)
data/hcxtools-6.0.2/hcxhash2cap.c:908:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char singlecapname[PATH_MAX +2];
data/hcxtools-6.0.2/hcxhash2cap.c:920:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(hccapxname, "rb")) == NULL)
data/hcxtools-6.0.2/hcxhash2cap.c:1098:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char singlecapname[PATH_MAX +2];
data/hcxtools-6.0.2/hcxhash2cap.c:1112:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhc = fopen(hccapname, "rb")) == NULL)
data/hcxtools-6.0.2/hcxhash2cap.c:1300:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char itoa64[64] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
data/hcxtools-6.0.2/hcxhash2cap.c:1302:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char singlecapname[PATH_MAX +2];
data/hcxtools-6.0.2/hcxhash2cap.c:1303:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[JOHN_LINE_LEN];
data/hcxtools-6.0.2/hcxhash2cap.c:1305:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char atoi64[0x100];
data/hcxtools-6.0.2/hcxhash2cap.c:1307:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhjohn = fopen(johnname, "r")) == NULL)
data/hcxtools-6.0.2/hcxhash2cap.c:1364:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hcdata, ptressid, essidlen);
data/hcxtools-6.0.2/hcxhashcattool.c:80:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhpmk = fopen(pmkname, "w")) == NULL)
data/hcxtools-6.0.2/hcxhashcattool.c:218:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkliste->pmk, pmktmp->pmk, 32);
data/hcxtools-6.0.2/hcxhashcattool.c:221:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkliste->essid, pmktmp->essid, pmktmp->essidlen);
data/hcxtools-6.0.2/hcxhashcattool.c:224:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkliste->psk, pmktmp->psk, pmktmp->psklen);
data/hcxtools-6.0.2/hcxhashcattool.c:250:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->pmk, pmktmp->pmk, 32);
data/hcxtools-6.0.2/hcxhashcattool.c:253:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->essid, pmktmp->essid, pmktmp->essidlen);
data/hcxtools-6.0.2/hcxhashcattool.c:256:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->psk, pmktmp->psk, pmktmp->psklen);
data/hcxtools-6.0.2/hcxhashcattool.c:322:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmktmp.essid, essidptr, essidlen);
data/hcxtools-6.0.2/hcxhashcattool.c:361:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmktmp.psk, pskptr, psklen);
data/hcxtools-6.0.2/hcxhashcattool.c:448:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmktmp.psk, psk_ptr, psklen);
data/hcxtools-6.0.2/hcxhashcattool.c:496:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char potline[256];
data/hcxtools-6.0.2/hcxhashcattool.c:498:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhpot = fopen(potname, "r")) == NULL)
data/hcxtools-6.0.2/hcxhashcattool.c:521:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pmkline[256];
data/hcxtools-6.0.2/hcxhashcattool.c:523:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhpmk = fopen(pmkname, "r")) == NULL)
data/hcxtools-6.0.2/hcxhashtool.c:247:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr, "Pairwise key expansion", 23);
data/hcxtools-6.0.2/hcxhashtool.c:250:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +23, zeiger->ap, 6);
data/hcxtools-6.0.2/hcxhashtool.c:251:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +29, zeiger->client, 6);
data/hcxtools-6.0.2/hcxhashtool.c:255:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +23, zeiger->client, 6);
data/hcxtools-6.0.2/hcxhashtool.c:256:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +29, zeiger->ap, 6);
data/hcxtools-6.0.2/hcxhashtool.c:261:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +35, zeiger->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:262:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +67, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:266:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +35, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:267:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +67, zeiger->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:293:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr, "Pairwise key expansion", 22);
data/hcxtools-6.0.2/hcxhashtool.c:296:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +22, zeiger->ap, 6);
data/hcxtools-6.0.2/hcxhashtool.c:297:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +28, zeiger->client, 6);
data/hcxtools-6.0.2/hcxhashtool.c:301:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +22, zeiger->client, 6);
data/hcxtools-6.0.2/hcxhashtool.c:302:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +28, zeiger->ap, 6);
data/hcxtools-6.0.2/hcxhashtool.c:306:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +34, zeiger->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:307:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +66, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:311:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +34, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:312:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +66, zeiger->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:337:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt, pmkname, 8);
data/hcxtools-6.0.2/hcxhashtool.c:338:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt[8], zeiger->ap, 6);
data/hcxtools-6.0.2/hcxhashtool.c:339:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt[14], zeiger->client, 6);
data/hcxtools-6.0.2/hcxhashtool.c:391:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr, "Pairwise key expansion", 23);
data/hcxtools-6.0.2/hcxhashtool.c:394:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +23, zeiger->ap, 6);
data/hcxtools-6.0.2/hcxhashtool.c:395:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +29, zeiger->client, 6);
data/hcxtools-6.0.2/hcxhashtool.c:399:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +23, zeiger->client, 6);
data/hcxtools-6.0.2/hcxhashtool.c:400:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +29, zeiger->ap, 6);
data/hcxtools-6.0.2/hcxhashtool.c:405:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +35, zeiger->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:406:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +67, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:410:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +35, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:411:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +67, zeiger->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:443:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr, "Pairwise key expansion", 22);
data/hcxtools-6.0.2/hcxhashtool.c:446:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +22, zeiger->ap, 6);
data/hcxtools-6.0.2/hcxhashtool.c:447:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +28, zeiger->client, 6);
data/hcxtools-6.0.2/hcxhashtool.c:451:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +22, zeiger->client, 6);
data/hcxtools-6.0.2/hcxhashtool.c:452:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +28, zeiger->ap, 6);
data/hcxtools-6.0.2/hcxhashtool.c:456:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +34, zeiger->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:457:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +66, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:461:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +34, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:462:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +66, zeiger->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:466:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkedata_prf + 2, pkedata, 98);
data/hcxtools-6.0.2/hcxhashtool.c:498:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt, pmkname, 8);
data/hcxtools-6.0.2/hcxhashtool.c:499:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt[8], zeiger->ap, 6);
data/hcxtools-6.0.2/hcxhashtool.c:500:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt[14], zeiger->client, 6);
data/hcxtools-6.0.2/hcxhashtool.c:576:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char itoa64[64] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
data/hcxtools-6.0.2/hcxhashtool.c:593:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essid[36];
data/hcxtools-6.0.2/hcxhashtool.c:594:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ap[6];
data/hcxtools-6.0.2/hcxhashtool.c:595:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char client[6];
data/hcxtools-6.0.2/hcxhashtool.c:596:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char snonce[32];
data/hcxtools-6.0.2/hcxhashtool.c:597:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char anonce[32];
data/hcxtools-6.0.2/hcxhashtool.c:598:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char eapol[256];
data/hcxtools-6.0.2/hcxhashtool.c:601:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keymic[16];
data/hcxtools-6.0.2/hcxhashtool.c:638:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.essid, zeiger->essid, zeiger->essidlen);
data/hcxtools-6.0.2/hcxhashtool.c:639:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.ap, zeiger->ap, 6);
data/hcxtools-6.0.2/hcxhashtool.c:640:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.client, zeiger->client, 6);
data/hcxtools-6.0.2/hcxhashtool.c:641:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.anonce, zeiger->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:642:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.snonce, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:643:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.keymic, zeiger->hash, 16);
data/hcxtools-6.0.2/hcxhashtool.c:646:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.eapol, zeiger->eapol, zeiger->eapauthlen);
data/hcxtools-6.0.2/hcxhashtool.c:676:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_john = fopen(johnoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxhashtool.c:698:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essid[36];
data/hcxtools-6.0.2/hcxhashtool.c:699:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ap[6];
data/hcxtools-6.0.2/hcxhashtool.c:700:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char client[6];
data/hcxtools-6.0.2/hcxhashtool.c:701:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char snonce[32];
data/hcxtools-6.0.2/hcxhashtool.c:702:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char anonce[32];
data/hcxtools-6.0.2/hcxhashtool.c:703:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char eapol[256];
data/hcxtools-6.0.2/hcxhashtool.c:706:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keymic[16];
data/hcxtools-6.0.2/hcxhashtool.c:741:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.essid, zeiger->essid, zeiger->essidlen);
data/hcxtools-6.0.2/hcxhashtool.c:742:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.ap, zeiger->ap, 6);
data/hcxtools-6.0.2/hcxhashtool.c:743:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.client, zeiger->client, 6);
data/hcxtools-6.0.2/hcxhashtool.c:744:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.anonce, zeiger->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:745:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.snonce, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:746:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.keymic, zeiger->hash, 16);
data/hcxtools-6.0.2/hcxhashtool.c:749:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.eapol, zeiger->eapol, zeiger->eapauthlen);
data/hcxtools-6.0.2/hcxhashtool.c:765:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char groupoutname[PATH_MAX];
data/hcxtools-6.0.2/hcxhashtool.c:776:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_hccap = fopen(groupoutname, "a")) == NULL) continue;
data/hcxtools-6.0.2/hcxhashtool.c:795:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_hccap = fopen(hccapoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxhashtool.c:870:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.essid, zeiger->essid, zeiger->essidlen);
data/hcxtools-6.0.2/hcxhashtool.c:871:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.ap, zeiger->ap, 6);
data/hcxtools-6.0.2/hcxhashtool.c:872:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.client, zeiger->client, 6);
data/hcxtools-6.0.2/hcxhashtool.c:873:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.anonce, zeiger->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:874:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.snonce, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxhashtool.c:876:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.eapol, zeiger->eapol, zeiger->eapauthlen);
data/hcxtools-6.0.2/hcxhashtool.c:878:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.keymic, zeiger->hash, 16);
data/hcxtools-6.0.2/hcxhashtool.c:897:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_hccapx = fopen(hccapxoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxhashtool.c:923:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_essid = fopen(essidoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxhashtool.c:1020:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char digit[16] = {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
data/hcxtools-6.0.2/hcxhashtool.c:1022:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char groupoutname[PATH_MAX];
data/hcxtools-6.0.2/hcxhashtool.c:1039:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(&groupoutname[ceo], ".22000");
data/hcxtools-6.0.2/hcxhashtool.c:1040:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_pmkideapol = fopen(groupoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxhashtool.c:1064:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char groupoutname[PATH_MAX];
data/hcxtools-6.0.2/hcxhashtool.c:1070:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_pmkideapol = fopen(groupoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxhashtool.c:1094:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char groupoutname[PATH_MAX];
data/hcxtools-6.0.2/hcxhashtool.c:1100:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_pmkideapol = fopen(groupoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxhashtool.c:1124:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char groupoutname[PATH_MAX];
data/hcxtools-6.0.2/hcxhashtool.c:1130:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_pmkideapol = fopen(groupoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxhashtool.c:1156:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_pmkideapol = fopen(pmkideapoloutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxhashtool.c:1261:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_info = fopen(infooutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxhashtool.c:1356:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[PMKIDEAPOL_LINE_LEN +1];
data/hcxtools-6.0.2/hcxhashtool.c:1384:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->hash, &buffer, 16);
data/hcxtools-6.0.2/hcxhashtool.c:1391:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->ap, &buffer, 6);
data/hcxtools-6.0.2/hcxhashtool.c:1398:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->client, &buffer, 6);
data/hcxtools-6.0.2/hcxhashtool.c:1405:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->essid, &buffer, essidlen);
data/hcxtools-6.0.2/hcxhashtool.c:1421:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, &buffer, 32);
data/hcxtools-6.0.2/hcxhashtool.c:1429:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, &buffer, eapauthlen);
data/hcxtools-6.0.2/hcxhashtool.c:1485:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ouinameuserpath[PATH_MAX +1];
data/hcxtools-6.0.2/hcxhashtool.c:1486:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[OUI_LINE_LEN +1];
data/hcxtools-6.0.2/hcxhashtool.c:1497:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_oui = fopen(usedoui, "r")) == NULL) return;
data/hcxtools-6.0.2/hcxhashtool.c:1543:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ouinameuserpath[PATH_MAX];
data/hcxtools-6.0.2/hcxhashtool.c:1560:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoui = fopen(ouinameuserpath, "w")) == NULL)
data/hcxtools-6.0.2/hcxhashtool.c:2044:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_pmkideapol = fopen(pmkideapolinname, "r")) == NULL)
data/hcxtools-6.0.2/hcxmactool.c:156:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd_file = open(hccapxoutname, O_WRONLY | O_CREAT | O_APPEND, 0644)) == -1)
data/hcxtools-6.0.2/hcxmactool.c:228:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&anoncetemp, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxmactool.c:229:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wpak->nonce, hccapx->noncesta, 32);
data/hcxtools-6.0.2/hcxmactool.c:230:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hccapx->noncesta, &anoncetemp, 32);
data/hcxtools-6.0.2/hcxmactool.c:260:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(pmkideapoloutname, "a+")) == NULL)
data/hcxtools-6.0.2/hcxmactool.c:346:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd_file = open(hccapxinname, O_RDONLY)) == -1)
data/hcxtools-6.0.2/hcxmactool.c:410:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(pmkidoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxmactool.c:493:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(pmkideapoloutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxmactool.c:599:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[PMKID_LINE_LEN];
data/hcxtools-6.0.2/hcxmactool.c:613:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(pmkidinname, "r")) == NULL)
data/hcxtools-6.0.2/hcxmactool.c:711:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ouinameuserhome[PATH_MAX +1];
data/hcxtools-6.0.2/hcxmactool.c:712:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[OUI_LINE_LEN];
data/hcxtools-6.0.2/hcxmactool.c:743:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(ouiname, "r")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essid[36];
data/hcxtools-6.0.2/hcxpcapngtool.c:46:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ap[6];
data/hcxtools-6.0.2/hcxpcapngtool.c:47:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char client[6];
data/hcxtools-6.0.2/hcxpcapngtool.c:48:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char snonce[32];
data/hcxtools-6.0.2/hcxpcapngtool.c:49:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char anonce[32];
data/hcxtools-6.0.2/hcxpcapngtool.c:50:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char eapol[256];
data/hcxtools-6.0.2/hcxpcapngtool.c:53:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keymic[16];
data/hcxtools-6.0.2/hcxpcapngtool.c:265:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pcapnghwinfo[OPTIONLEN_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:266:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pcapngosinfo[OPTIONLEN_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:267:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pcapngapplinfo[OPTIONLEN_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:268:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pcapngoptioninfo[OPTIONLEN_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:269:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pcapngweakcandidate[OPTIONLEN_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:272:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nmeasentence[OPTIONLEN_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:273:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gpwplold[OPTIONLEN_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:347:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapnghwinfo, nastring, 3);
data/hcxtools-6.0.2/hcxpcapngtool.c:348:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapngosinfo, nastring, 3);
data/hcxtools-6.0.2/hcxpcapngtool.c:349:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapngapplinfo, nastring, 3);
data/hcxtools-6.0.2/hcxpcapngtool.c:350:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapngoptioninfo, nastring, 3);
data/hcxtools-6.0.2/hcxpcapngtool.c:351:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapngweakcandidate, nastring, 3);
data/hcxtools-6.0.2/hcxpcapngtool.c:638:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char timestringmin[32];
data/hcxtools-6.0.2/hcxpcapngtool.c:639:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char timestringmax[32];
data/hcxtools-6.0.2/hcxpcapngtool.c:693:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gpwpl[NMEA_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:714:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&gpwplold, &gpwpl, gpwpllen);
data/hcxtools-6.0.2/hcxpcapngtool.c:799:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eapleaphashlistptr->leaprequest, leaprequest, LEAPREQ_LEN_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:800:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eapleaphashlistptr->leapresponse, leapresponse, LEAPRESP_LEN_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:802:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eapleaphashlistptr->leapusername, leapusername, leapusernamelen);
data/hcxtools-6.0.2/hcxpcapngtool.c:830:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->ap, macfm, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:831:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->client, macto, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:834:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->leaprequest, eapleap->leapdata, LEAPREQ_LEN_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:841:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->leapusername, leapusernameptr, leapusernamelen);
data/hcxtools-6.0.2/hcxpcapngtool.c:857:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->ap, macto, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:858:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->client, macfm, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:861:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->leapresponse, eapleap->leapdata, LEAPRESP_LEN_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:950:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eapmd5hashlistptr->md5request, challenge, EAPMD5_LEN_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:951:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eapmd5hashlistptr->md5response, response, EAPMD5_LEN_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:973:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->ap, macfm, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:974:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->client, macto, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:977:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->md5, eapmd5->md5data, EAPMD5_LEN_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:985:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->ap, macto, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:986:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->client, macfm, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:989:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->md5, eapmd5->md5data, EAPMD5_LEN_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:1005:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char itoa64[64] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
data/hcxtools-6.0.2/hcxpcapngtool.c:1025:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt, pmkname, 8);
data/hcxtools-6.0.2/hcxpcapngtool.c:1026:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt[8], macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1027:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt[14], macsta, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1070:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&eapoldata, eapolmessage, eapollen);
data/hcxtools-6.0.2/hcxpcapngtool.c:1080:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr, "Pairwise key expansion", 23);
data/hcxtools-6.0.2/hcxpcapngtool.c:1083:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +23, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1084:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +29, macsta, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1088:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +23, macsta, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1089:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +29, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1094:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +35, nonceap, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1095:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +67, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1099:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +35, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1100:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +67, nonceap, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1122:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr, "Pairwise key expansion", 22);
data/hcxtools-6.0.2/hcxpcapngtool.c:1125:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +22, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1126:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +28, macsta, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1130:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +22, macsta, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1131:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +28, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1135:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +34, nonceap, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1136:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +66, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1140:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +34, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1141:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +66, nonceap, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1145:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkedata_prf + 2, pkedata, 98);
data/hcxtools-6.0.2/hcxpcapngtool.c:1219:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&eapoltemp, zeigerhs->eapol, zeigerhs->eapauthlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:1246:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.ap, zeigerhs->ap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1247:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.client, zeigerhs->client, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1248:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.anonce, zeigerhs->anonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1249:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.snonce, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1250:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.keymic, &wpak->keymic, 16);
data/hcxtools-6.0.2/hcxpcapngtool.c:1253:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.eapol, &eapoltemp, zeigerhs->eapauthlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:1279:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.essid, zeigermac->essid, zeigermac->essidlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:1280:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.ap, zeigerhs->ap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1281:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.client, zeigerhs->client, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1282:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.anonce, zeigerhs->anonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1283:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.snonce, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1285:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.eapol, &eapoltemp, zeigerhs->eapauthlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:1287:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.keymic, wpak->keymic, 16);
data/hcxtools-6.0.2/hcxpcapngtool.c:1300:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.essid, zeigermac->essid, zeigermac->essidlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:1301:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.ap, zeigerhs->ap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1302:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.client, zeigerhs->client, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1303:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.anonce, zeigerhs->anonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1304:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.snonce, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1305:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.keymic, wpak->keymic, 16);
data/hcxtools-6.0.2/hcxpcapngtool.c:1308:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.eapol, &eapoltemp, zeigerhs->eapauthlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:1551:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakelistptr->ap, msgap->ap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1552:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakelistptr->client, msgclient->client, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1553:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakelistptr->anonce, msgap->nonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1554:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakelistptr->pmkid, msgap->pmkid, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1556:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakelistptr->eapol, msgclient->eapol, msgclient->eapauthlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:1583:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakelistptr->ap, msgap->ap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1584:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakelistptr->client, msgclient->client, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1585:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakelistptr->anonce, msgap->nonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1586:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakelistptr->pmkid, msgap->pmkid, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:1588:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakelistptr->eapol, msgclient->eapol, msgclient->eapauthlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:1634:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkidlistptr->ap, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1635:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkidlistptr->client, macclient, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1636:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkidlistptr->pmkid, pmkid, 16);
data/hcxtools-6.0.2/hcxpcapngtool.c:1657:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkidlistptr->ap, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1658:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkidlistptr->client, macclient, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:1659:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkidlistptr->pmkid, pmkid, 16);
data/hcxtools-6.0.2/hcxpcapngtool.c:1968:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->pmkid, ieptr, 16);
data/hcxtools-6.0.2/hcxpcapngtool.c:2027:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->essid, &tagptr->data[0], tagptr->len);
data/hcxtools-6.0.2/hcxpcapngtool.c:2126:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->client, macclient, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2127:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->ap, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2130:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:2132:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, eapauthptr, zeiger->eapauthlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:2241:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeigerakt->client, macclient, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2242:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeigerakt->ap, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2245:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeigerakt->nonce, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:2386:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->client, macclient, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2387:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->ap, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2390:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:2392:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, eapauthptr, zeiger->eapauthlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:2404:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->pmkid, tags.pmkid, 16);
data/hcxtools-6.0.2/hcxpcapngtool.c:2517:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->client, macclient, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2518:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->ap, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2521:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, wpak->nonce, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:2557:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->pmkid, pmkid->pmkid, 16);
data/hcxtools-6.0.2/hcxpcapngtool.c:2718:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->addr, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2720:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->essid, tags.essid, tags.essidlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:2755:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->addr, macclient, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2757:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->essid, tags.essid, tags.essidlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:2797:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->addr, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2799:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->essid, tags.essid, tags.essidlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:2834:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->addr, macclient, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2836:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->essid, tags.essid, tags.essidlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:2892:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->addr, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2894:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->essid, tags.essid, tags.essidlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:2913:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->addr, macclient, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2915:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->essid, tags.essid, tags.essidlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:2947:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->addr, macclient, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2949:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->essid, tags.essid, tags.essidlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:2985:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->addr, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:2987:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->essid, tags.essid, tags.essidlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:3032:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->addr, macap, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:3034:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aplistptr->essid, tags.essid, tags.essidlen);
data/hcxtools-6.0.2/hcxpcapngtool.c:3506:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapnghwinfo, option->data, option->option_length);
data/hcxtools-6.0.2/hcxpcapngtool.c:3514:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapngosinfo, option->data, option->option_length);
data/hcxtools-6.0.2/hcxpcapngtool.c:3522:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapngapplinfo, option->data, option->option_length);
data/hcxtools-6.0.2/hcxpcapngtool.c:3530:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapngdeviceinfo, option->data, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:3550:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapngdeviceinfo, option->data, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:3555:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(option->option_length == 6) memcpy(&myaktap, &option->data, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:3580:35: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(option->option_length == 32) memcpy(&myaktanonce, &option->data, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:3584:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(option->option_length == 6) memcpy(&myaktclient, &option->data, 6);
data/hcxtools-6.0.2/hcxpcapngtool.c:3588:35: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(option->option_length == 32) memcpy(&myaktsnonce, &option->data, 32);
data/hcxtools-6.0.2/hcxpcapngtool.c:3592:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(option->option_length < 64) memcpy(&pcapngweakcandidate, &option->data, option->option_length);
data/hcxtools-6.0.2/hcxpcapngtool.c:3600:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&nmeasentence, &option->data, option->option_length);
data/hcxtools-6.0.2/hcxpcapngtool.c:3968:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmpoutname[PATH_MAX +1];
data/hcxtools-6.0.2/hcxpcapngtool.c:3981:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd_pcap = open(pcapnameptr, O_RDONLY);
data/hcxtools-6.0.2/hcxpcapngtool.c:4084:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[RAW_LEN_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:4088:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_raw_in = fopen(rawinname, "r")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:4354:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pmkideapolprefix[PATH_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:4355:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char eapmd5prefix[PATH_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:4356:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char eapleapprefix[PATH_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:4357:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidprefix[PATH_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:4358:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char identityprefix[PATH_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:4359:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char usernameprefix[PATH_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:4360:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nmeaprefix[PATH_MAX];
data/hcxtools-6.0.2/hcxpcapngtool.c:4592:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_pmkideapol = fopen(pmkideapoloutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:4600:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_eapmd5 = fopen(eapmd5outname, "a")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:4608:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_eapmd5john = fopen(eapmd5johnoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:4616:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_eapleap = fopen(eapleapoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:4624:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_essid = fopen(essidoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:4632:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_identity = fopen(identityoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:4640:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_username = fopen(usernameoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:4648:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_nmea = fopen(nmeaoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:4656:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_raw_out = fopen(rawoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:4664:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_log = fopen(logoutname, "a")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:4673:35: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_pmkideapoljtrdeprecated = fopen(pmkideapoljtroutnamedeprecated, "a")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:4682:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_pmkiddeprecated = fopen(pmkidoutnamedeprecated, "a")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:4690:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_hccapxdeprecated = fopen(hccapxoutnamedeprecated, "a")) == NULL)
data/hcxtools-6.0.2/hcxpcapngtool.c:4698:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_hccapdeprecated = fopen(hccapoutnamedeprecated, "a")) == NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:295:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcapnghwinfo[1024];
data/hcxtools-6.0.2/hcxpcaptool.c:296:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcapngosinfo[1024];
data/hcxtools-6.0.2/hcxpcaptool.c:297:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcapngapplinfo[1024];
data/hcxtools-6.0.2/hcxpcaptool.c:298:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcapngoptioninfo[1024];
data/hcxtools-6.0.2/hcxpcaptool.c:300:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weakcandidate[64];
data/hcxtools-6.0.2/hcxpcaptool.c:302:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nmeasentence[NMEA_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:556:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mintimestring[32];
data/hcxtools-6.0.2/hcxpcaptool.c:557:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char maxtimestring[32];
data/hcxtools-6.0.2/hcxpcaptool.c:944:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt, pmkname, 8);
data/hcxtools-6.0.2/hcxpcaptool.c:945:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt[8], macap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:946:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt[14], macsta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:1014:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&eapoldata, eapolmessage, eapollen);
data/hcxtools-6.0.2/hcxpcaptool.c:1026:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr, "Pairwise key expansion", 23);
data/hcxtools-6.0.2/hcxpcaptool.c:1029:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +23, macap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:1030:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +29, macsta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:1034:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +23, macsta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:1035:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +29, macap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:1040:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +35, nonceap, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:1041:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +67, noncesta, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:1045:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +35, noncesta, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:1046:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +67, nonceap, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:1073:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr, "Pairwise key expansion", 22);
data/hcxtools-6.0.2/hcxpcaptool.c:1076:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +22, macap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:1077:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +28, macsta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:1081:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +22, macsta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:1082:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkeptr +28, macap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:1086:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +34, nonceap, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:1087:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +66, noncesta, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:1091:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +34, noncesta, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:1092:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkeptr +66, nonceap, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:1096:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkedata_prf + 2, pkedata, 98);
data/hcxtools-6.0.2/hcxpcaptool.c:1115:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmbuf[64], pcktimestr[512];
data/hcxtools-6.0.2/hcxpcaptool.c:1171:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(essidoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:1201:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(staessidoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:1231:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(pmkoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:1261:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(trafficoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:1366:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(wpa12bestoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:1385:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->essid, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:1389:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidold, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:1410:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->essid, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:1414:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidold, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:1439:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(wpa12bestoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:1478:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidold, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:1524:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidold, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:1598:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(hccapxbestoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:1628:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->essid, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:1684:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidold, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:1725:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(hccapbestoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:1755:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->essid, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:1818:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidold, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:1859:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(johnbestoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:1889:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->essid, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:1951:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidold, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:2055:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(hccapxrawoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2079:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->essid, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:2084:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidold, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:2115:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(hccaprawoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2139:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->essid, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:2151:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidold, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:2189:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(johnrawoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2213:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->essid, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:2225:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidold, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:2281:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(hcpmkidoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2330:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidold, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:2358:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(hcpmkidoldoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2404:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidold, zeigeressid->essid, zeigeressid->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:2443:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(hcpmkidrawoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2475:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(hcpmkidrawoldoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2515:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(netntlm1outname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2567:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digestsha1[SHA_DIGEST_LENGTH];
data/hcxtools-6.0.2/hcxpcaptool.c:2571:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(netntlm1outname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2629:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(md5outname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2664:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(md5johnoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2710:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(tacacspoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2743:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(useroutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2772:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(identityoutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2813:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(imsioutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:2828:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gpwpl[NMEA_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:2869:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tacacspliste->data, data, len);
data/hcxtools-6.0.2/hcxpcaptool.c:2897:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->data, data, len);
data/hcxtools-6.0.2/hcxpcaptool.c:2919:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(md5liste->data, data, len);
data/hcxtools-6.0.2/hcxpcaptool.c:2945:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->data, data, len);
data/hcxtools-6.0.2/hcxpcaptool.c:2967:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(leap2liste->data, data, count);
data/hcxtools-6.0.2/hcxpcaptool.c:2969:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(leap2liste->username, username, usernamelen);
data/hcxtools-6.0.2/hcxpcaptool.c:2995:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->data, data, count);
data/hcxtools-6.0.2/hcxpcaptool.c:2997:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->username, username, usernamelen);
data/hcxtools-6.0.2/hcxpcaptool.c:3019:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(leapliste->data, data, count);
data/hcxtools-6.0.2/hcxpcaptool.c:3021:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(leapliste->username, username, usernamelen);
data/hcxtools-6.0.2/hcxpcaptool.c:3048:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->data, data, count);
data/hcxtools-6.0.2/hcxpcaptool.c:3050:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->username, username, usernamelen);
data/hcxtools-6.0.2/hcxpcaptool.c:3106:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rawhandshakeliste->mac_ap, zeigerea->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3107:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rawhandshakeliste->mac_sta, zeigerea->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3110:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rawhandshakeliste->nonce, wpaeo->nonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3112:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rawhandshakeliste->eapol, zeigerea->eapol, zeigerea->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3152:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, zeigerea->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3153:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, zeigerea->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3157:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, wpaeo->nonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3160:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, zeigerea->eapol, zeigerea->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3173:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, zeigerea->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3174:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, zeigerea->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3177:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, wpaeo->nonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3179:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, zeigerea->eapol, zeigerea->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3207:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, zeigerea->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3208:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, zeigerea->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3211:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, wpaeo->nonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3213:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, zeigerea->eapol, zeigerea->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3249:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakeliste->mac_ap, zeigerap->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3250:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakeliste->mac_sta, &myaktsta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3253:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakeliste->nonce, &myaktsnonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3255:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakeliste->eapol, zeigerap->eapol, zeigerap->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3285:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, zeigerap->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3286:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, &myaktsta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3289:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, &myaktsnonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3291:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, zeigerap->eapol, zeigerap->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3346:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakeliste->mac_ap, zeigerea->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3347:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakeliste->mac_sta, zeigerea->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3350:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakeliste->nonce, wpaeo->nonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3352:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handshakeliste->eapol, zeigerea->eapol, zeigerea->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3391:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, zeigerea->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3392:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, zeigerea->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3396:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, wpaeo->nonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3399:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, zeigerea->eapol, zeigerea->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3412:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, zeigerea->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3413:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, zeigerea->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3416:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, wpaeo->nonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3418:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, zeigerea->eapol, zeigerea->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3430:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, zeigerea->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3431:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, zeigerea->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3434:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, wpaeo->nonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3436:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, zeigerea->eapol, zeigerea->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3447:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, zeigerea->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3448:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, zeigerea->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3451:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, wpaeo->nonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3453:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, zeigerea->eapol, zeigerea->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3464:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, zeigerea->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3465:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, zeigerea->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3468:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, wpaeo->nonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3470:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, zeigerea->eapol, zeigerea->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3481:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, zeigerea->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3482:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, zeigerea->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3485:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, wpaeo->nonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3487:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, zeigerea->eapol, zeigerea->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3498:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, zeigerea->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3499:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, zeigerea->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3502:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, wpaeo->nonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3504:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, zeigerea->eapol, zeigerea->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3540:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, zeigerea->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3541:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, zeigerea->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3544:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->nonce, wpaeo->nonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:3546:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, zeigerea->eapol, zeigerea->authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3753:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkidliste->mac_ap, mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3754:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkidliste->mac_sta, mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3755:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkidliste->pmkid, pmkid->pmkid, 16);
data/hcxtools-6.0.2/hcxpcaptool.c:3787:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3788:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3789:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->pmkid, pmkid->pmkid, 16);
data/hcxtools-6.0.2/hcxpcaptool.c:3882:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eapolliste->mac_ap, mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3883:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eapolliste->mac_sta, mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3887:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eapolliste->eapol, authpacket, authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3902:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3903:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3907:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->eapol, authpacket, authlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3934:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger2->mac_ap, zeiger1->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3935:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger2->mac_sta, zeiger1->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3938:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger2->essid, zeiger1->essid, zeiger1->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3951:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger2->mac_ap, zeiger1->mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3952:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger2->mac_sta, zeiger1->mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3955:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger2->essid, zeiger1->essid, zeiger1->essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:3998:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(apstaessidliste->mac_ap, mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:3999:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(apstaessidliste->mac_sta, mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:4000:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(apstaessidliste->essid, essid, essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:4017:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, mac_ap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:4018:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, mac_sta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:4019:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->essid, essid, essidlen);
data/hcxtools-6.0.2/hcxpcaptool.c:4176:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkidliste->mac_ap, macap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:4177:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkidliste->mac_sta, macsta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:4178:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pmkidliste->pmkid, stapmkid, 16);
data/hcxtools-6.0.2/hcxpcaptool.c:4200:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_ap, macap, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:4201:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->mac_sta, macsta, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:4202:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->pmkid, stapmkid, 16);
data/hcxtools-6.0.2/hcxpcaptool.c:4290:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(deviceinfooutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:4948:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(imsioutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:4985:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoutlist = fopen(imsioutname, "a+")) != NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:5628:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestring[64];
data/hcxtools-6.0.2/hcxpcaptool.c:6005:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapngdeviceinfo, option->data, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:6012:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&myaktap, &option->data, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:6040:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&myaktanonce, &option->data, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:6047:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&myaktsta, &option->data, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:6054:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&myaktsnonce, &option->data, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:6062:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&weakcandidate, &option->data, option->option_length);
data/hcxtools-6.0.2/hcxpcaptool.c:6070:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&nmeasentence, &option->data, option->option_length);
data/hcxtools-6.0.2/hcxpcaptool.c:6119:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapngoptioninfo, option->data, option->option_length);
data/hcxtools-6.0.2/hcxpcaptool.c:6160:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapnghwinfo, option->data, option->option_length);
data/hcxtools-6.0.2/hcxpcaptool.c:6168:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapngosinfo, option->data, option->option_length);
data/hcxtools-6.0.2/hcxpcaptool.c:6176:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapngapplinfo, option->data, option->option_length);
data/hcxtools-6.0.2/hcxpcaptool.c:6184:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapngdeviceinfo, option->data, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:6212:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pcapngdeviceinfo, option->data, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:6219:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&myaktap, &option->data, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:6247:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&myaktanonce, &option->data, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:6254:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&myaktsta, &option->data, 6);
data/hcxtools-6.0.2/hcxpcaptool.c:6261:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&myaktsnonce, &option->data, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:6269:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&weakcandidate, &option->data, option->option_length);
data/hcxtools-6.0.2/hcxpcaptool.c:6278:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&nmeasentence, &option->data, option->option_length);
data/hcxtools-6.0.2/hcxpcaptool.c:6961:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpoutname[PATH_MAX+1];
data/hcxtools-6.0.2/hcxpcaptool.c:6970:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&myaktanonce, &mynonce, 32);
data/hcxtools-6.0.2/hcxpcaptool.c:6988:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pcapr_fd = open(pcapinname, O_RDONLY);
data/hcxtools-6.0.2/hcxpcaptool.c:7326:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixhccapxname[PATH_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:7327:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix16800name[PATH_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:7328:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixnetntlm1name[PATH_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:7329:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixmd5name[PATH_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:7330:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixtacacspname[PATH_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:7331:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixessidname[PATH_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:7332:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixidentityname[PATH_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:7333:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixusername[PATH_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:7334:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefiximsiname[PATH_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:7335:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixnetworkname[PATH_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:7336:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixtrafficname[PATH_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:7337:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixstaessidname[PATH_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:7338:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixdeviceinfoname[PATH_MAX];
data/hcxtools-6.0.2/hcxpcaptool.c:7619:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhgpx = fopen(gpxoutname, "w+")) == NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:7631:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhnmea = fopen(nmeaoutname, "a+")) == NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:7640:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhexmode = fopen(hexmodeoutname, "a+")) == NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:7704:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fheapol = fopen(eapoloutname, "a+")) == NULL)
data/hcxtools-6.0.2/hcxpcaptool.c:7713:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhnetwork = fopen(networkoutname, "a+")) == NULL)
data/hcxtools-6.0.2/hcxpmkidtool.c:161:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt, pmkname, 8);
data/hcxtools-6.0.2/hcxpmkidtool.c:162:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt[8], &macap, 6);
data/hcxtools-6.0.2/hcxpmkidtool.c:163:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt[14], &macsta, 6);
data/hcxtools-6.0.2/hcxpmkidtool.c:168:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arg->pmk, &pmk, 32);
data/hcxtools-6.0.2/hcxpmkidtool.c:171:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arg->psk, zeiger->psk, zeiger->len);
data/hcxtools-6.0.2/hcxpmkidtool.c:187:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pskinline[PSKLEN *2 +5];
data/hcxtools-6.0.2/hcxpmkidtool.c:225:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->psk, &pskinline, plen);
data/hcxtools-6.0.2/hcxpmkidtool.c:242:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(wordlistname, "r")) == NULL)
data/hcxtools-6.0.2/hcxpmkidtool.c:282:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmkout, args[c].pmk, 32);
data/hcxtools-6.0.2/hcxpmkidtool.c:285:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pskout, args[c].psk, args[c].psklen);
data/hcxtools-6.0.2/hcxpmkidtool.c:312:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmkout, args[c].pmk, 32);
data/hcxtools-6.0.2/hcxpmkidtool.c:315:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pskout, args[c].psk, args[c].psklen);
data/hcxtools-6.0.2/hcxpmkidtool.c:342:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt, pmkn, 8);
data/hcxtools-6.0.2/hcxpmkidtool.c:343:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt[8], &macap, 6);
data/hcxtools-6.0.2/hcxpmkidtool.c:344:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt[14], &macsta, 6);
data/hcxtools-6.0.2/hcxpmkidtool.c:350:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmkout, &pmk, 32);
data/hcxtools-6.0.2/hcxpmkidtool.c:363:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psk[PSKLEN];
data/hcxtools-6.0.2/hcxpmkidtool.c:394:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&psk, wordname, len);
data/hcxtools-6.0.2/hcxpmkidtool.c:405:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt, pmkname, 8);
data/hcxtools-6.0.2/hcxpmkidtool.c:406:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt[8], &macap, 6);
data/hcxtools-6.0.2/hcxpmkidtool.c:407:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&salt[14], &macsta, 6);
data/hcxtools-6.0.2/hcxpmkidtool.c:412:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmkout, &pmk, 32);
data/hcxtools-6.0.2/hcxpmkidtool.c:415:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pskout, psk, len);
data/hcxtools-6.0.2/hcxpsktool.c:65:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lowerpskstring[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:66:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char upperpskstring[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:101:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pskstring[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:188:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pskstring[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:241:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pskstring[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:273:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pskstring[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:300:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pskstring[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:490:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pskstring[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:521:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidtmp[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:565:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidstring[PSKSTRING_LEN_MAX +PSKSTRING_LEN_MAX +PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:772:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidtmp[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:806:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sweepstring, &essid[l2], l1);
data/hcxtools-6.0.2/hcxpsktool.c:818:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidtmp[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:887:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidtmp[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:905:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidtmp[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:926:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidtmp[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:1008:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidtmp[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:1051:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidtmp[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:1095:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidtmp[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:1183:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidtmp[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:1202:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidtmp[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:1275:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidtmp[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:1339:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char macstring[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:1340:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char digestmd5[MD5_DIGEST_LENGTH];
data/hcxtools-6.0.2/hcxpsktool.c:1417:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pskstring[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:1460:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char essidtmp[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:1482:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pskstring[PSKSTRING_LEN_MAX] = {};
data/hcxtools-6.0.2/hcxpsktool.c:1552:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(apessidliste->essid, essid, essidlen);
data/hcxtools-6.0.2/hcxpsktool.c:1569:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zeiger->essid, essid, essidlen);
data/hcxtools-6.0.2/hcxpsktool.c:1617:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[PMKID_LINE_LEN];
data/hcxtools-6.0.2/hcxpsktool.c:1620:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(pmkidname, "r")) == NULL)
data/hcxtools-6.0.2/hcxpsktool.c:1676:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[PMKIDEAPOL_LINE_LEN];
data/hcxtools-6.0.2/hcxpsktool.c:1679:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(pmkideapolname, "r")) == NULL)
data/hcxtools-6.0.2/hcxpsktool.c:1756:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[JOHN_LINE_LEN];
data/hcxtools-6.0.2/hcxpsktool.c:1758:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_file = fopen(johnname, "r")) == NULL)
data/hcxtools-6.0.2/hcxpsktool.c:1838:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(hccapxname, "rb")) == NULL)
data/hcxtools-6.0.2/hcxpsktool.c:1887:32: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(essidlen <= ESSID_LEN_MAX) memcpy(&essid, essidname, essidlen);
data/hcxtools-6.0.2/hcxpsktool.c:2111:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhpsk = fopen(pskname, "w")) == NULL)
data/hcxtools-6.0.2/hcxwltool.c:30:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lineout[LINEIN_MAX] = {};
data/hcxtools-6.0.2/hcxwltool.c:61:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lineout[LINEIN_MAX] = {};
data/hcxtools-6.0.2/hcxwltool.c:92:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lineout[LINEIN_MAX] = {};
data/hcxtools-6.0.2/hcxwltool.c:131:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lineout[LINEIN_MAX] = {};
data/hcxtools-6.0.2/hcxwltool.c:137:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lineout, &linein[l], slen);
data/hcxtools-6.0.2/hcxwltool.c:192:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lineout[LINEIN_MAX] = {};
data/hcxtools-6.0.2/hcxwltool.c:223:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lineout[LINEIN_MAX] = {};
data/hcxtools-6.0.2/hcxwltool.c:273:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lineout[LINEIN_MAX] = {};
data/hcxtools-6.0.2/hcxwltool.c:279:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lineout, &linein[l], slen);
data/hcxtools-6.0.2/hcxwltool.c:301:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lineout[LINEIN_MAX] = {};
data/hcxtools-6.0.2/hcxwltool.c:344:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lineout[LINEIN_MAX] = {};
data/hcxtools-6.0.2/hcxwltool.c:350:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lineout, &linein[l], slen);
data/hcxtools-6.0.2/hcxwltool.c:361:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lineout[LINEIN_MAX] = {};
data/hcxtools-6.0.2/hcxwltool.c:570:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[LINEIN_MAX];
data/hcxtools-6.0.2/hcxwltool.c:572:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_in = fopen(wordlistinname, "r")) == NULL)
data/hcxtools-6.0.2/hcxwltool.c:763:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fh_out = fopen(wordlistoutname, "w")) == NULL)
data/hcxtools-6.0.2/include/fileops.c:31:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmbuf[64];
data/hcxtools-6.0.2/include/gzops.c:10:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pcapr_fd = open(pcapinname, O_RDONLY);
data/hcxtools-6.0.2/include/gzops.c:30:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char in[CHUNK];
data/hcxtools-6.0.2/include/gzops.c:31:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[CHUNK];
data/hcxtools-6.0.2/include/gzops.c:42:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fhin = fopen (gzname, "rb");
data/hcxtools-6.0.2/include/gzops.c:49:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fhout = fopen (tmpoutname, "wb");
data/hcxtools-6.0.2/include/hashcatops.c:58:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.essid, zeiger->essid, 32);
data/hcxtools-6.0.2/include/hashcatops.c:59:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.mac_ap, zeiger->mac_ap, 6);
data/hcxtools-6.0.2/include/hashcatops.c:60:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.mac_sta, zeiger->mac_sta, 6);
data/hcxtools-6.0.2/include/hashcatops.c:63:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.nonce_ap, wpak->nonce, 32);
data/hcxtools-6.0.2/include/hashcatops.c:64:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.nonce_sta, zeiger->nonce, 32);
data/hcxtools-6.0.2/include/hashcatops.c:68:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.nonce_ap, zeiger->nonce, 32);
data/hcxtools-6.0.2/include/hashcatops.c:69:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.nonce_sta, wpak->nonce, 32);
data/hcxtools-6.0.2/include/hashcatops.c:72:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.eapol, zeiger->eapol, zeiger->authlen);
data/hcxtools-6.0.2/include/hashcatops.c:73:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccapx.keymic, wpak->keymic, 16);
data/hcxtools-6.0.2/include/hashcatops.c:95:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.essid, zeiger->essid, 32);
data/hcxtools-6.0.2/include/hashcatops.c:96:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.mac1, zeiger->mac_ap, 6);
data/hcxtools-6.0.2/include/hashcatops.c:97:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.mac2, zeiger->mac_sta, 6);
data/hcxtools-6.0.2/include/hashcatops.c:100:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.nonce1, zeiger->nonce, 32);
data/hcxtools-6.0.2/include/hashcatops.c:101:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.nonce2, wpak->nonce, 32);
data/hcxtools-6.0.2/include/hashcatops.c:105:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.nonce1, wpak->nonce, 32);
data/hcxtools-6.0.2/include/hashcatops.c:106:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.nonce2, zeiger->nonce, 32);
data/hcxtools-6.0.2/include/hashcatops.c:109:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.eapol, zeiger->eapol, zeiger->authlen);
data/hcxtools-6.0.2/include/hashcatops.c:110:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.keymic, wpak->keymic, 16);
data/hcxtools-6.0.2/include/hashcatops.h:32:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essid[36];
data/hcxtools-6.0.2/include/hashcatops.h:33:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac1[6]; /* bssid */
data/hcxtools-6.0.2/include/hashcatops.h:34:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac2[6]; /* client */
data/hcxtools-6.0.2/include/hashcatops.h:35:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nonce1[32]; /* snonce client */
data/hcxtools-6.0.2/include/hashcatops.h:36:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nonce2[32]; /* anonce bssid */
data/hcxtools-6.0.2/include/hashcatops.h:37:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char eapol[256];
data/hcxtools-6.0.2/include/hashcatops.h:40:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keymic[16];
data/hcxtools-6.0.2/include/hcxhashtool.h:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vendor[VENDOR_LEN_MAX];
data/hcxtools-6.0.2/include/hcxmactool.h:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vendor[OUI_LINE_LEN];
data/hcxtools-6.0.2/include/hcxpmkidtool.h:18:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psk[PSKLEN];
data/hcxtools-6.0.2/include/ieee80211.h:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devname[WLAN_DEVNAMELEN_MAX];
data/hcxtools-6.0.2/include/ieee80211.old.h:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devname[WLAN_DEVNAMELEN_MAX];
data/hcxtools-6.0.2/include/johnops.c:4:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char itoa64[64] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
data/hcxtools-6.0.2/include/johnops.c:18:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void mac2asciilong(char ssid[18], unsigned char *p)
data/hcxtools-6.0.2/include/johnops.c:20:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ssid, "%02x-%02x-%02x-%02x-%02x-%02x",p[0],p[1],p[2],p[3],p[4],p[5]);
data/hcxtools-6.0.2/include/johnops.c:24:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void mac2ascii(char ssid[13], unsigned char *p)
data/hcxtools-6.0.2/include/johnops.c:26:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ssid, "%02x%02x%02x%02x%02x%02x",p[0],p[1],p[2],p[3],p[4],p[5]);
data/hcxtools-6.0.2/include/johnops.c:38:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sta_mac[18];
data/hcxtools-6.0.2/include/johnops.c:39:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ap_mac[18];
data/hcxtools-6.0.2/include/johnops.c:40:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ap_mac_long[13];
data/hcxtools-6.0.2/include/johnops.c:95:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.essid, zeiger->essid, 32);
data/hcxtools-6.0.2/include/johnops.c:96:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.mac1, zeiger->mac_ap, 6);
data/hcxtools-6.0.2/include/johnops.c:97:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.mac2, zeiger->mac_sta, 6);
data/hcxtools-6.0.2/include/johnops.c:100:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.nonce1, zeiger->nonce, 32);
data/hcxtools-6.0.2/include/johnops.c:101:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.nonce2, wpak->nonce, 32);
data/hcxtools-6.0.2/include/johnops.c:105:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.nonce1, wpak->nonce, 32);
data/hcxtools-6.0.2/include/johnops.c:106:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.nonce2, zeiger->nonce, 32);
data/hcxtools-6.0.2/include/johnops.c:109:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.eapol, zeiger->eapol, zeiger->authlen);
data/hcxtools-6.0.2/include/johnops.c:110:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hccap.keymic, wpak->keymic, 16);
data/hcxtools-6.0.2/include/pcap.c:36:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newcapdumpname[PATH_MAX +2];
data/hcxtools-6.0.2/include/pcap.c:47:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(newcapdumpname, O_WRONLY | O_CREAT, 0644);
data/hcxtools-6.0.2/whoismac.c:36:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoui = fopen(ouiname, "w")) == NULL)
data/hcxtools-6.0.2/whoismac.c:155:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[LINEBUFFER];
data/hcxtools-6.0.2/whoismac.c:157:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vendorapname[256];
data/hcxtools-6.0.2/whoismac.c:158:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vendorstaname[256];
data/hcxtools-6.0.2/whoismac.c:189:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fhoui = fopen(ouiname, "r")) == NULL)
data/hcxtools-6.0.2/whoismac.c:257:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[LINEBUFFER];
data/hcxtools-6.0.2/whoismac.c:259:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vendorapname[256];
data/hcxtools-6.0.2/whoismac.c:260:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vendorstaname[256];
data/hcxtools-6.0.2/whoismac.c:287:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidbuffer, essidptr, l);
data/hcxtools-6.0.2/whoismac.c:289:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fhoui = fopen(ouiname, "r")) == NULL)
data/hcxtools-6.0.2/whoismac.c:340:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linein[LINEBUFFER];
data/hcxtools-6.0.2/whoismac.c:341:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vendorapname[256];
data/hcxtools-6.0.2/whoismac.c:348:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fhoui = fopen(ouiname, "r")) == NULL)
data/hcxtools-6.0.2/whoismac.c:391:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linein[LINEBUFFER];
data/hcxtools-6.0.2/whoismac.c:394:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fhoui = fopen(ouiname, "r")) == NULL)
data/hcxtools-6.0.2/wlancap2wpasec.c:151:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyheader[4+32+1] = {0};
data/hcxtools-6.0.2/wlanhcx2john.c:22:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essid[36];
data/hcxtools-6.0.2/wlanhcx2john.c:23:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac1[6]; /* bssid */
data/hcxtools-6.0.2/wlanhcx2john.c:24:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac2[6]; /* client */
data/hcxtools-6.0.2/wlanhcx2john.c:25:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nonce1[32]; /* snonce client */
data/hcxtools-6.0.2/wlanhcx2john.c:26:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nonce2[32]; /* anonce bssid */
data/hcxtools-6.0.2/wlanhcx2john.c:27:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char eapol[256];
data/hcxtools-6.0.2/wlanhcx2john.c:30:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keymic[16];
data/hcxtools-6.0.2/wlanhcx2john.c:42:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itoa64[64] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
data/hcxtools-6.0.2/wlanhcx2john.c:56:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void mac2asciilong(char ssid[18], unsigned char *p)
data/hcxtools-6.0.2/wlanhcx2john.c:58:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ssid, "%02x-%02x-%02x-%02x-%02x-%02x",p[0],p[1],p[2],p[3],p[4],p[5]);
data/hcxtools-6.0.2/wlanhcx2john.c:62:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void mac2ascii(char ssid[13], unsigned char *p)
data/hcxtools-6.0.2/wlanhcx2john.c:64:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ssid, "%02x%02x%02x%02x%02x%02x",p[0],p[1],p[2],p[3],p[4],p[5]);
data/hcxtools-6.0.2/wlanhcx2john.c:72:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sta_mac[18];
data/hcxtools-6.0.2/wlanhcx2john.c:73:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ap_mac[18];
data/hcxtools-6.0.2/wlanhcx2john.c:74:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ap_mac_long[13];
data/hcxtools-6.0.2/wlanhcx2john.c:107:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhjohn = fopen(johnoutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2john.c:128:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hcdata.essid, zeiger->essid, zeiger->essid_len);
data/hcxtools-6.0.2/wlanhcx2john.c:129:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hcdata.mac1, zeiger->mac_ap.addr, 6);
data/hcxtools-6.0.2/wlanhcx2john.c:130:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hcdata.mac2, zeiger->mac_sta.addr, 6);
data/hcxtools-6.0.2/wlanhcx2john.c:131:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hcdata.nonce1, zeiger->nonce_sta, 32);
data/hcxtools-6.0.2/wlanhcx2john.c:132:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hcdata.nonce2, zeiger->nonce_ap, 32);
data/hcxtools-6.0.2/wlanhcx2john.c:133:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hcdata.eapol, zeiger->eapol, 256);
data/hcxtools-6.0.2/wlanhcx2john.c:136:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hcdata.keymic, zeiger->keymic, 16);
data/hcxtools-6.0.2/wlanhcx2john.c:182:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(hcxinname, "rb")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:165:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(rmdupesname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:277:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(repairedname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:299:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyveroutname[PATH_MAX +1];
data/hcxtools-6.0.2/wlanhcx2ssid.c:308:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(keyveroutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:347:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(singlenetname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:413:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(singlenetname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:460:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(mpname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:498:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(groupkeyname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:526:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(pairwisekeyname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:554:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(rcnotckeckedname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:582:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(rcckeckedname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:605:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wantessidlenoutname[PATH_MAX +1];
data/hcxtools-6.0.2/wlanhcx2ssid.c:614:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(wantessidlenoutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:644:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(wlandumpforcedname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:674:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(wlandumpforcedname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:700:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linein[14];
data/hcxtools-6.0.2/wlanhcx2ssid.c:702:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhaplist = fopen(aplistname, "r")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:726:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(apoutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:753:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char macoutname[PATH_MAX +1];
data/hcxtools-6.0.2/wlanhcx2ssid.c:767:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(macoutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:791:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vendoroutname[PATH_MAX +1];
data/hcxtools-6.0.2/wlanhcx2ssid.c:795:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(vendoroutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:836:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ouinameuserpath[PATH_MAX +2];
data/hcxtools-6.0.2/wlanhcx2ssid.c:837:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linein[256];
data/hcxtools-6.0.2/wlanhcx2ssid.c:870:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhoui = fopen(ouiname, "r")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:902:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char macoutname[PATH_MAX +1];
data/hcxtools-6.0.2/wlanhcx2ssid.c:919:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(macoutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:942:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char macoutname[PATH_MAX +1];
data/hcxtools-6.0.2/wlanhcx2ssid.c:959:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(macoutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:980:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essidoutname[PATH_MAX +1];
data/hcxtools-6.0.2/wlanhcx2ssid.c:982:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essidstr[34];
data/hcxtools-6.0.2/wlanhcx2ssid.c:990:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidstr, zeigerhcx->essid, zeigerhcx->essid_len);
data/hcxtools-6.0.2/wlanhcx2ssid.c:993:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(essidoutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:1014:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essidxoutname[PATH_MAX +1];
data/hcxtools-6.0.2/wlanhcx2ssid.c:1016:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essidstr[34];
data/hcxtools-6.0.2/wlanhcx2ssid.c:1024:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidstr, zeigerhcx->essid, zeigerhcx->essid_len);
data/hcxtools-6.0.2/wlanhcx2ssid.c:1027:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(essidxoutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:1049:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digit[16] = {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
data/hcxtools-6.0.2/wlanhcx2ssid.c:1051:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hcxoutname[PATH_MAX +1];
data/hcxtools-6.0.2/wlanhcx2ssid.c:1066:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(&hcxoutname[ceo], ".hccapx");
data/hcxtools-6.0.2/wlanhcx2ssid.c:1067:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(hcxoutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:1081:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void oui2hxoutname(char ssid[13], unsigned char *p)
data/hcxtools-6.0.2/wlanhcx2ssid.c:1083:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ssid, "%02x%02x%02x.hccapx",p[0],p[1],p[2]);
data/hcxtools-6.0.2/wlanhcx2ssid.c:1087:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void mac2hxoutname(char ssid[13], unsigned char *p)
data/hcxtools-6.0.2/wlanhcx2ssid.c:1089:1: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ssid, "%02x%02x%02x%02x%02x%02x.hccapx",p[0],p[1],p[2],p[3],p[4],p[5]);
data/hcxtools-6.0.2/wlanhcx2ssid.c:1099:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hcxoutname[PATH_MAX +1];
data/hcxtools-6.0.2/wlanhcx2ssid.c:1106:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(hcxoutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:1127:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hcxoutname[PATH_MAX +1];
data/hcxtools-6.0.2/wlanhcx2ssid.c:1134:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(hcxoutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:1155:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hcxoutname[PATH_MAX +1];
data/hcxtools-6.0.2/wlanhcx2ssid.c:1162:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(hcxoutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:1198:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(hcxinname, "rb")) == NULL)
data/hcxtools-6.0.2/wlanhcx2ssid.c:1306:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workingdir[PATH_MAX +1];
data/hcxtools-6.0.2/wlanhcxcat.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr[1024];
data/hcxtools-6.0.2/wlanhcxcat.c:71:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmk, &pmkin, 32);
data/hcxtools-6.0.2/wlanhcxcat.c:115:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkedata_prf + 2, pkedata, 98);
data/hcxtools-6.0.2/wlanhcxcat.c:147:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char essid[32];
data/hcxtools-6.0.2/wlanhcxcat.c:149:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr[1024];
data/hcxtools-6.0.2/wlanhcxcat.c:159:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essid, essidname, essidlen);
data/hcxtools-6.0.2/wlanhcxcat.c:171:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmk, &pmkin, 32);
data/hcxtools-6.0.2/wlanhcxcat.c:215:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkedata_prf + 2, pkedata, 98);
data/hcxtools-6.0.2/wlanhcxcat.c:248:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr[1024];
data/hcxtools-6.0.2/wlanhcxcat.c:258:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmk, &pmkin, 32);
data/hcxtools-6.0.2/wlanhcxcat.c:270:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmk, &pmkin, 32);
data/hcxtools-6.0.2/wlanhcxcat.c:280:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmk, &pmkin, 32);
data/hcxtools-6.0.2/wlanhcxcat.c:325:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkedata_prf + 2, pkedata, 98);
data/hcxtools-6.0.2/wlanhcxcat.c:358:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char essid[32] = { 0 };
data/hcxtools-6.0.2/wlanhcxcat.c:360:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr[1024];
data/hcxtools-6.0.2/wlanhcxcat.c:362:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essid, essidname, essidlen);
data/hcxtools-6.0.2/wlanhcxcat.c:380:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmk, &pmkin, 32);
data/hcxtools-6.0.2/wlanhcxcat.c:424:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkedata_prf + 2, pkedata, 98);
data/hcxtools-6.0.2/wlanhcxcat.c:487:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linein[66];
data/hcxtools-6.0.2/wlanhcxcat.c:489:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhpwin = fopen(wordlistname, "r")) == NULL)
data/hcxtools-6.0.2/wlanhcxcat.c:522:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linein[66];
data/hcxtools-6.0.2/wlanhcxcat.c:524:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhpwin = fopen(wordlistname, "r")) == NULL)
data/hcxtools-6.0.2/wlanhcxcat.c:579:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(hcxinname, "rb")) == NULL)
data/hcxtools-6.0.2/wlanhcxcat.c:693:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zeitstring[26];
data/hcxtools-6.0.2/wlanhcxcat.c:743:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhpot = fopen(potname, "a")) == NULL)
data/hcxtools-6.0.2/wlanhcxinfo.c:37:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essid[36];
data/hcxtools-6.0.2/wlanhcxinfo.c:38:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac1[6]; /* bssid */
data/hcxtools-6.0.2/wlanhcxinfo.c:39:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac2[6]; /* client */
data/hcxtools-6.0.2/wlanhcxinfo.c:40:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nonce1[32]; /* snonce client */
data/hcxtools-6.0.2/wlanhcxinfo.c:41:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nonce2[32]; /* anonce bssid */
data/hcxtools-6.0.2/wlanhcxinfo.c:42:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char eapol[256];
data/hcxtools-6.0.2/wlanhcxinfo.c:45:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keymic[16];
data/hcxtools-6.0.2/wlanhcxinfo.c:57:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char itoa64[64] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
data/hcxtools-6.0.2/wlanhcxinfo.c:58:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char atoi64[0x100];
data/hcxtools-6.0.2/wlanhcxinfo.c:217:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essidoutstr[34];
data/hcxtools-6.0.2/wlanhcxinfo.c:248:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&nonceold, zeigerhcx->nonce_ap, 32);
data/hcxtools-6.0.2/wlanhcxinfo.c:338:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidoutstr, zeigerhcx->essid, zeigerhcx->essid_len);
data/hcxtools-6.0.2/wlanhcxinfo.c:453:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essidout[36];
data/hcxtools-6.0.2/wlanhcxinfo.c:456:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidout, zeiger->essid, 36);
data/hcxtools-6.0.2/wlanhcxinfo.c:475:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord->essid, zeiger->essid, essid_len);
data/hcxtools-6.0.2/wlanhcxinfo.c:477:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord->mac_ap.addr, zeiger->mac1, 6);
data/hcxtools-6.0.2/wlanhcxinfo.c:478:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord->nonce_ap, zeiger->nonce2, 32);
data/hcxtools-6.0.2/wlanhcxinfo.c:479:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord->mac_sta.addr, zeiger->mac2, 6);
data/hcxtools-6.0.2/wlanhcxinfo.c:480:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord->nonce_sta, zeiger->nonce1, 32);
data/hcxtools-6.0.2/wlanhcxinfo.c:482:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord->eapol, zeiger->eapol, zeiger->eapol_size +4);
data/hcxtools-6.0.2/wlanhcxinfo.c:483:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord->keymic, zeiger->keymic, 16);
data/hcxtools-6.0.2/wlanhcxinfo.c:538:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linein[LINEBUFFER];
data/hcxtools-6.0.2/wlanhcxinfo.c:540:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hctemp[HCCAP_SIZE];
data/hcxtools-6.0.2/wlanhcxinfo.c:548:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhjohn = fopen(johninname, "r")) == NULL)
data/hcxtools-6.0.2/wlanhcxinfo.c:593:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hctemp, ptressid, le);
data/hcxtools-6.0.2/wlanhcxinfo.c:634:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(hcxinname, "rb")) == NULL)
data/hcxtools-6.0.2/wlanhcxinfo.c:710:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(infoname,"w");
data/hcxtools-6.0.2/wlanjohn2hcx.c:25:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essid[36];
data/hcxtools-6.0.2/wlanjohn2hcx.c:26:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac1[6]; /* bssid */
data/hcxtools-6.0.2/wlanjohn2hcx.c:27:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac2[6]; /* client */
data/hcxtools-6.0.2/wlanjohn2hcx.c:28:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nonce1[32]; /* snonce client */
data/hcxtools-6.0.2/wlanjohn2hcx.c:29:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nonce2[32]; /* anonce bssid */
data/hcxtools-6.0.2/wlanjohn2hcx.c:30:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char eapol[256];
data/hcxtools-6.0.2/wlanjohn2hcx.c:33:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keymic[16];
data/hcxtools-6.0.2/wlanjohn2hcx.c:45:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char itoa64[64] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
data/hcxtools-6.0.2/wlanjohn2hcx.c:46:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char atoi64[0x100];
data/hcxtools-6.0.2/wlanjohn2hcx.c:130:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essidout[36];
data/hcxtools-6.0.2/wlanjohn2hcx.c:133:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidout, zeiger->essid, 36);
data/hcxtools-6.0.2/wlanjohn2hcx.c:144:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(hcxoutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanjohn2hcx.c:153:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhessid = fopen(essidoutname, "a")) == NULL)
data/hcxtools-6.0.2/wlanjohn2hcx.c:179:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord.essid, zeiger->essid, essid_len);
data/hcxtools-6.0.2/wlanjohn2hcx.c:181:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord.mac_ap.addr, zeiger->mac1, 6);
data/hcxtools-6.0.2/wlanjohn2hcx.c:182:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord.nonce_ap, zeiger->nonce2, 32);
data/hcxtools-6.0.2/wlanjohn2hcx.c:183:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord.mac_sta.addr, zeiger->mac2, 6);
data/hcxtools-6.0.2/wlanjohn2hcx.c:184:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord.nonce_sta, zeiger->nonce1, 32);
data/hcxtools-6.0.2/wlanjohn2hcx.c:186:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord.eapol, zeiger->eapol, 256);
data/hcxtools-6.0.2/wlanjohn2hcx.c:187:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord.keymic, zeiger->keymic, 16);
data/hcxtools-6.0.2/wlanjohn2hcx.c:247:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linein[LINEBUFFER];
data/hcxtools-6.0.2/wlanjohn2hcx.c:249:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hctemp[HCCAP_SIZE];
data/hcxtools-6.0.2/wlanjohn2hcx.c:252:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhjohn = fopen(johninname, "r")) == NULL)
data/hcxtools-6.0.2/wlanjohn2hcx.c:287:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hctemp, ptressid, le);
data/hcxtools-6.0.2/wlanpmk2hcx.c:92:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char combiline[100];
data/hcxtools-6.0.2/wlanpmk2hcx.c:93:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pmkstr[64];
data/hcxtools-6.0.2/wlanpmk2hcx.c:94:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char essidstr[64];
data/hcxtools-6.0.2/wlanpmk2hcx.c:130:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidstr, essidname, essidlen);
data/hcxtools-6.0.2/wlanpmk2hcx.c:157:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char essidstr[64];
data/hcxtools-6.0.2/wlanpmk2hcx.c:158:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pmkstr[64];
data/hcxtools-6.0.2/wlanpmk2hcx.c:168:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidstr, essidname, essidlen);
data/hcxtools-6.0.2/wlanpmk2hcx.c:219:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhcombi = fopen(optarg, "r")) == NULL)
data/hcxtools-6.0.2/wlanpmk2hcx.c:227:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhash = fopen(optarg, "a")) == NULL)
data/hcxtools-6.0.2/wlanpmk2hcx.c:235:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhjohn = fopen(optarg, "a")) == NULL)
data/hcxtools-6.0.2/wlanwkp2hcx.c:87:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char essidstring[34] = { 0 };
data/hcxtools-6.0.2/wlanwkp2hcx.c:89:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&essidstring, essid, essidlen);
data/hcxtools-6.0.2/wlanwkp2hcx.c:92:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhessid = fopen(essidoutname, "a")) == NULL)
data/hcxtools-6.0.2/wlanwkp2hcx.c:128:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord.essid, &wkpdata[WKPESSID2], wkpessidlen);
data/hcxtools-6.0.2/wlanwkp2hcx.c:131:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord.mac_ap.addr, &wkpdata[WKPMAC_AP], 6);
data/hcxtools-6.0.2/wlanwkp2hcx.c:132:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord.nonce_ap, &wkpdata[WKPNONCE_AP], 32);
data/hcxtools-6.0.2/wlanwkp2hcx.c:133:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord.mac_sta.addr, &wkpdata[WKPMAC_STA], 6);
data/hcxtools-6.0.2/wlanwkp2hcx.c:134:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord.nonce_sta, &wkpdata[WKPNONCE_STA], 32);
data/hcxtools-6.0.2/wlanwkp2hcx.c:136:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord.eapol, &wkpdata[WKPEAPOLDATA], 256);
data/hcxtools-6.0.2/wlanwkp2hcx.c:137:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hcxrecord.keymic, &wkpdata[WKPKEYMIC], 16);
data/hcxtools-6.0.2/wlanwkp2hcx.c:142:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhhcx = fopen(hcxoutname, "ab")) == NULL)
data/hcxtools-6.0.2/wlanwkp2hcx.c:183:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fhwkp = fopen(wkpiname, "rb")) == NULL)
data/hcxtools-6.0.2/common.c:95:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (pos = 0; ((pos < (blen*2)) && (pos < strlen(str))); pos += 2)
data/hcxtools-6.0.2/hcxessidtool.c:527:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((count = read(fd_file, zeiger, INTHCCAPX_SIZE)))
data/hcxtools-6.0.2/hcxessidtool.c:580:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((count = read(fd_file, zeiger, INTHCCAPX_SIZE)))
data/hcxtools-6.0.2/hcxessidtool.c:890:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffptr);
data/hcxtools-6.0.2/hcxessidtool.c:1277:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
essidfilterlen = strlen(optarg);
data/hcxtools-6.0.2/hcxessidtool.c:1287:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
essidpartfilterlen = strlen(optarg);
data/hcxtools-6.0.2/hcxhash2cap.c:524:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffptr);
data/hcxtools-6.0.2/hcxhashcattool.c:316:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
essidlen = strlen(essidptr);
data/hcxtools-6.0.2/hcxhashcattool.c:329:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
essidlen = strlen(essidptr) /2;
data/hcxtools-6.0.2/hcxhashcattool.c:355:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
psklen = strlen(pskptr);
data/hcxtools-6.0.2/hcxhashcattool.c:397:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pmklen = strlen(pmkline);
data/hcxtools-6.0.2/hcxhashcattool.c:443:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
psklen = strlen(psk_ptr);
data/hcxtools-6.0.2/hcxhashcattool.c:486:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buffptr);
data/hcxtools-6.0.2/hcxhashtool.c:1338:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffptr);
data/hcxtools-6.0.2/hcxhashtool.c:1492:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ouinameuserpath, pwd->pw_dir, PATH_MAX -1);
data/hcxtools-6.0.2/hcxhashtool.c:1513:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(zeiger->vendor, vendorptr, VENDOR_LEN_MAX -1);
data/hcxtools-6.0.2/hcxhashtool.c:1548:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ouinameuserpath, pwd->pw_dir, PATH_MAX -1);
data/hcxtools-6.0.2/hcxhashtool.c:1830:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filteressidlen = strlen(filteressidptr);
data/hcxtools-6.0.2/hcxhashtool.c:1840:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filteressidpartlen = strlen(filteressidpartptr);
data/hcxtools-6.0.2/hcxhashtool.c:1861:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(optarg);
data/hcxtools-6.0.2/hcxhashtool.c:1882:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(optarg);
data/hcxtools-6.0.2/hcxhashtool.c:1903:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(optarg);
data/hcxtools-6.0.2/hcxhashtool.c:1924:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(optarg);
data/hcxtools-6.0.2/hcxhashtool.c:1966:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pskptrlen = strlen(pskptr);
data/hcxtools-6.0.2/hcxmactool.c:354:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((count = read(fd_file, zeiger, INTHCCAPX_SIZE)))
data/hcxtools-6.0.2/hcxmactool.c:586:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffptr);
data/hcxtools-6.0.2/hcxmactool.c:722:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ouinameuserhome, pwd->pw_dir, PATH_MAX);
data/hcxtools-6.0.2/hcxmactool.c:772:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(zeiger->vendor, vendorname, OUI_LINE_LEN);
data/hcxtools-6.0.2/hcxmactool.c:878:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(optarg) != 6)
data/hcxtools-6.0.2/hcxmactool.c:891:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(optarg) != 6)
data/hcxtools-6.0.2/hcxmactool.c:904:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(optarg) != 12)
data/hcxtools-6.0.2/hcxmactool.c:925:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(optarg) != 6)
data/hcxtools-6.0.2/hcxmactool.c:938:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(optarg) != 6)
data/hcxtools-6.0.2/hcxmactool.c:951:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(optarg) != 12)
data/hcxtools-6.0.2/hcxpcapngtool.c:669:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wecl = strlen(pcapngweakcandidate);
data/hcxtools-6.0.2/hcxpcapngtool.c:712:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gpwpllen = strlen(gpwpl);
data/hcxtools-6.0.2/hcxpcapngtool.c:3345:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(fd, &pcapfhdr, PCAPHDR_SIZE);
data/hcxtools-6.0.2/hcxpcapngtool.c:3403:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(fd, &pcaprhdr, PCAPREC_SIZE);
data/hcxtools-6.0.2/hcxpcapngtool.c:3434:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(fd, &packet, pcaprhdr.incl_len);
data/hcxtools-6.0.2/hcxpcapngtool.c:3667:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(fd, &pcpngblock, BH_SIZE);
data/hcxtools-6.0.2/hcxpcapngtool.c:3715:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(fd, &pcpngblock, blocklen);
data/hcxtools-6.0.2/hcxpcapngtool.c:4052:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffptr);
data/hcxtools-6.0.2/hcxpcapngtool.c:4528:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(prefixoutname) > PREFIX_BUFFER_MAX)
data/hcxtools-6.0.2/hcxpcapngtool.c:4562:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pmkideapolprefix, prefixoutname, PREFIX_BUFFER_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:4566:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(essidprefix, prefixoutname, PREFIX_BUFFER_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:4570:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(identityprefix, prefixoutname, PREFIX_BUFFER_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:4574:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(usernameprefix, prefixoutname, PREFIX_BUFFER_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:4578:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(eapmd5prefix, prefixoutname, PREFIX_BUFFER_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:4582:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(eapleapprefix, prefixoutname, PREFIX_BUFFER_MAX);
data/hcxtools-6.0.2/hcxpcapngtool.c:4586:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nmeaprefix, prefixoutname, PREFIX_BUFFER_MAX);
data/hcxtools-6.0.2/hcxpcaptool.c:1176:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wecl = strlen(weakcandidate);
data/hcxtools-6.0.2/hcxpcaptool.c:2601:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA1_Update(&ctxsha1, un_ptr, strlen(un_ptr));
data/hcxtools-6.0.2/hcxpcaptool.c:6350:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(fd, &pcpngblock, BH_SIZE);
data/hcxtools-6.0.2/hcxpcaptool.c:6396:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(fd, &pcpngblock, blocklen);
data/hcxtools-6.0.2/hcxpcaptool.c:6627:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(fd, &pcapfhdr, PCAPHDR_SIZE);
data/hcxtools-6.0.2/hcxpcaptool.c:6681:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(fd, &pcaprhdr, PCAPREC_SIZE);
data/hcxtools-6.0.2/hcxpcaptool.c:6720:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(fd, &packet, pcaprhdr.incl_len);
data/hcxtools-6.0.2/hcxpcaptool.c:6778:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(fd, &msnthdr, MSNETMON_SIZE);
data/hcxtools-6.0.2/hcxpcaptool.c:6811:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(fd, &msnthdr, MSNETMON_SIZE);
data/hcxtools-6.0.2/hcxpcaptool.c:7553:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(prefixoutname) > (PATH_MAX -20))
data/hcxtools-6.0.2/hcxpcaptool.c:7562:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(optarg) != 12)
data/hcxtools-6.0.2/hcxpcaptool.c:7650:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(prefixhccapxname, suffixhccapx, PATH_MAX -20);
data/hcxtools-6.0.2/hcxpcaptool.c:7654:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(prefix16800name, suffixpmkid, PATH_MAX -20);
data/hcxtools-6.0.2/hcxpcaptool.c:7658:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(prefixnetntlm1name, suffixnetntlm1, PATH_MAX -20);
data/hcxtools-6.0.2/hcxpcaptool.c:7662:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(prefixmd5name, suffixmd5, PATH_MAX -20);
data/hcxtools-6.0.2/hcxpcaptool.c:7666:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(prefixtacacspname, suffixtacacsp, PATH_MAX -20);
data/hcxtools-6.0.2/hcxpcaptool.c:7670:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(prefixessidname, suffixessid, PATH_MAX -20);
data/hcxtools-6.0.2/hcxpcaptool.c:7674:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(prefixidentityname, suffixidentity, PATH_MAX -20);
data/hcxtools-6.0.2/hcxpcaptool.c:7678:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(prefixusername, suffixuser, PATH_MAX -20);
data/hcxtools-6.0.2/hcxpcaptool.c:7682:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(prefiximsiname, suffiximsi, PATH_MAX -20);
data/hcxtools-6.0.2/hcxpcaptool.c:7686:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(prefixnetworkname, suffixnetwork, PATH_MAX -20);
data/hcxtools-6.0.2/hcxpcaptool.c:7690:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(prefixtrafficname, suffixtraffic, PATH_MAX -20);
data/hcxtools-6.0.2/hcxpcaptool.c:7694:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(prefixstaessidname, suffixstaessid, PATH_MAX -20);
data/hcxtools-6.0.2/hcxpcaptool.c:7698:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(prefixdeviceinfoname, suffixdeviceinfo, PATH_MAX -20);
data/hcxtools-6.0.2/hcxpmkidtool.c:136:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffptr);
data/hcxtools-6.0.2/hcxpmkidtool.c:332:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen(pmkname);
data/hcxtools-6.0.2/hcxpmkidtool.c:368:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen(wordname);
data/hcxtools-6.0.2/hcxpmkidtool.c:424:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pmkidlen = strlen(pmkidline);
data/hcxtools-6.0.2/hcxpmkidtool.c:540:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((strlen(wordname) < 8) || (strlen(wordname) > 63))
data/hcxtools-6.0.2/hcxpmkidtool.c:540:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((strlen(wordname) < 8) || (strlen(wordname) > 63))
data/hcxtools-6.0.2/hcxpmkidtool.c:553:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(pmkname) != 64)
data/hcxtools-6.0.2/hcxpsktool.c:68:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(pskstring);
data/hcxtools-6.0.2/hcxpsktool.c:1603:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffptr);
data/hcxtools-6.0.2/hcxpsktool.c:1877:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
essidlen = strlen(essidname);
data/hcxtools-6.0.2/hcxpsktool.c:2054:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(macapname) != 12)
data/hcxtools-6.0.2/hcxwltool.c:560:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffptr);
data/hcxtools-6.0.2/include/fileops.c:18:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(fd, &mnr, 4);
data/hcxtools-6.0.2/include/pcap.c:46:1: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0);
data/hcxtools-6.0.2/include/strings.c:56:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (pos = 0; ((pos < (blen*2)) && (pos < strlen(str))); pos += 2)
data/hcxtools-6.0.2/include/strings.c:69:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(string);
data/hcxtools-6.0.2/whoismac.c:87:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buffptr);
data/hcxtools-6.0.2/whoismac.c:98:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(essidname);
data/hcxtools-6.0.2/whoismac.c:131:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(hexessidname);
data/hcxtools-6.0.2/whoismac.c:166:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(essidptr);
data/hcxtools-6.0.2/whoismac.c:171:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l1 = strlen(passwdptr);
data/hcxtools-6.0.2/whoismac.c:195:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(vendorapname, "unknown", 8);
data/hcxtools-6.0.2/whoismac.c:196:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(vendorstaname, "unknown", 8);
data/hcxtools-6.0.2/whoismac.c:210:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vendorapname, vendorptr +1,255);
data/hcxtools-6.0.2/whoismac.c:218:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vendorstaname, vendorptr +1,255);
data/hcxtools-6.0.2/whoismac.c:268:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(essidptr);
data/hcxtools-6.0.2/whoismac.c:274:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l1 = strlen(passwdptr);
data/hcxtools-6.0.2/whoismac.c:295:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(vendorapname, "unknown", 8);
data/hcxtools-6.0.2/whoismac.c:296:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(vendorstaname, "unknown", 8);
data/hcxtools-6.0.2/whoismac.c:310:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vendorapname, vendorptr +1,255);
data/hcxtools-6.0.2/whoismac.c:318:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vendorstaname, vendorptr +1,255);
data/hcxtools-6.0.2/whoismac.c:354:1: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(vendorapname, "unknown", 8);
data/hcxtools-6.0.2/whoismac.c:368:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vendorapname, vendorptr +1,255);
data/hcxtools-6.0.2/whoismac.c:478:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l= strlen(optarg);
data/hcxtools-6.0.2/whoismac.c:500:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(hash16800line);
data/hcxtools-6.0.2/whoismac.c:528:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(hash2500line);
data/hcxtools-6.0.2/wlancap2wpasec.c:163:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((strlen(optarg) == 32) && (optarg[strspn(optarg, "0123456789abcdefABCDEF")] == 0))
data/hcxtools-6.0.2/wlancap2wpasec.c:189:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(emailaddr) > 120)
data/hcxtools-6.0.2/wlanhcx2ssid.c:61:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buffptr);
data/hcxtools-6.0.2/wlanhcx2ssid.c:1342:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(essidname) > 32)
data/hcxtools-6.0.2/wlanhcx2ssid.c:1351:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(essidxname) > 32)
data/hcxtools-6.0.2/wlanhcx2ssid.c:1370:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(optarg) != 12)
data/hcxtools-6.0.2/wlanhcx2ssid.c:1380:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(optarg) != 12)
data/hcxtools-6.0.2/wlanhcx2ssid.c:1390:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(optarg) != 6)
data/hcxtools-6.0.2/wlanhcxcat.c:476:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buffptr);
data/hcxtools-6.0.2/wlanhcxcat.c:637:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (pos = 0; ((pos < (blen*2)) && (pos < strlen(str))); pos += 2)
data/hcxtools-6.0.2/wlanhcxcat.c:706:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
essidlen = strlen(essidname);
data/hcxtools-6.0.2/wlanhcxcat.c:716:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
passwordlen = strlen(passwordname);
data/hcxtools-6.0.2/wlanhcxcat.c:726:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(pmkname) != 64)
data/hcxtools-6.0.2/wlanhcxinfo.c:457:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
essid_len = strlen(essidout);
data/hcxtools-6.0.2/wlanhcxinfo.c:515:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buffptr);
data/hcxtools-6.0.2/wlanjohn2hcx.c:134:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
essid_len = strlen(essidout);
data/hcxtools-6.0.2/wlanjohn2hcx.c:226:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buffptr);
data/hcxtools-6.0.2/wlanpmk2hcx.c:77:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buffptr);
data/hcxtools-6.0.2/wlanpmk2hcx.c:120:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
essidlen = strlen(essidname);
data/hcxtools-6.0.2/wlanpmk2hcx.c:244:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
essidlen = strlen(essidname);
data/hcxtools-6.0.2/wlanpmk2hcx.c:254:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pmklen = strlen(pmkname);
ANALYSIS SUMMARY:
Hits = 1158
Lines analyzed = 34468 in approximately 1.07 seconds (32344 lines/second)
Physical Source Lines of Code (SLOC) = 31259
Hits@level = [0] 1610 [1] 131 [2] 973 [3] 21 [4] 22 [5] 11
Hits@level+ = [0+] 2768 [1+] 1158 [2+] 1027 [3+] 54 [4+] 33 [5+] 11
Hits/KSLOC@level+ = [0+] 88.5505 [1+] 37.0453 [2+] 32.8545 [3+] 1.7275 [4+] 1.0557 [5+] 0.351899
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.