Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/hpsockd-0.17/src/sockd/dns.c
Examining data/hpsockd-0.17/src/sockd/logging.h
Examining data/hpsockd-0.17/src/sockd/sockd.h
Examining data/hpsockd-0.17/src/sockd/sdc.c
Examining data/hpsockd-0.17/src/sockd/v5command.c
Examining data/hpsockd-0.17/src/sockd/methods.c
Examining data/hpsockd-0.17/src/sockd/v5.c
Examining data/hpsockd-0.17/src/sockd/v4.h
Examining data/hpsockd-0.17/src/sockd/log2ascii.c
Examining data/hpsockd-0.17/src/sockd/util.c
Examining data/hpsockd-0.17/src/sockd/v5udp.c
Examining data/hpsockd-0.17/src/sockd/logging.c
Examining data/hpsockd-0.17/src/sockd/v5.h
Examining data/hpsockd-0.17/src/sockd/v5tcp.c
Examining data/hpsockd-0.17/src/sockd/sockd.c
Examining data/hpsockd-0.17/src/sockd/userpass.c
Examining data/hpsockd-0.17/src/sockd/signal.c
Examining data/hpsockd-0.17/src/sockd/usage.c
Examining data/hpsockd-0.17/src/sockd/paths.h
Examining data/hpsockd-0.17/src/sockd/v4.c
Examining data/hpsockd-0.17/src/sockd/listen.c
Examining data/hpsockd-0.17/src/util/inet_ntoa.h
Examining data/hpsockd-0.17/src/util/inetdsec.c
Examining data/hpsockd-0.17/src/util/btree.h
Examining data/hpsockd-0.17/src/util/btree.c
Examining data/hpsockd-0.17/src/util/inet_ntoa.c
FINAL RESULTS:
data/hpsockd-0.17/src/sockd/dns.c:330:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(req->req.name,name);
data/hpsockd-0.17/src/sockd/dns.c:373:30: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
reply->hostent.h_name=next; strcpy(next,req->req.name); next+=strlen(req->req.name)+1;
data/hpsockd-0.17/src/sockd/methods.c:72:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(infoName,"%sInfo",name);
data/hpsockd-0.17/src/sockd/sdc.c:127:2: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(SOCKD_PATH,c,(char*)NULL);
data/hpsockd-0.17/src/sockd/sdc.c:139:2: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(SOCKD_PATH,c,(char*)NULL);
data/hpsockd-0.17/src/sockd/signal.c:104:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"%s.client.%d",base,negotInfo->pid);
data/hpsockd-0.17/src/sockd/signal.c:160:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"%s.conf.%d",base,negotInfo->pid);
data/hpsockd-0.17/src/sockd/signal.c:394:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"%s.memmap.%d",base,pid);
data/hpsockd-0.17/src/sockd/usage.c:169:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(c+strlen(c),b?"%09d":"%d",a);
data/hpsockd-0.17/src/sockd/usage.c:170:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(c+strlen(c),(a||b)?"%09d":"%d",l);
data/hpsockd-0.17/src/sockd/util.c:661:2: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
syslog(LOG_ERR,ERRSTR);
data/hpsockd-0.17/src/sockd/util.c:855:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"%s.footprint.%d",base,negotInfo->pid);
data/hpsockd-0.17/src/sockd/v5command.c:296:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd,escape), cmd+=strlen(escape);
data/hpsockd-0.17/src/sockd/v5command.c:303:2: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(shell,"sh","-c",cmdStart,(char*)NULL);
data/hpsockd-0.17/src/sockd/v5command.c:306:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmdStart);
data/hpsockd-0.17/src/sockd/v5udp.c:178:6: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
syslog(LOG_ERR,m,inetNtoa(mSin->sin_addr.s_addr),ntohs(mSin->sin_port));
data/hpsockd-0.17/src/sockd/v5udp.c:180:6: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
syslog(LOG_ERR,m);
data/hpsockd-0.17/src/sockd/v5udp.c:195:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(out,"%2s-%05x%c ",tag, num, (i ? '-' : ':'));
data/hpsockd-0.17/src/util/btree.c:465:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define Fprintf (void)fprintf
data/hpsockd-0.17/src/util/inet_ntoa.c:57:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(str[v],ADDR_SLEN,fmt,(haddr>>24&0xff),(haddr>>16&0xff),(haddr>>8&0xff),(haddr&0xff));
data/hpsockd-0.17/src/util/inetdsec.c:118:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(buf, safe.list);
data/hpsockd-0.17/src/util/inetdsec.c:378:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cp,p);
data/hpsockd-0.17/src/sockd/log2ascii.c:59:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c=getopt(argc,argv,":fs")) != EOF) switch (c) {
data/hpsockd-0.17/src/sockd/sdc.c:51:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c=getopt(argc,argv,"c:d:p:"))!=EOF) switch(c) {
data/hpsockd-0.17/src/sockd/sockd.c:75:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c=getopt(argc,argv,":c:d:l:vw:"))!=EOF) switch(c) {
data/hpsockd-0.17/src/sockd/usage.c:194:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c=getopt(argc,argv,"D:sdvn:h:")) != EOF) switch (c) {
data/hpsockd-0.17/src/sockd/dns.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/hpsockd-0.17/src/sockd/dns.c:54:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[248];
data/hpsockd-0.17/src/sockd/dns.c:386:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(next,hent->h_addr_list[j],hent->h_length);
data/hpsockd-0.17/src/sockd/listen.c:325:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdLine[256];
data/hpsockd-0.17/src/sockd/log2ascii.c:79:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ((in=open(argv[optind],O_RDONLY,0))<0) {
data/hpsockd-0.17/src/sockd/log2ascii.c:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[65536];
data/hpsockd-0.17/src/sockd/log2ascii.c:101:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char uchars[65536];
data/hpsockd-0.17/src/sockd/log2ascii.c:188:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/hpsockd-0.17/src/sockd/log2ascii.c:208:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sin.sin_addr,c+1,4);
data/hpsockd-0.17/src/sockd/log2ascii.c:220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/hpsockd-0.17/src/sockd/log2ascii.c:221:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name,c+1,*c);
data/hpsockd-0.17/src/sockd/logging.c:46:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logFd=open(config.log.logFile,O_WRONLY|O_APPEND);
data/hpsockd-0.17/src/sockd/logging.c:48:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logFd=open(config.log.logFile,O_WRONLY|O_APPEND|O_CREAT|O_EXCL,0644);
data/hpsockd-0.17/src/sockd/logging.c:50:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logFd=open(config.log.logFile,O_WRONLY|O_APPEND);
data/hpsockd-0.17/src/sockd/logging.c:93:37: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
tmp=htonl(now-conn->startTime); memcpy(p,&tmp,sizeof(tmp)); p+=sizeof(tmp);
data/hpsockd-0.17/src/sockd/logging.c:96:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case AF_INET: *p=ATYP_V4; memcpy(p+1,&srcSin->sin_addr,4); p+=5; break;
data/hpsockd-0.17/src/sockd/logging.c:98:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case AF_INET6: *p=ATYP_V6; memcpy(p+1,&srcSin->sin_addr,16); p+=17; break;
data/hpsockd-0.17/src/sockd/logging.c:106:37: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
i=strlen(conn->user)&0xff; *p++=i; memcpy(p,conn->user,i); p+=i; /* name limited to 255 octets */
data/hpsockd-0.17/src/sockd/logging.c:120:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case AF_INET: *p=ATYP_V4; memcpy(p+1,&destSin->sin_addr,4); p+=5; break;
data/hpsockd-0.17/src/sockd/logging.c:122:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case AF_INET6: *p=ATYP_V6; memcpy(p+1,&destSin->sin_addr,16); p+=17; break;
data/hpsockd-0.17/src/sockd/logging.c:125:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p,&destSin->sin_port,sizeof(u_short)); p+=sizeof(u_short);
data/hpsockd-0.17/src/sockd/logging.c:129:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p,&tmp,sizeof(tmp)), p+=sizeof(tmp);
data/hpsockd-0.17/src/sockd/logging.c:131:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p,&tmp,sizeof(tmp)), p+=sizeof(tmp);
data/hpsockd-0.17/src/sockd/logging.c:132:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
tmp=htonl(reason); memcpy(p,&tmp,sizeof(tmp)), p+=sizeof(tmp);
data/hpsockd-0.17/src/sockd/logging.c:162:4: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
i=open(config.log.logFile,O_WRONLY|O_APPEND);
data/hpsockd-0.17/src/sockd/logging.h:37:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chars[256*3+256]; /* more than enough */
data/hpsockd-0.17/src/sockd/sdc.c:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char syslogName[20];
data/hpsockd-0.17/src/sockd/sdc.c:73:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
negotFd=open(config.daemon.negotFile,O_RDONLY);
data/hpsockd-0.17/src/sockd/sdc.c:94:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(negot,negotTmp,NEGOT_SIZE);
data/hpsockd-0.17/src/sockd/sdc.c:159:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[12];
data/hpsockd-0.17/src/sockd/signal.c:37:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[20];
data/hpsockd-0.17/src/sockd/signal.c:42:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"%d",i);
data/hpsockd-0.17/src/sockd/signal.c:62:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char result[sizeof("255.255.255.255")*2+8];
data/hpsockd-0.17/src/sockd/signal.c:107:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=open(name,O_WRONLY|O_CREAT|O_EXCL,0600);
data/hpsockd-0.17/src/sockd/signal.c:163:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=open(name,O_WRONLY|O_CREAT|O_EXCL,0600);
data/hpsockd-0.17/src/sockd/signal.c:297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c2[sizeof("unknown-")+10],d2[sizeof(" unknown-")+10];
data/hpsockd-0.17/src/sockd/signal.c:303:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: c=c2; sprintf(c,"unknown-%d",config.clients.list[i].action); break;
data/hpsockd-0.17/src/sockd/signal.c:312:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: d=d2; sprintf(d," unknown-%d",config.clients.list[i].request); break;
data/hpsockd-0.17/src/sockd/signal.c:401:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=open(name,O_WRONLY|O_CREAT|O_EXCL,0600);
data/hpsockd-0.17/src/sockd/sockd.c:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char syslogName[20];
data/hpsockd-0.17/src/sockd/sockd.c:272:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[65536];
data/hpsockd-0.17/src/sockd/sockd.c:328:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32768],*cplim;
data/hpsockd-0.17/src/sockd/usage.c:139:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[80];
data/hpsockd-0.17/src/sockd/usage.c:167:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(c,"%d",b);
data/hpsockd-0.17/src/sockd/usage.c:217:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ((in=fopen(argv[optind],"r"))==NULL) {
data/hpsockd-0.17/src/sockd/usage.c:285:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[256];
data/hpsockd-0.17/src/sockd/usage.c:308:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user,utmp+1,*utmp);
data/hpsockd-0.17/src/sockd/usage.c:329:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[256];
data/hpsockd-0.17/src/sockd/usage.c:336:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user,utmp+1,*utmp);
data/hpsockd-0.17/src/sockd/usage.c:460:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
key->src=malloc(ADDRLEN(src)); memcpy(key->src,src,ADDRLEN(src));
data/hpsockd-0.17/src/sockd/usage.c:481:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
key->dest=malloc(ADDRLEN(dst)); memcpy(key->dest,dst,ADDRLEN(dst));
data/hpsockd-0.17/src/sockd/usage.c:625:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[256];
data/hpsockd-0.17/src/sockd/usage.c:629:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&in,addr+1,4);
data/hpsockd-0.17/src/sockd/usage.c:632:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"v6 addr"); /* XXX */
data/hpsockd-0.17/src/sockd/usage.c:637:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,addr+1,*addr);
data/hpsockd-0.17/src/sockd/usage.c:640:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"unknown_address_type %d",*addr);
data/hpsockd-0.17/src/sockd/util.c:115:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inf->dataStart+inf->dataLen,buf,len);
data/hpsockd-0.17/src/sockd/util.c:126:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,inf->dataStart,len);
data/hpsockd-0.17/src/sockd/util.c:467:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdLine[256];
data/hpsockd-0.17/src/sockd/util.c:623:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blank[NEGOT_SIZE];
data/hpsockd-0.17/src/sockd/util.c:627:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
negotFd=open(config.daemon.negotFile,O_RDWR);
data/hpsockd-0.17/src/sockd/util.c:629:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((negotFd=open(config.daemon.negotFile,O_WRONLY|O_CREAT|O_EXCL,0644))>=0) {
data/hpsockd-0.17/src/sockd/util.c:633:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
negotFd=open(config.daemon.negotFile,O_RDWR);
data/hpsockd-0.17/src/sockd/util.c:857:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=open(name,O_WRONLY|O_CREAT|O_EXCL,0600);
data/hpsockd-0.17/src/sockd/v4.c:103:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
*dest=ATYP_V4; memcpy(dest+1,&req->destIP,4);
data/hpsockd-0.17/src/sockd/v4.c:332:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&v5->destAddr,&req->destIP,4);
data/hpsockd-0.17/src/sockd/v4.c:333:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v5+1,&req->port,sizeof(req->port));
data/hpsockd-0.17/src/sockd/v4.h:39:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[4]; /* actually whatever it takes... */
data/hpsockd-0.17/src/sockd/v5.c:89:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reply->destAddr,&sin->sin_addr,4);
data/hpsockd-0.17/src/sockd/v5.c:90:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reply->destAddr+4,&sin->sin_port,sizeof(sin->sin_port));
data/hpsockd-0.17/src/sockd/v5.c:95:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reply->destAddr,&sin->sin_addr,16);
data/hpsockd-0.17/src/sockd/v5.c:96:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reply->destAddr+16,&sin->sin_port,sizeof(sin->sin_port));
data/hpsockd-0.17/src/sockd/v5.c:107:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sin->sin_addr,req->destAddr,4);
data/hpsockd-0.17/src/sockd/v5.c:108:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sin->sin_port,req->destAddr+4,sizeof(short));
data/hpsockd-0.17/src/sockd/v5.c:115:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sin->sin_addr,req->destAddr,16);
data/hpsockd-0.17/src/sockd/v5.c:116:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sin->sin_port,req->destAddr+16,sizeof(short));
data/hpsockd-0.17/src/sockd/v5.c:201:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/hpsockd-0.17/src/sockd/v5.c:202:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name,"COMMAND_%d",conn->req->cmd);
data/hpsockd-0.17/src/sockd/v5.c:267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[256];
data/hpsockd-0.17/src/sockd/v5.c:293:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(domain,req->destAddr+1,*req->destAddr);
data/hpsockd-0.17/src/sockd/v5.c:314:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req->destAddr,hent->h_addr_list[0],hent->h_length);
data/hpsockd-0.17/src/sockd/v5.c:315:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req->destAddr+hent->h_length,&port,sizeof(port));
data/hpsockd-0.17/src/sockd/v5command.c:159:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
c+=ADDRLEN(c); memcpy(&portNum,c,sizeof(u_short));
data/hpsockd-0.17/src/sockd/v5command.c:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char escapeBuf[256];
data/hpsockd-0.17/src/sockd/v5command.c:206:36: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: escape=escapeBuf; sprintf(escapeBuf,"%d",conn->req->cmd); break;
data/hpsockd-0.17/src/sockd/v5command.c:211:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(escapeBuf,"%d", getpid());
data/hpsockd-0.17/src/sockd/v5command.c:219:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(escapeBuf,"%d",ntohs(portNum));
data/hpsockd-0.17/src/sockd/v5command.c:227:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(escapeBuf,"%d",ntohs(portNum));
data/hpsockd-0.17/src/sockd/v5udp.c:62:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&src,req->destAddr,4);
data/hpsockd-0.17/src/sockd/v5udp.c:69:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req->destAddr,&client->sin.sin_addr.s_addr,4);
data/hpsockd-0.17/src/sockd/v5udp.c:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[2048];
data/hpsockd-0.17/src/sockd/v5udp.c:247:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vfBuf,info->in.dataStart,fromLen);
data/hpsockd-0.17/src/sockd/v5udp.c:283:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(validateReq,req,headLen);
data/hpsockd-0.17/src/sockd/v5udp.c:292:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->in.dataStart,vfrom,fromLen);
data/hpsockd-0.17/src/sockd/v5udp.c:336:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c,buf,len), c+=len;
data/hpsockd-0.17/src/util/btree.c:221:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy(newNode->e,pn->e+pn->nel,newNode->nel*sizeof(elem_t));
data/hpsockd-0.17/src/util/btree.c:533:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indent[300];
data/hpsockd-0.17/src/util/inet_ntoa.c:42:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[NUM_ADDR][ADDR_SLEN];
data/hpsockd-0.17/src/util/inet_ntoa.c:67:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[NUM_ADDR][ADDR_SLEN];
data/hpsockd-0.17/src/util/inetdsec.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/hpsockd-0.17/src/util/inetdsec.c:88:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
securep = fopen(security_file, "r");
data/hpsockd-0.17/src/util/inetdsec.c:191:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char store[100]; /*** internet specifies 60 chars, + some ***/
data/hpsockd-0.17/src/util/inetdsec.c:192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *list[4];
data/hpsockd-0.17/src/util/inetdsec.c:245:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
low = (byte)atoi(list[i]);
data/hpsockd-0.17/src/util/inetdsec.c:246:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
high = (byte)atoi(cp);
data/hpsockd-0.17/src/util/inetdsec.c:268:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = (byte)atoi(list[i]);
data/hpsockd-0.17/src/sockd/dns.c:328:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name)>255)
data/hpsockd-0.17/src/sockd/dns.c:373:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
reply->hostent.h_name=next; strcpy(next,req->req.name); next+=strlen(req->req.name)+1;
data/hpsockd-0.17/src/sockd/log2ascii.c:38:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r=read(fd,buf,size);
data/hpsockd-0.17/src/sockd/logging.c:106:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i=strlen(conn->user)&0xff; *p++=i; memcpy(p,conn->user,i); p+=i; /* name limited to 255 octets */
data/hpsockd-0.17/src/sockd/methods.c:67:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infoName=malloc(strlen(name)+5);
data/hpsockd-0.17/src/sockd/signal.c:95:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name=malloc(strlen(base)+30);
data/hpsockd-0.17/src/sockd/signal.c:98:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name=malloc(strlen(base)+30);
data/hpsockd-0.17/src/sockd/signal.c:151:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name=malloc(strlen(base)+30);
data/hpsockd-0.17/src/sockd/signal.c:154:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name=malloc(strlen(base)+30);
data/hpsockd-0.17/src/sockd/signal.c:177:52: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
fprintf(f,"\tumask\t\t0o%03o;\n",config.daemon.umask);
data/hpsockd-0.17/src/sockd/signal.c:392:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name=malloc(strlen(base)+30);
data/hpsockd-0.17/src/sockd/sockd.c:499:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(syslogName,config.daemon.name,sizeof(syslogName));
data/hpsockd-0.17/src/sockd/sockd.c:502:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(config.daemon.umask);
data/hpsockd-0.17/src/sockd/sockd.c:502:22: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(config.daemon.umask);
data/hpsockd-0.17/src/sockd/sockd.h:278:10: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
int umask;
data/hpsockd-0.17/src/sockd/usage.c:169:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(c+strlen(c),b?"%09d":"%d",a);
data/hpsockd-0.17/src/sockd/usage.c:170:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(c+strlen(c),(a||b)?"%09d":"%d",l);
data/hpsockd-0.17/src/sockd/usage.c:245:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r=read(fd,buf,size);
data/hpsockd-0.17/src/sockd/userpass.c:72:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key.size = strlen(user);
data/hpsockd-0.17/src/sockd/userpass.c:79:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (data.size==strlen(pass) && memcmp(data.data,pass,data.size)==0) {
data/hpsockd-0.17/src/sockd/util.c:786:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
register int len=strlen(name);
data/hpsockd-0.17/src/sockd/util.c:846:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name=malloc(strlen(base)+30);
data/hpsockd-0.17/src/sockd/util.c:849:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name=malloc(strlen(base)+30);
data/hpsockd-0.17/src/sockd/v5command.c:72:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
client->peer->TCP_RECV=(recvFunc*)read;
data/hpsockd-0.17/src/sockd/v5command.c:177:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len= (c) ? (c-srcCmd) : strlen(srcCmd);
data/hpsockd-0.17/src/sockd/v5command.c:191:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(srcName)>255)
data/hpsockd-0.17/src/sockd/v5command.c:249:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(destName)>255)
data/hpsockd-0.17/src/sockd/v5command.c:272:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
need=len+strlen(escape);
data/hpsockd-0.17/src/sockd/v5command.c:285:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmd,srcCmd,len), srcCmd+=len+2, cmd+=len;
data/hpsockd-0.17/src/sockd/v5command.c:296:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(cmd,escape), cmd+=strlen(escape);
data/hpsockd-0.17/src/util/inetdsec.c:119:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastp = &buf[strlen(buf)];
data/hpsockd-0.17/src/util/inetdsec.c:151:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = &p[strlen(p)];
data/hpsockd-0.17/src/util/inetdsec.c:197:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strspn(string,"0123456789-*.") != strlen(string) )
data/hpsockd-0.17/src/util/inetdsec.c:201:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(store,string,sizeof(store));
data/hpsockd-0.17/src/util/inetdsec.c:342:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lensafe = strlen(safe.list);
data/hpsockd-0.17/src/util/inetdsec.c:374:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(p);
data/hpsockd-0.17/src/util/inetdsec.c:411:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cp) == strspn(cp, " \t\f\r\n"))
ANALYSIS SUMMARY:
Hits = 169
Lines analyzed = 8104 in approximately 0.28 seconds (28672 lines/second)
Physical Source Lines of Code (SLOC) = 6142
Hits@level = [0] 289 [1] 37 [2] 106 [3] 4 [4] 22 [5] 0
Hits@level+ = [0+] 458 [1+] 169 [2+] 132 [3+] 26 [4+] 22 [5+] 0
Hits/KSLOC@level+ = [0+] 74.5685 [1+] 27.5155 [2+] 21.4914 [3+] 4.23315 [4+] 3.5819 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.