Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/hunt-1.5/addpolicy.c
Examining data/hunt-1.5/arphijack.c
Examining data/hunt-1.5/arpspoof.c
Examining data/hunt-1.5/hijack.c
Examining data/hunt-1.5/macdisc.c
Examining data/hunt-1.5/menu.c
Examining data/hunt-1.5/options.c
Examining data/hunt-1.5/resolv.c
Examining data/hunt-1.5/rst.c
Examining data/hunt-1.5/rstd.c
Examining data/hunt-1.5/sniff.c
Examining data/hunt-1.5/synchijack.c
Examining data/hunt-1.5/tap.c
Examining data/hunt-1.5/tty.c
Examining data/hunt-1.5/util.c
Examining data/hunt-1.5/c/list.c
Examining data/hunt-1.5/c/list.h
Examining data/hunt-1.5/c/spinlock.h
Examining data/hunt-1.5/c/hash.h
Examining data/hunt-1.5/c/hash.c
Examining data/hunt-1.5/c/array.h
Examining data/hunt-1.5/c/array.c
Examining data/hunt-1.5/timer.c
Examining data/hunt-1.5/tpserv/tpserv.c
Examining data/hunt-1.5/pktrelay.c
Examining data/hunt-1.5/hostup.c
Examining data/hunt-1.5/hunt.c
Examining data/hunt-1.5/hunt.h
Examining data/hunt-1.5/main.c
Examining data/hunt-1.5/net.c
FINAL RESULTS:
data/hunt-1.5/addpolicy.c:79:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(host_buf, "%s/%d [%s]", host_lookup(api->src_addr, hl_mode),
data/hunt-1.5/c/array.c:268:12: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
retval = vprintf(format, ap);
data/hunt-1.5/c/hash.c:439:12: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
retval = vprintf(format, ap);
data/hunt-1.5/c/list.c:421:12: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
retval = vprintf(format, ap);
data/hunt-1.5/hunt.c:914:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
return sprintf(b, "%*s", where - pos, "");
data/hunt-1.5/hunt.c:953:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
b += sprintf(b, "%d) %s [%s]", i,
data/hunt-1.5/hunt.c:958:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
b += sprintf(b, "%s [%s]\n",
data/hunt-1.5/menu.c:37:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, dfl);
data/hunt-1.5/menu.c:344:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buf_p += sprintf(buf_p, "%s/%d", host_lookup(dfl_ip, hl_mode), count_mask(dfl_mask));
data/hunt-1.5/menu.c:491:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, dfl);
data/hunt-1.5/menu.c:565:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(__label, "%s %s", label, str);
data/hunt-1.5/options.c:224:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf_menu,
data/hunt-1.5/pktrelay.c:225:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s/%d [%s]", host_lookup(ri->src_addr, hl_mode),
data/hunt-1.5/pktrelay.c:232:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(flags, "ETH RELAY to %s", ri->ethtap_name);
data/hunt-1.5/pktrelay.c:282:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name_buf2, name_buf);
data/hunt-1.5/pktrelay.c:359:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name_buf2, name_buf);
data/hunt-1.5/resolv.c:223:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(res->name, name);
data/hunt-1.5/resolv.c:455:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((retval = hostname_buf + hostname_idx), name);
data/hunt-1.5/resolv.c:527:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((retval = servname_buf + servname_idx), name);
data/hunt-1.5/rstd.c:228:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s/%d [%s]", host_lookup(dbi->src_addr, hl_mode),
data/hunt-1.5/sniff.c:132:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
b += sprintf(b, "%s for X ", str_srch_mode);
data/hunt-1.5/sniff.c:133:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
b += sprintf(b, "log %s %dB", str_log_mode, si->log_bytes);
data/hunt-1.5/sniff.c:135:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(host_buf, "%s/%d [%s]", host_lookup(si->src_addr, hl_mode),
data/hunt-1.5/sniff.c:226:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name_buf, "%s/%s:%d_%s:%d",
data/hunt-1.5/sniff.c:234:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name, file_name_buf);
data/hunt-1.5/sniff.c:236:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s_%d", file_name_buf, ++i);
data/hunt-1.5/sniff.c:508:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(SNIFF_FILE_DIR " isn't directory\n");
data/hunt-1.5/sniff.c:514:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(SNIFF_FILE_DIR " can't be created\n");
data/hunt-1.5/sniff.c:519:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(SNIFF_FILE_DIR " error\n");
data/hunt-1.5/sniff.c:616:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(host_buf, "%s [%s]",
data/hunt-1.5/sniff.c:690:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s/%s", SNIFF_FILE_DIR, file_name_buf);
data/hunt-1.5/synchijack.c:145:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
msg_len = sprintf(buf, suggest_sync_msg(1), need_read);
data/hunt-1.5/synchijack.c:245:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fin_msg, suggest_sync_msg(0));
data/hunt-1.5/tpserv/tpserv.c:71:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(f, format, va);
data/hunt-1.5/tpserv/tpserv.c:74:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), format, va);
data/hunt-1.5/tpserv/tpserv.c:86:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(p, "from %s:%d", inet_ntoa(from_addr->sin_addr), ntohs(from_addr->sin_port));
data/hunt-1.5/tpserv/tpserv.c:87:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(p, " to %s:%d", inet_ntoa(to_addr->sin_addr), ntohs(to_addr->sin_port));
data/hunt-1.5/util.c:294:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buf += sprintf(buf, "%s:%s ",
data/hunt-1.5/util.c:300:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buf += sprintf(buf, "%s ", port_lookup(ports[i], hl_mode));
data/hunt-1.5/c/array.c:282:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((i = getopt(argc, argv, "vi:")) != -1) {
data/hunt-1.5/c/hash.c:454:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((i = getopt(argc, argv, "vi:")) != -1) {
data/hunt-1.5/c/list.c:458:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((i = getopt(argc, argv, "vi:")) != -1) {
data/hunt-1.5/main.c:475:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "vVi:")) != EOF) {
data/hunt-1.5/tpserv/tpserv.c:259:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "p:h?vVDc")) != EOF) {
data/hunt-1.5/addpolicy.c:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_src_ports[BUFSIZE], buf_dst_ports[BUFSIZE];
data/hunt-1.5/addpolicy.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host_buf[BUFSIZE];
data/hunt-1.5/addpolicy.c:126:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(api->src_ports, src_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/addpolicy.c:130:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(api->dst_ports, dst_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/addpolicy.c:162:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(api->src_ports, src_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/addpolicy.c:165:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(api->dst_ports, dst_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/arphijack.c:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/hunt-1.5/arpspoof.c:25:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src_fake_mac[ETH_ALEN];
data/hunt-1.5/arpspoof.c:47:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_broadcast[ETH_ALEN] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
data/hunt-1.5/arpspoof.c:48:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac_zero[ETH_ALEN] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
data/hunt-1.5/arpspoof.c:136:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(asi->dst_mac, mi_dst->mac, ETH_ALEN);
data/hunt-1.5/arpspoof.c:146:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(asi->src_mac, mi_src->mac, ETH_ALEN);
data/hunt-1.5/arpspoof.c:220:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(asi->dst_mac, arpethh->ar_tha, ETH_ALEN);
data/hunt-1.5/arpspoof.c:225:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(asi->src_mac, arpethh->ar_sha, ETH_ALEN);
data/hunt-1.5/arpspoof.c:251:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(asi->dst_mac, arpethh->ar_sha, ETH_ALEN);
data/hunt-1.5/arpspoof.c:409:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(asi->dst_mac, dst_mac, ETH_ALEN);
data/hunt-1.5/arpspoof.c:413:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(asi->src_mac, src_mac, ETH_ALEN);
data/hunt-1.5/arpspoof.c:442:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(asi->src_fake_mac, src_fake_mac, ETH_ALEN);
data/hunt-1.5/arpspoof.c:444:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(asi->dst_mac, dst_mac, ETH_ALEN);
data/hunt-1.5/arpspoof.c:449:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(asi->src_mac, src_mac, ETH_ALEN);
data/hunt-1.5/arpspoof.c:743:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(asi->src_mac, mi_src->mac, ETH_ALEN);
data/hunt-1.5/arpspoof.c:757:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(asi->dst_mac, p->p_ethh->h_source, ETH_ALEN);
data/hunt-1.5/arpspoof.c:779:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->p_ethh->h_dest, asi->src_mac, ETH_ALEN);
data/hunt-1.5/arpspoof.c:787:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->p_ethh->h_source, asi_dst->src_fake_mac, ETH_ALEN);
data/hunt-1.5/arpspoof.c:796:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->p_ethh->h_source, my_eth_mac, ETH_ALEN);
data/hunt-1.5/arpspoof.c:923:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/arpspoof.c:946:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/arpspoof.c:967:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char src_fake_mac[ETH_ALEN];
data/hunt-1.5/arpspoof.c:970:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/arpspoof.c:1022:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char src_fake_mac[ETH_ALEN];
data/hunt-1.5/arpspoof.c:1024:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/arpspoof.c:1051:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(asr->src_fake_mac, src_fake_mac, ETH_ALEN);
data/hunt-1.5/arpspoof.c:1114:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char src_fake_mac[ETH_ALEN] = {0xEA, 0x1A, 0xDE, 0xAD, 0xBE, 0xEF};
data/hunt-1.5/arpspoof.c:1115:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dst_fake_mac[ETH_ALEN] = {0xEA, 0x1A, 0xDE, 0xAD, 0xBE, 0xEE};
data/hunt-1.5/arpspoof.c:1117:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char src_fake_mac[ETH_ALEN] = {0x00, 0x60, 0x08, 0xBE, 0x91, 0xEF};
data/hunt-1.5/arpspoof.c:1118:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dst_fake_mac[ETH_ALEN] = {0x00, 0x60, 0x08, 0xBE, 0x91, 0xEE};
data/hunt-1.5/arpspoof.c:1119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/arpspoof.c:1365:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(asi->dst_mac, mi_dst->mac, ETH_ALEN);
data/hunt-1.5/arpspoof.c:1416:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mac_buf[64];
data/hunt-1.5/c/array.c:288:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
MAX_ITEMS = atoi(optarg);
data/hunt-1.5/c/hash.c:460:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
MAX_ITEMS = atoi(optarg);
data/hunt-1.5/c/list.c:464:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
MAX_ITEMS = atoi(optarg);
data/hunt-1.5/hostup.c:235:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf_mac[BUFSIZE], fake_mac[ETH_ALEN];
data/hunt-1.5/hunt.c:91:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->p_raw, src->p_raw, src->p_raw_len);
data/hunt-1.5/hunt.c:104:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->p_arg, src->p_arg, sizeof(src->p_arg));
data/hunt-1.5/hunt.c:339:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(h_src->dst_mac, p->p_ethh->h_dest, ETH_ALEN);
data/hunt-1.5/hunt.c:340:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(h_src->src_mac, p->p_ethh->h_source, ETH_ALEN);
data/hunt-1.5/hunt.c:347:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(h_dst->dst_mac, h_src->src_mac, ETH_ALEN);
data/hunt-1.5/hunt.c:348:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(h_dst->src_mac, h_src->dst_mac, ETH_ALEN);
data/hunt-1.5/hunt.c:416:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(h_src->dst_mac, p->p_ethh->h_dest, ETH_ALEN);
data/hunt-1.5/hunt.c:417:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(h_src->src_mac, p->p_ethh->h_source, ETH_ALEN);
data/hunt-1.5/hunt.c:731:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/hunt-1.5/hunt.c:957:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
b += sprintf(b, " --> ");
data/hunt-1.5/hunt.c:963:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
b += sprintf(b, " seq=(%u) ack=(%u)",
data/hunt-1.5/hunt.c:966:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
b += sprintf(b, " seq=(%u) ack=(%u)\n",
data/hunt-1.5/hunt.c:971:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
b += sprintf(b, " src mac=");
data/hunt-1.5/hunt.c:974:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
b += sprintf(b, " src mac=");
data/hunt-1.5/hunt.c:979:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
b += sprintf(b, " dst mac=");
data/hunt-1.5/hunt.c:982:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
b += sprintf(b, " dst mac=");
data/hunt-1.5/hunt.c:1008:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/hunt.h:61:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char my_eth_mac[ETH_ALEN];
data/hunt-1.5/hunt.h:87:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[4];
data/hunt-1.5/hunt.h:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_raw[ETH_FRAME_LEN]; /* 1514 */
data/hunt-1.5/hunt.h:154:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char src_mac[ETH_ALEN];
data/hunt-1.5/hunt.h:155:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dst_mac[ETH_ALEN];
data/hunt-1.5/hunt.h:212:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char src_fake_mac[ETH_ALEN];
data/hunt-1.5/hunt.h:213:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char src_mac[ETH_ALEN];
data/hunt-1.5/hunt.h:214:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dst_mac[ETH_ALEN];
data/hunt-1.5/hunt.h:237:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ar_sha[ETH_ALEN]; /* sender hardware address */
data/hunt-1.5/hunt.h:238:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ar_sip[4]; /* sender IP address */
data/hunt-1.5/hunt.h:239:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ar_tha[ETH_ALEN]; /* target hardware address */
data/hunt-1.5/hunt.h:240:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ar_tip[4]; /* target IP address */
data/hunt-1.5/hunt.h:244:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mac[ETH_ALEN];
data/hunt-1.5/hunt.h:430:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char __suggest_mac[ETH_ALEN];
data/hunt-1.5/hunt.h:518:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char mac_broadcast[ETH_ALEN];
data/hunt-1.5/hunt.h:519:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char mac_zero[ETH_ALEN];
data/hunt-1.5/main.c:66:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uci, &arr_uci[i], sizeof(struct user_conn_info));
data/hunt-1.5/main.c:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[256];
data/hunt-1.5/main.c:154:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pbuf, p->p_data, pbuf_len);
data/hunt-1.5/main.c:233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdbuf[256];
data/hunt-1.5/main.c:280:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char __src_fake_mac[ETH_ALEN] = {0xEA, 0x1A, 0xDE, 0xAD, 0xBE, 0xEF};
data/hunt-1.5/main.c:281:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char __dst_fake_mac[ETH_ALEN] = {0xEA, 0x1A, 0xDE, 0xAD, 0xBE, 0xEE};
data/hunt-1.5/main.c:284:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/menu.c:103:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_ports, ports, sizeof(int) * count);
data/hunt-1.5/menu.c:175:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac[ETH_ALEN];
data/hunt-1.5/menu.c:194:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mac_ret, mac, ETH_ALEN);
data/hunt-1.5/menu.c:218:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64], __dfl_buf[64], *dfl_buf;
data/hunt-1.5/menu.c:228:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(__dfl_buf, "%d", dfl);
data/hunt-1.5/menu.c:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/menu.c:251:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mac_ret, my_eth_mac, ETH_ALEN);
data/hunt-1.5/menu.c:261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/hunt-1.5/menu.c:276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/menu.c:289:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/hunt-1.5/menu.c:332:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_ports, ports, sizeof(ports));
data/hunt-1.5/menu.c:341:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dfl[256], *buf_p;
data/hunt-1.5/menu.c:408:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/hunt-1.5/menu.c:474:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/menu.c:499:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_buf, buf, min_len);
data/hunt-1.5/menu.c:554:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char __label[128], *lbl;
data/hunt-1.5/menu.c:555:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/hunt-1.5/menu.c:556:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char __buf_dfl[2], *buf_dfl;
data/hunt-1.5/net.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048], *data;
data/hunt-1.5/net.c:49:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eth->h_dest, ts->dst_mac, ETH_ALEN);
data/hunt-1.5/net.c:50:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eth->h_source, ts->src_mac, ETH_ALEN);
data/hunt-1.5/net.c:58:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, ts->data, ts->data_len);
data/hunt-1.5/net.c:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048], *data;
data/hunt-1.5/net.c:112:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eth->h_dest, is->dst_mac, ETH_ALEN);
data/hunt-1.5/net.c:113:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eth->h_source, is->src_mac, ETH_ALEN);
data/hunt-1.5/net.c:125:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, is->data, is->data_len);
data/hunt-1.5/net.c:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/hunt-1.5/net.c:224:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eth->h_dest, as->dst_mac, ETH_ALEN);
data/hunt-1.5/net.c:225:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eth->h_source, as->src_mac, ETH_ALEN);
data/hunt-1.5/net.c:236:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arpeth->ar_sha, as->sender_mac, ETH_ALEN);
data/hunt-1.5/net.c:240:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arpeth->ar_tha, as->target_mac, ETH_ALEN);
data/hunt-1.5/net.c:294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src_mac[6] = {0x00, 0x60, 0x97, 0x75, 0xA4, 0xA4};
data/hunt-1.5/net.c:295:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_mac[6] = {0x00, 0x60, 0x97, 0x72, 0x4E, 0xB5};
data/hunt-1.5/net.c:296:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sender[6] = {0xEA, 0x1A, 0xDE, 0xAD, 0xBE, 0xEF};
data/hunt-1.5/options.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/hunt-1.5/options.c:51:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf_mac[ETH_ALEN];
data/hunt-1.5/options.c:56:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__suggest_mac, buf_mac, sizeof(buf_mac));
data/hunt-1.5/options.c:216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_menu[2048];
data/hunt-1.5/options.c:217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_mac[128];
data/hunt-1.5/pktrelay.c:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ethtap_mac[ETH_ALEN];
data/hunt-1.5/pktrelay.c:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/hunt-1.5/pktrelay.c:166:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p_new->p_ethh->h_dest, ri->ethtap_mac, ETH_ALEN);
data/hunt-1.5/pktrelay.c:179:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + len, &hdr, sizeof(struct ethhdr));
data/hunt-1.5/pktrelay.c:182:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + len, p->p_raw + sizeof(struct ethhdr), p->p_raw_len - sizeof(struct ethhdr));
data/hunt-1.5/pktrelay.c:219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_src_ports[BUFSIZE], buf_dst_ports[BUFSIZE];
data/hunt-1.5/pktrelay.c:220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/pktrelay.c:221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flags[BUFSIZE];
data/hunt-1.5/pktrelay.c:229:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(flags, "DROP");
data/hunt-1.5/pktrelay.c:263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buf[128], name_buf2[256];
data/hunt-1.5/pktrelay.c:264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ethtap_mac[ETH_ALEN];
data/hunt-1.5/pktrelay.c:281:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name_buf2, "/dev/");
data/hunt-1.5/pktrelay.c:283:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((ethtap_fd = open(name_buf2, O_RDWR)) < 0) {
data/hunt-1.5/pktrelay.c:295:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ri->src_ports, src_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/pktrelay.c:299:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ri->dst_ports, dst_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/pktrelay.c:308:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ri->ethtap_mac, ethtap_mac, ETH_ALEN);
data/hunt-1.5/pktrelay.c:322:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buf[128], name_buf2[256];
data/hunt-1.5/pktrelay.c:358:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name_buf2, "/dev/");
data/hunt-1.5/pktrelay.c:360:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((ethtap_fd = open(name_buf2, O_RDWR)) < 0) {
data/hunt-1.5/pktrelay.c:372:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ri->src_ports, src_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/pktrelay.c:375:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ri->dst_ports, dst_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/resolv.c:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[0]; /* little trick, see later */
data/hunt-1.5/resolv.c:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/hunt-1.5/resolv.c:184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/hunt-1.5/resolv.c:331:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/hunt-1.5/resolv.c:413:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hostname_buf[BUFSIZE] = {0};
data/hunt-1.5/resolv.c:497:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char servname_buf[BUFSIZE] = {0};
data/hunt-1.5/resolv.c:499:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buf[64];
data/hunt-1.5/resolv.c:520:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "%d", ntohs(serv));
data/hunt-1.5/rstd.c:119:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__ci.src.src_mac, p->p_ethh->h_source, ETH_ALEN);
data/hunt-1.5/rstd.c:120:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__ci.src.dst_mac, p->p_ethh->h_dest, ETH_ALEN);
data/hunt-1.5/rstd.c:127:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__ci.dst.src_mac, right_arp_addr(p->p_ethh->h_dest), ETH_ALEN);
data/hunt-1.5/rstd.c:128:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__ci.dst.dst_mac, spoofed_arp_addr(p->p_ethh->h_source), ETH_ALEN);
data/hunt-1.5/rstd.c:130:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__ci.dst.src_mac, p->p_ethh->h_dest, ETH_ALEN);
data/hunt-1.5/rstd.c:131:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__ci.dst.dst_mac, p->p_ethh->h_source, ETH_ALEN);
data/hunt-1.5/rstd.c:222:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_src_ports[BUFSIZE], buf_dst_ports[BUFSIZE];
data/hunt-1.5/rstd.c:223:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/rstd.c:282:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dbi->src_ports, src_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/rstd.c:286:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dbi->dst_ports, dst_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/rstd.c:331:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dbi->src_ports, src_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/rstd.c:334:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dbi->dst_ports, dst_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/sniff.c:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_src_ports[BUFSIZE], buf_dst_ports[BUFSIZE];
data/hunt-1.5/sniff.c:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *b;
data/hunt-1.5/sniff.c:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host_buf[BUFSIZE];
data/hunt-1.5/sniff.c:217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[BUFSIZE], file_name_buf[BUFSIZE];
data/hunt-1.5/sniff.c:237:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen(file_name, "w"))) {
data/hunt-1.5/sniff.c:463:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&slog->buf[slog->loged_bytes], data, i);
data/hunt-1.5/sniff.c:601:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host_buf[BUFSIZE];
data/hunt-1.5/sniff.c:652:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *buf_p;
data/hunt-1.5/sniff.c:653:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[BUFSIZE], file_name_buf[BUFSIZE];
data/hunt-1.5/sniff.c:691:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen(file_name, "a+"))) {
data/hunt-1.5/sniff.c:706:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(si->src_ports, src_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/sniff.c:710:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(si->dst_ports, dst_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/sniff.c:717:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(si->search, buf_p, len);
data/hunt-1.5/sniff.c:731:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *buf_p;
data/hunt-1.5/sniff.c:781:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(si->src_ports, src_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/sniff.c:784:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(si->dst_ports, dst_ports, sizeof(int) * (MAX_PORTS + 1));
data/hunt-1.5/sniff.c:791:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(si->search, buf_p, len);
data/hunt-1.5/synchijack.c:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/hunt-1.5/synchijack.c:199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1400];
data/hunt-1.5/synchijack.c:240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/synchijack.c:241:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fin_msg[BUFSIZE];
data/hunt-1.5/synchijack.c:255:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, fin_msg, len);
data/hunt-1.5/synchijack.c:266:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + len - fin_msg_len, fin_msg, fin_msg_len);
data/hunt-1.5/synchijack.c:268:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, fin_msg + (fin_msg_len - len), len);
data/hunt-1.5/synchijack.c:338:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512], *w_data;
data/hunt-1.5/synchijack.c:382:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, p->p_data, len);
data/hunt-1.5/tap.c:36:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char my_eth_mac[ETH_ALEN];
data/hunt-1.5/tap.c:99:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(my_eth_mac, ifr.ifr_hwaddr.sa_data, ETH_ALEN);
data/hunt-1.5/tap.c:133:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mac, ifr.ifr_hwaddr.sa_data, ETH_ALEN);
data/hunt-1.5/tpserv/tpserv.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/tpserv/tpserv.c:82:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BUFSIZE];
data/hunt-1.5/tpserv/tpserv.c:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/tpserv/tpserv.c:149:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/hunt-1.5/util.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/hunt-1.5/util.c:61:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "\033[%d;4%d;3%dm", fg / 8, bg % 8, fg % 8);
data/hunt-1.5/util.c:160:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
printf("%X ", ((unsigned char *)data)[i]);
data/hunt-1.5/util.c:225:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(b, "%02X:%02X:%02X:%02X:%02X:%02X",
data/hunt-1.5/util.c:231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/hunt-1.5/util.c:288:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buf += sprintf(buf, "all");
data/hunt-1.5/util.c:345:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char __suggest_mac[ETH_ALEN] = {0xEA, 0x1A, 0xDE, 0xAD, 0xBE, 0x00};
data/hunt-1.5/arphijack.c:60:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((nr = read(0, buf, sizeof(buf)))) {
data/hunt-1.5/hijack.c:217:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdbuf_len = strlen(cmdbuf);
data/hunt-1.5/hunt.c:976:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
b += sprintf(b, "\n");
data/hunt-1.5/hunt.c:984:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
b += sprintf(b, "\n");
data/hunt-1.5/main.c:499:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(my_ifreq.ifr_name, eth_device, IFNAMSIZ);
data/hunt-1.5/menu.c:27:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(label))
data/hunt-1.5/menu.c:346:12: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
buf_p += sprintf(buf_p, " ");
data/hunt-1.5/menu.c:395:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(menucc_label))
data/hunt-1.5/menu.c:481:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(label))
data/hunt-1.5/menu.c:495:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/hunt-1.5/menu.c:522:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("%*s", strlen(head) + 9, " ");
data/hunt-1.5/menu.c:547:2: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getchar();
data/hunt-1.5/net.c:85:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spkt.sa_data, eth_device, sizeof(spkt.sa_data));
data/hunt-1.5/net.c:151:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spkt.sa_data, eth_device, sizeof(spkt.sa_data));
data/hunt-1.5/net.c:246:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spkt.sa_data, eth_device, sizeof(spkt.sa_data));
data/hunt-1.5/net.c:274:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(spkt.sa_data, eth_device, sizeof(spkt.sa_data));
data/hunt-1.5/resolv.c:152:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fd, &r, sizeof(struct res)) == sizeof(struct res)) {
data/hunt-1.5/resolv.c:154:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buf, r.name_len) != r.name_len)
data/hunt-1.5/resolv.c:205:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fd, &req, sizeof(struct req)) == sizeof(struct req)) {
data/hunt-1.5/resolv.c:222:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
res->name_len = strlen(name) + 1;
data/hunt-1.5/resolv.c:335:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(sl->s_fd, buf, sizeof(struct res)) == sizeof(struct res)) {
data/hunt-1.5/resolv.c:337:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(sl->s_fd, res + 1, res->name_len);
data/hunt-1.5/resolv.c:395:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &req, sizeof(struct req)) == sizeof(struct req)) {
data/hunt-1.5/resolv.c:452:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name);
data/hunt-1.5/resolv.c:524:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name);
data/hunt-1.5/sniff.c:326:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_data = memfind(p->p_data, p->p_data_len, si->search, strlen(si->search));
data/hunt-1.5/sniff.c:714:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf_p) + 1;
data/hunt-1.5/sniff.c:788:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf_p) + 1;
data/hunt-1.5/synchijack.c:246:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fin_msg_len = strlen(fin_msg);
data/hunt-1.5/tap.c:58:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, device, IFNAMSIZ);
data/hunt-1.5/tap.c:118:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, ifc_name, IFNAMSIZ);
data/hunt-1.5/tpserv/tpserv.c:139:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((len = read(fd, buf, sizeof(buf))) > 0) {
data/hunt-1.5/tpserv/tpserv.c:181:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((len = read(fd, buf, sizeof(buf))) > 0) {
data/hunt-1.5/tpserv/tpserv.c:193:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((len = read(fd_remote, buf, sizeof(buf))) > 0) {
data/hunt-1.5/util.c:252:4: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getchar();
ANALYSIS SUMMARY:
Hits = 282
Lines analyzed = 12306 in approximately 0.34 seconds (35946 lines/second)
Physical Source Lines of Code (SLOC) = 10275
Hits@level = [0] 227 [1] 35 [2] 203 [3] 5 [4] 39 [5] 0
Hits@level+ = [0+] 509 [1+] 282 [2+] 247 [3+] 44 [4+] 39 [5+] 0
Hits/KSLOC@level+ = [0+] 49.5377 [1+] 27.4453 [2+] 24.0389 [3+] 4.28224 [4+] 3.79562 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.