Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libapache2-mod-auth-cas-1.2/src/cas_saml_attr.c
Examining data/libapache2-mod-auth-cas-1.2/src/cas_saml_attr.h
Examining data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c
Examining data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.h
Examining data/libapache2-mod-auth-cas-1.2/tests/ap_stubs.c
Examining data/libapache2-mod-auth-cas-1.2/tests/cas_saml_attr_test.c
Examining data/libapache2-mod-auth-cas-1.2/tests/cas_saml_attr_test.h
Examining data/libapache2-mod-auth-cas-1.2/tests/curl_stubs.c
Examining data/libapache2-mod-auth-cas-1.2/tests/curl_stubs.h
Examining data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c
Examining data/libapache2-mod-auth-cas-1.2/tests/openssl_stubs.c
FINAL RESULTS:
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1022:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if(sscanf(val, "%" APR_TIME_T_FMT, &(cache->issued)) != 1) {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1032:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if(sscanf(val, "%" APR_TIME_T_FMT, &(cache->lastactive)) != 1) {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1118:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if(sscanf(line, "%" APR_TIME_T_FMT, &lastClean) != 1) { /* corrupt file */
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:167:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&c->CASLoginURL, &base->CASLoginURL, sizeof(apr_uri_t));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:169:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&c->CASLoginURL, &add->CASLoginURL, sizeof(apr_uri_t));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:172:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&c->CASValidateURL, &base->CASValidateURL, sizeof(apr_uri_t));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:174:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&c->CASValidateURL, &add->CASValidateURL, sizeof(apr_uri_t));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:177:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&c->CASProxyValidateURL, &base->CASProxyValidateURL, sizeof(apr_uri_t));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:179:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&c->CASProxyValidateURL, &add->CASProxyValidateURL, sizeof(apr_uri_t));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:182:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&c->CASRootProxiedAs, &base->CASRootProxiedAs, sizeof(apr_uri_t));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:184:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&c->CASRootProxiedAs, &add->CASRootProxiedAs, sizeof(apr_uri_t));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:258:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(value);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:296:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(value);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:331:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(value);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:338:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(value);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:345:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(value);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:353:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(value);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:888:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p, "%%%x", charsToEncode[i]);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:915:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[CAS_MAX_ERROR_SIZE];
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1085:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[64];
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1288:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[CAS_MAX_ERROR_SIZE];
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1342:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[APR_MD5_DIGESTSIZE*2+1];
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1790:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(curlBuffer->buf, oldBuf, curlBuffer->written);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1791:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(curlBuffer->buf[curlBuffer->written]), ptr, realsize);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1816:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curlError[CURL_ERROR_SIZE];
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1890:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&validateURL, &c->CASValidateURL, sizeof(apr_uri_t));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2794:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1024];
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2814:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + offset, bucketData, (sizeof(data) - offset) - 1); // copy what we can into the space remaining
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2817:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + offset, bucketData, len);
data/libapache2-mod-auth-cas-1.2/tests/ap_stubs.c:150:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res, *line, len);
data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:289:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&c->CASLoginURL, &parsed_url, sizeof(apr_uri_t));
data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:365:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&c->CASRootProxiedAs, &parsed_url, sizeof(apr_uri_t));
data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:1451:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cfg->CASLoginURL, &login, sizeof(apr_uri_t));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:308:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(f.filetype != APR_DIR || value[strlen(value)-1] != '/')
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:360:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
limit = strlen(value);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:373:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
limit = strlen(value);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:475:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(p) - 1; i > 0; i--)
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:493:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(d->CASGateway, requestPath, strlen(d->CASGateway)) == 0)
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:503:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(d->CASRenew, requestPath, strlen(d->CASRenew)) == 0)
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:513:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(d->CASScope, requestPath, strlen(d->CASScope)) == 0)
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:536:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(d->CASGateway != NULL && strncmp(d->CASGateway, r->parsed_uri.path, strlen(d->CASGateway)) == 0 && c->CASVersion > 1) { /* gateway not supported in CAS v1 */
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:546:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(d->CASRenew != NULL && strncmp(d->CASRenew, r->parsed_uri.path, strlen(d->CASRenew)) == 0) {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:659:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ticket_sz = strlen(ticket);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:738:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t k_ticket_param_sz = strlen(k_ticket_param);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:740:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(r->args == NULL || strlen(r->args) == 0)
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:743:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
args = apr_pstrndup(r->pool, r->args, strlen(r->args));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:770:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(cookie, cookieName, strlen(cookieName)) == 0) {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:772:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cookie += (strlen(cookieName)+1);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:868:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = newsz = strlen(str);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:869:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
limit = strlen(charsToEncode);
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:924:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name) != APR_MD5_DIGESTSIZE*2) {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:926:147: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "Invalid cache cookie length for '%s', (expecting %d, got %d)", name, APR_MD5_DIGESTSIZE*2, (int) strlen(name));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:944:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(fi.filetype != APR_DIR || c->CASCookiePath[strlen(c->CASCookiePath)-1] != '/') {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1020:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cache->user = apr_pstrndup(r->pool, val, strlen(val));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1042:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cache->path = apr_pstrndup(r->pool, val, strlen(val));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1048:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cache->ticket = apr_pstrndup(r->pool, val, strlen(val));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1215:134: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "MOD_AUTH_CAS: Cookie file '%s' could not be created: %s", path, apr_strerror(i, name, strlen(name)));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1222:134: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "MOD_AUTH_CAS: Cookie file '%s' could not be opened: %s", path, apr_strerror(i, name, strlen(name)));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1325:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = (char *) ap_md5_binary(r->pool, (const unsigned char *) ticket, (int) strlen(ticket));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1350:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ticket = (char *) ap_md5_binary(r->pool, (unsigned char *) ticketname, (int) strlen(ticketname));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1403:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(apr_xml_parser_feed(parser, body, strlen(body)) != APR_SUCCESS) {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1447:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ticket = (char *) ap_md5_binary(r->pool, (unsigned char *) e.ticket, strlen(e.ticket));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1478:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) == 0) {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1491:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line == NULL || strlen(line) == 0) {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1496:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*user = apr_pstrndup(r->pool, line, strlen(line));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1500:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(apr_xml_parser_feed(parser, response, strlen(response)) != APR_SUCCESS) {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1737:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncasecmp(cache.path, getCASScope(r), strlen(getCASScope(r))) != 0) {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1745:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*user = apr_pstrndup(r->pool, cache.user, strlen(cache.user));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1910:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rv = apr_pstrndup(r->pool, curlBuffer.buf, strlen(curlBuffer.buf));
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1976:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int prefix_len = attr_prefix ? strlen(attr_prefix) : 0;
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2087:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(ns); i++) {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2172:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(d->CASGateway != NULL && strncmp(d->CASGateway, r->parsed_uri.path, strlen(d->CASGateway)) == 0 && ticket == NULL && cookieString == NULL) {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2402:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == pcre_exec(preg, NULL, val->value, (int)strlen(val->value), 0, 0, NULL, 0)) {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2675:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(f.filetype != APR_DIR || c->CASCookiePath[strlen(c->CASCookiePath)-1] != '/') {
data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2823:125: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, f->c->base_server, "read %lu bytes (%s) from incoming buckets\n", (unsigned long) strlen(data), data);
data/libapache2-mod-auth-cas-1.2/tests/curl_stubs.c:31:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c->writefunc((void *)curl_response, sizeof(char), strlen(curl_response), c->data);
data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:661:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(contents);
data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:725:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = 0; i < strlen(rv); i++) {
data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:967:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cas_curl_write(data, sizeof(char), sizeof(char)*strlen(data), &cb);
data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:970:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fail_unless(cb.written == strlen(data));
data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:1323:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l1 = strlen(rnd1);
data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:1324:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l2 = strlen(rnd2);
ANALYSIS SUMMARY:
Hits = 82
Lines analyzed = 5625 in approximately 0.22 seconds (25815 lines/second)
Physical Source Lines of Code (SLOC) = 4115
Hits@level = [0] 0 [1] 49 [2] 30 [3] 0 [4] 3 [5] 0
Hits@level+ = [0+] 82 [1+] 82 [2+] 33 [3+] 3 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 19.9271 [1+] 19.9271 [2+] 8.01944 [3+] 0.72904 [4+] 0.72904 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.