Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libapache2-mod-auth-cas-1.2/src/cas_saml_attr.c Examining data/libapache2-mod-auth-cas-1.2/src/cas_saml_attr.h Examining data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c Examining data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.h Examining data/libapache2-mod-auth-cas-1.2/tests/ap_stubs.c Examining data/libapache2-mod-auth-cas-1.2/tests/cas_saml_attr_test.c Examining data/libapache2-mod-auth-cas-1.2/tests/cas_saml_attr_test.h Examining data/libapache2-mod-auth-cas-1.2/tests/curl_stubs.c Examining data/libapache2-mod-auth-cas-1.2/tests/curl_stubs.h Examining data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c Examining data/libapache2-mod-auth-cas-1.2/tests/openssl_stubs.c FINAL RESULTS: data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1022:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(val, "%" APR_TIME_T_FMT, &(cache->issued)) != 1) { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1032:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(val, "%" APR_TIME_T_FMT, &(cache->lastactive)) != 1) { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1118:6: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if(sscanf(line, "%" APR_TIME_T_FMT, &lastClean) != 1) { /* corrupt file */ data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:167:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&c->CASLoginURL, &base->CASLoginURL, sizeof(apr_uri_t)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:169:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&c->CASLoginURL, &add->CASLoginURL, sizeof(apr_uri_t)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:172:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&c->CASValidateURL, &base->CASValidateURL, sizeof(apr_uri_t)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:174:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&c->CASValidateURL, &add->CASValidateURL, sizeof(apr_uri_t)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:177:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&c->CASProxyValidateURL, &base->CASProxyValidateURL, sizeof(apr_uri_t)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:179:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&c->CASProxyValidateURL, &add->CASProxyValidateURL, sizeof(apr_uri_t)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:182:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&c->CASRootProxiedAs, &base->CASRootProxiedAs, sizeof(apr_uri_t)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:184:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&c->CASRootProxiedAs, &add->CASRootProxiedAs, sizeof(apr_uri_t)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:258:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i = atoi(value); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:296:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i = atoi(value); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:331:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i = atoi(value); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:338:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i = atoi(value); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:345:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i = atoi(value); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:353:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i = atoi(value); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:888:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p, "%%%x", charsToEncode[i]); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:915:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[CAS_MAX_ERROR_SIZE]; data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1085:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[64]; data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1288:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[CAS_MAX_ERROR_SIZE]; data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1342:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[APR_MD5_DIGESTSIZE*2+1]; data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1790:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(curlBuffer->buf, oldBuf, curlBuffer->written); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1791:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(curlBuffer->buf[curlBuffer->written]), ptr, realsize); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1816:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char curlError[CURL_ERROR_SIZE]; data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1890:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&validateURL, &c->CASValidateURL, sizeof(apr_uri_t)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2794:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[1024]; data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2814:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data + offset, bucketData, (sizeof(data) - offset) - 1); // copy what we can into the space remaining data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2817:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data + offset, bucketData, len); data/libapache2-mod-auth-cas-1.2/tests/ap_stubs.c:150:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(res, *line, len); data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:289:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&c->CASLoginURL, &parsed_url, sizeof(apr_uri_t)); data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:365:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&c->CASRootProxiedAs, &parsed_url, sizeof(apr_uri_t)); data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:1451:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cfg->CASLoginURL, &login, sizeof(apr_uri_t)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:308:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(f.filetype != APR_DIR || value[strlen(value)-1] != '/') data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:360:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). limit = strlen(value); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:373:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). limit = strlen(value); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:475:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(p) - 1; i > 0; i--) data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:493:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strncmp(d->CASGateway, requestPath, strlen(d->CASGateway)) == 0) data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:503:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strncmp(d->CASRenew, requestPath, strlen(d->CASRenew)) == 0) data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:513:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strncmp(d->CASScope, requestPath, strlen(d->CASScope)) == 0) data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:536:73: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(d->CASGateway != NULL && strncmp(d->CASGateway, r->parsed_uri.path, strlen(d->CASGateway)) == 0 && c->CASVersion > 1) { /* gateway not supported in CAS v1 */ data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:546:69: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(d->CASRenew != NULL && strncmp(d->CASRenew, r->parsed_uri.path, strlen(d->CASRenew)) == 0) { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:659:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ticket_sz = strlen(ticket); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:738:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t k_ticket_param_sz = strlen(k_ticket_param); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:740:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(r->args == NULL || strlen(r->args) == 0) data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:743:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). args = apr_pstrndup(r->pool, r->args, strlen(r->args)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:770:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(cookie, cookieName, strlen(cookieName)) == 0) { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:772:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cookie += (strlen(cookieName)+1); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:868:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size = newsz = strlen(str); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:869:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). limit = strlen(charsToEncode); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:924:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(name) != APR_MD5_DIGESTSIZE*2) { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:926:147: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "Invalid cache cookie length for '%s', (expecting %d, got %d)", name, APR_MD5_DIGESTSIZE*2, (int) strlen(name)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:944:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(fi.filetype != APR_DIR || c->CASCookiePath[strlen(c->CASCookiePath)-1] != '/') { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1020:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cache->user = apr_pstrndup(r->pool, val, strlen(val)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1042:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cache->path = apr_pstrndup(r->pool, val, strlen(val)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1048:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cache->ticket = apr_pstrndup(r->pool, val, strlen(val)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1215:134: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "MOD_AUTH_CAS: Cookie file '%s' could not be created: %s", path, apr_strerror(i, name, strlen(name))); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1222:134: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "MOD_AUTH_CAS: Cookie file '%s' could not be opened: %s", path, apr_strerror(i, name, strlen(name))); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1325:78: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf = (char *) ap_md5_binary(r->pool, (const unsigned char *) ticket, (int) strlen(ticket)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1350:79: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ticket = (char *) ap_md5_binary(r->pool, (unsigned char *) ticketname, (int) strlen(ticketname)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1403:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(apr_xml_parser_feed(parser, body, strlen(body)) != APR_SUCCESS) { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1447:71: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ticket = (char *) ap_md5_binary(r->pool, (unsigned char *) e.ticket, strlen(e.ticket)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1478:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(line) == 0) { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1491:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(line == NULL || strlen(line) == 0) { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1496:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *user = apr_pstrndup(r->pool, line, strlen(line)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1500:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(apr_xml_parser_feed(parser, response, strlen(response)) != APR_SUCCESS) { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1737:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strncasecmp(cache.path, getCASScope(r), strlen(getCASScope(r))) != 0) { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1745:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *user = apr_pstrndup(r->pool, cache.user, strlen(cache.user)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1910:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rv = apr_pstrndup(r->pool, curlBuffer.buf, strlen(curlBuffer.buf)); data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:1976:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int prefix_len = attr_prefix ? strlen(attr_prefix) : 0; data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2087:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(ns); i++) { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2172:73: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(d->CASGateway != NULL && strncmp(d->CASGateway, r->parsed_uri.path, strlen(d->CASGateway)) == 0 && ticket == NULL && cookieString == NULL) { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2402:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (0 == pcre_exec(preg, NULL, val->value, (int)strlen(val->value), 0, 0, NULL, 0)) { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2675:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(f.filetype != APR_DIR || c->CASCookiePath[strlen(c->CASCookiePath)-1] != '/') { data/libapache2-mod-auth-cas-1.2/src/mod_auth_cas.c:2823:125: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, f->c->base_server, "read %lu bytes (%s) from incoming buckets\n", (unsigned long) strlen(data), data); data/libapache2-mod-auth-cas-1.2/tests/curl_stubs.c:31:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). c->writefunc((void *)curl_response, sizeof(char), strlen(curl_response), c->data); data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:661:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sz = strlen(contents); data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:725:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i = 0; i < strlen(rv); i++) { data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:967:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cas_curl_write(data, sizeof(char), sizeof(char)*strlen(data), &cb); data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:970:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fail_unless(cb.written == strlen(data)); data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:1323:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l1 = strlen(rnd1); data/libapache2-mod-auth-cas-1.2/tests/mod_auth_cas_test.c:1324:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l2 = strlen(rnd2); ANALYSIS SUMMARY: Hits = 82 Lines analyzed = 5625 in approximately 0.22 seconds (25815 lines/second) Physical Source Lines of Code (SLOC) = 4115 Hits@level = [0] 0 [1] 49 [2] 30 [3] 0 [4] 3 [5] 0 Hits@level+ = [0+] 82 [1+] 82 [2+] 33 [3+] 3 [4+] 3 [5+] 0 Hits/KSLOC@level+ = [0+] 19.9271 [1+] 19.9271 [2+] 8.01944 [3+] 0.72904 [4+] 0.72904 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.