Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libnss-nisplus-1.3/src/libc-lock.h
Examining data/libnss-nisplus-1.3/src/netgroup.h
Examining data/libnss-nisplus-1.3/src/nisplus-alias.c
Examining data/libnss-nisplus-1.3/src/nisplus-ethers.c
Examining data/libnss-nisplus-1.3/src/nisplus-grp.c
Examining data/libnss-nisplus-1.3/src/nisplus-initgroups.c
Examining data/libnss-nisplus-1.3/src/nisplus-netgrp.c
Examining data/libnss-nisplus-1.3/src/nisplus-network.c
Examining data/libnss-nisplus-1.3/src/nisplus-parser.c
Examining data/libnss-nisplus-1.3/src/nisplus-parser.h
Examining data/libnss-nisplus-1.3/src/nisplus-proto.c
Examining data/libnss-nisplus-1.3/src/nisplus-publickey.c
Examining data/libnss-nisplus-1.3/src/nisplus-pwd.c
Examining data/libnss-nisplus-1.3/src/nisplus-rpc.c
Examining data/libnss-nisplus-1.3/src/nisplus-service.c
Examining data/libnss-nisplus-1.3/src/nisplus-spwd.c
Examining data/libnss-nisplus-1.3/src/nss-nisplus.c
Examining data/libnss-nisplus-1.3/src/nss-nisplus.h
Examining data/libnss-nisplus-1.3/src/nss_loader-test.c
Examining data/libnss-nisplus-1.3/src/nisplus-hosts.c
FINAL RESULTS:
data/libnss-nisplus-1.3/src/nisplus-network.c:433:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf2, inet_ntoa (in));
data/libnss-nisplus-1.3/src/nisplus-publickey.c:209:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (skey, buf);
data/libnss-nisplus-1.3/src/nisplus-alias.c:58:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1);
data/libnss-nisplus-1.3/src/nisplus-alias.c:297:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[strlen (name) + 9 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-ethers.c:112:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1);
data/libnss-nisplus-1.3/src/nisplus-ethers.c:259:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[strlen (name) + 9 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-ethers.c:321:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[26 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-grp.c:61:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1);
data/libnss-nisplus-1.3/src/nisplus-grp.c:299:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[strlen (name) + 9 + grp_tablename_len];
data/libnss-nisplus-1.3/src/nisplus-grp.c:353:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8 + 3 * sizeof (unsigned long int) + grp_tablename_len];
data/libnss-nisplus-1.3/src/nisplus-hosts.c:191:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1);
data/libnss-nisplus-1.3/src/nisplus-hosts.c:378:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[strlen (name) + 10 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-hosts.c:497:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[24 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-hosts.c:576:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((*pat)->addr, host.h_addr_list[0], host.h_length);
data/libnss-nisplus-1.3/src/nisplus-initgroups.c:55:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[strlen (user) + 12 + grp_tablename_len];
data/libnss-nisplus-1.3/src/nisplus-initgroups.c:100:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numstrbuf[len + 1];
data/libnss-nisplus-1.3/src/nisplus-initgroups.c:101:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (numstrbuf, numstr, len);
data/libnss-nisplus-1.3/src/nisplus-netgrp.c:152:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[strlen (group) + 25];
data/libnss-nisplus-1.3/src/nisplus-network.c:158:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1);
data/libnss-nisplus-1.3/src/nisplus-network.c:332:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[strlen (name) + 10 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-network.c:428:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[27 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-network.c:429:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[18];
data/libnss-nisplus-1.3/src/nisplus-parser.c:325:18: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sp->sp_lstchg = atol (line);
data/libnss-nisplus-1.3/src/nisplus-parser.c:333:15: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sp->sp_min = atol (line);
data/libnss-nisplus-1.3/src/nisplus-parser.c:341:15: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sp->sp_max = atol (line);
data/libnss-nisplus-1.3/src/nisplus-parser.c:349:16: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sp->sp_warn = atol (line);
data/libnss-nisplus-1.3/src/nisplus-parser.c:357:17: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sp->sp_inact = atol (line);
data/libnss-nisplus-1.3/src/nisplus-parser.c:365:18: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sp->sp_expire = atol (line);
data/libnss-nisplus-1.3/src/nisplus-parser.c:371:16: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sp->sp_flag = atol (line);
data/libnss-nisplus-1.3/src/nisplus-proto.c:77:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
proto->p_proto = atoi (NISENTRYVAL (0, 2, result));
data/libnss-nisplus-1.3/src/nisplus-proto.c:153:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1);
data/libnss-nisplus-1.3/src/nisplus-proto.c:306:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[strlen (name) + 10 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-proto.c:396:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12 + 3 * sizeof (number) + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-publickey.c:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NIS_MAXNAMELEN + 2];
data/libnss-nisplus-1.3/src/nisplus-publickey.c:110:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pkey, ENTRY_VAL (NIS_RES_OBJECT (res),3), len);
data/libnss-nisplus-1.3/src/nisplus-publickey.c:130:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NIS_MAXNAMELEN + 2];
data/libnss-nisplus-1.3/src/nisplus-publickey.c:195:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, ENTRY_VAL (NIS_RES_OBJECT (res), 4), len);
data/libnss-nisplus-1.3/src/nisplus-publickey.c:253:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_nss_nisplus_netname2user (char netname[MAXNETNAMELEN + 1], uid_t *uidp,
data/libnss-nisplus-1.3/src/nisplus-publickey.c:258:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sname[NIS_MAXNAMELEN + 2]; /* search criteria + table name */
data/libnss-nisplus-1.3/src/nisplus-publickey.c:260:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char principal[NIS_MAXNAMELEN + 1];
data/libnss-nisplus-1.3/src/nisplus-pwd.c:60:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1);
data/libnss-nisplus-1.3/src/nisplus-pwd.c:300:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[strlen (name) + 9 + pwd_tablename_len];
data/libnss-nisplus-1.3/src/nisplus-pwd.c:358:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8 + 3 * sizeof (unsigned long int) + pwd_tablename_len];
data/libnss-nisplus-1.3/src/nisplus-rpc.c:83:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rpc->r_number = atoi (NISENTRYVAL (0, 2, result));
data/libnss-nisplus-1.3/src/nisplus-rpc.c:161:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1);
data/libnss-nisplus-1.3/src/nisplus-rpc.c:315:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[strlen (name) + 10 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-rpc.c:405:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12 + 3 * sizeof (number) + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-service.c:83:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
serv->s_port = htons (atoi (NISENTRYVAL (0, 3, result)));
data/libnss-nisplus-1.3/src/nisplus-service.c:161:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1);
data/libnss-nisplus-1.3/src/nisplus-service.c:314:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[strlen (name) + protocol_len + 17 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-service.c:415:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[17 + 3 * sizeof (int) + strlen (protocol) + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-spwd.c:179:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[strlen (name) + 9 + pwd_tablename_len];
data/libnss-nisplus-1.3/src/nss-nisplus.h:68:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[0];
data/libnss-nisplus-1.3/src/nss_loader-test.c:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwdbuffer[2048];
data/libnss-nisplus-1.3/src/nisplus-alias.c:48:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t local_dir_len = strlen (local_dir);
data/libnss-nisplus-1.3/src/nisplus-alias.c:114:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (alias->alias_name) + 1;
data/libnss-nisplus-1.3/src/nisplus-alias.c:297:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[strlen (name) + 9 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-ethers.c:102:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t local_dir_len = strlen (local_dir);
data/libnss-nisplus-1.3/src/nisplus-ethers.c:259:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[strlen (name) + 9 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-grp.c:51:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t local_dir_len = strlen (local_dir);
data/libnss-nisplus-1.3/src/nisplus-grp.c:69:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
grp_tablename_len = strlen (grp_tablename_val);
data/libnss-nisplus-1.3/src/nisplus-grp.c:299:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[strlen (name) + 9 + grp_tablename_len];
data/libnss-nisplus-1.3/src/nisplus-hosts.c:181:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t local_dir_len = strlen (local_dir);
data/libnss-nisplus-1.3/src/nisplus-hosts.c:378:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[strlen (name) + 10 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-hosts.c:402:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t buflen = strlen (name) + 10 + tablename_len;
data/libnss-nisplus-1.3/src/nisplus-initgroups.c:55:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[strlen (user) + 12 + grp_tablename_len];
data/libnss-nisplus-1.3/src/nisplus-netgrp.c:60:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (buffer, NISENTRYVAL (result->position, 1,
data/libnss-nisplus-1.3/src/nisplus-netgrp.c:152:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[strlen (group) + 25];
data/libnss-nisplus-1.3/src/nisplus-network.c:70:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISENTRYVAL (0, 0, result),
data/libnss-nisplus-1.3/src/nisplus-network.c:74:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (first_unused) + 1;
data/libnss-nisplus-1.3/src/nisplus-network.c:148:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t local_dir_len = strlen (local_dir);
data/libnss-nisplus-1.3/src/nisplus-network.c:332:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[strlen (name) + 10 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-network.c:359:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t buflen = strlen (entryval) + 10 + tablename_len;
data/libnss-nisplus-1.3/src/nisplus-network.c:434:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t b2len = strlen (buf2);
data/libnss-nisplus-1.3/src/nisplus-parser.c:64:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISOBJVAL (0, obj), NISOBJLEN (0, obj));
data/libnss-nisplus-1.3/src/nisplus-parser.c:66:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (first_unused);
data/libnss-nisplus-1.3/src/nisplus-parser.c:76:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISOBJVAL (1, obj), NISOBJLEN (1, obj));
data/libnss-nisplus-1.3/src/nisplus-parser.c:79:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (first_unused);
data/libnss-nisplus-1.3/src/nisplus-parser.c:90:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, numstr, len);
data/libnss-nisplus-1.3/src/nisplus-parser.c:106:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, numstr, len);
data/libnss-nisplus-1.3/src/nisplus-parser.c:118:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISOBJVAL (4, obj), NISOBJLEN (4, obj));
data/libnss-nisplus-1.3/src/nisplus-parser.c:121:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (first_unused);
data/libnss-nisplus-1.3/src/nisplus-parser.c:128:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISOBJVAL (5, obj), NISOBJLEN (5, obj));
data/libnss-nisplus-1.3/src/nisplus-parser.c:131:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (first_unused);
data/libnss-nisplus-1.3/src/nisplus-parser.c:138:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISOBJVAL (6, obj), NISOBJLEN (6, obj));
data/libnss-nisplus-1.3/src/nisplus-parser.c:141:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (first_unused);
data/libnss-nisplus-1.3/src/nisplus-parser.c:174:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISOBJVAL (0, obj), NISOBJLEN (0, obj));
data/libnss-nisplus-1.3/src/nisplus-parser.c:176:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (first_unused);
data/libnss-nisplus-1.3/src/nisplus-parser.c:186:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISOBJVAL (1, obj), NISOBJLEN (1, obj));
data/libnss-nisplus-1.3/src/nisplus-parser.c:189:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (first_unused);
data/libnss-nisplus-1.3/src/nisplus-parser.c:200:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, numstr, len);
data/libnss-nisplus-1.3/src/nisplus-parser.c:212:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISOBJVAL (3, obj), NISOBJLEN (3, obj));
data/libnss-nisplus-1.3/src/nisplus-parser.c:215:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (line);
data/libnss-nisplus-1.3/src/nisplus-parser.c:292:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISENTRYVAL (0, 0, result),
data/libnss-nisplus-1.3/src/nisplus-parser.c:295:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (first_unused);
data/libnss-nisplus-1.3/src/nisplus-parser.c:305:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISENTRYVAL (0, 1, result),
data/libnss-nisplus-1.3/src/nisplus-parser.c:309:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (first_unused);
data/libnss-nisplus-1.3/src/nisplus-proto.c:68:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISENTRYVAL (0, 0, result),
data/libnss-nisplus-1.3/src/nisplus-proto.c:72:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (first_unused) + 1;
data/libnss-nisplus-1.3/src/nisplus-proto.c:143:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t local_dir_len = strlen (local_dir);
data/libnss-nisplus-1.3/src/nisplus-proto.c:306:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[strlen (name) + 10 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-proto.c:332:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t buflen = strlen (entryval) + 10 + tablename_len;
data/libnss-nisplus-1.3/src/nisplus-publickey.c:332:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (principal, ENTRY_VAL (NIS_RES_OBJECT (res), 0), len);
data/libnss-nisplus-1.3/src/nisplus-publickey.c:344:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (principal) + strlen (domain) + 45 > (size_t) NIS_MAXNAMELEN)
data/libnss-nisplus-1.3/src/nisplus-publickey.c:344:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (principal) + strlen (domain) + 45 > (size_t) NIS_MAXNAMELEN)
data/libnss-nisplus-1.3/src/nisplus-pwd.c:50:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t local_dir_len = strlen (local_dir);
data/libnss-nisplus-1.3/src/nisplus-pwd.c:68:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pwd_tablename_len = strlen (pwd_tablename_val);
data/libnss-nisplus-1.3/src/nisplus-pwd.c:300:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[strlen (name) + 9 + pwd_tablename_len];
data/libnss-nisplus-1.3/src/nisplus-rpc.c:75:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISENTRYVAL (0, 0, result),
data/libnss-nisplus-1.3/src/nisplus-rpc.c:79:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (first_unused) + 1;
data/libnss-nisplus-1.3/src/nisplus-rpc.c:151:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t local_dir_len = strlen (local_dir);
data/libnss-nisplus-1.3/src/nisplus-rpc.c:315:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[strlen (name) + 10 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-rpc.c:342:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t buflen = strlen (entryval) + 10 + tablename_len;
data/libnss-nisplus-1.3/src/nisplus-service.c:65:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISENTRYVAL (0, 0, result),
data/libnss-nisplus-1.3/src/nisplus-service.c:69:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (first_unused) + 1;
data/libnss-nisplus-1.3/src/nisplus-service.c:75:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (first_unused, NISENTRYVAL (0, 2, result),
data/libnss-nisplus-1.3/src/nisplus-service.c:79:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (first_unused) + 1;
data/libnss-nisplus-1.3/src/nisplus-service.c:151:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t local_dir_len = strlen (local_dir);
data/libnss-nisplus-1.3/src/nisplus-service.c:313:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t protocol_len = strlen (protocol);
data/libnss-nisplus-1.3/src/nisplus-service.c:314:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[strlen (name) + protocol_len + 17 + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-service.c:343:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t buflen = (strlen (entryval) + protocol_len + 17
data/libnss-nisplus-1.3/src/nisplus-service.c:415:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[17 + 3 * sizeof (int) + strlen (protocol) + tablename_len];
data/libnss-nisplus-1.3/src/nisplus-spwd.c:179:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[strlen (name) + 9 + pwd_tablename_len];
ANALYSIS SUMMARY:
Hits = 123
Lines analyzed = 5658 in approximately 0.14 seconds (39801 lines/second)
Physical Source Lines of Code (SLOC) = 4110
Hits@level = [0] 47 [1] 69 [2] 52 [3] 0 [4] 2 [5] 0
Hits@level+ = [0+] 170 [1+] 123 [2+] 54 [3+] 2 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 41.3625 [1+] 29.927 [2+] 13.1387 [3+] 0.486618 [4+] 0.486618 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.