Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libosip2-4.1.0/src/osipparser2/osip_list.c Examining data/libosip2-4.1.0/src/osipparser2/osip_error_info.c Examining data/libosip2-4.1.0/src/osipparser2/osip_proxy_authenticate.c Examining data/libosip2-4.1.0/src/osipparser2/osip_header.c Examining data/libosip2-4.1.0/src/osipparser2/osip_proxy_authentication_info.c Examining data/libosip2-4.1.0/src/osipparser2/osip_mime_version.c Examining data/libosip2-4.1.0/src/osipparser2/osip_allow.c Examining data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c Examining data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c Examining data/libosip2-4.1.0/src/osipparser2/osip_call_info.c Examining data/libosip2-4.1.0/src/osipparser2/osip_content_type.c Examining data/libosip2-4.1.0/src/osipparser2/parser.h Examining data/libosip2-4.1.0/src/osipparser2/osip_from.c Examining data/libosip2-4.1.0/src/osipparser2/osip_md5c.c Examining data/libosip2-4.1.0/src/osipparser2/osip_content_disposition.c Examining data/libosip2-4.1.0/src/osipparser2/osip_accept_language.c Examining data/libosip2-4.1.0/src/osipparser2/osip_message.c Examining data/libosip2-4.1.0/src/osipparser2/osip_call_id.c Examining data/libosip2-4.1.0/src/osipparser2/osip_authorization.c Examining data/libosip2-4.1.0/src/osipparser2/osip_uri.c Examining data/libosip2-4.1.0/src/osipparser2/osip_cseq.c Examining data/libosip2-4.1.0/src/osipparser2/osip_contact.c Examining data/libosip2-4.1.0/src/osipparser2/osip_authentication_info.c Examining data/libosip2-4.1.0/src/osipparser2/osip_content_encoding.c Examining data/libosip2-4.1.0/src/osipparser2/osip_accept.c Examining data/libosip2-4.1.0/src/osipparser2/osip_alert_info.c Examining data/libosip2-4.1.0/src/osipparser2/osip_route.c Examining data/libosip2-4.1.0/src/osipparser2/osip_record_route.c Examining data/libosip2-4.1.0/src/osipparser2/osip_to.c Examining data/libosip2-4.1.0/src/osipparser2/sdp_message.c Examining data/libosip2-4.1.0/src/osipparser2/sdp_accessor.c Examining data/libosip2-4.1.0/src/osipparser2/osip_proxy_authorization.c Examining data/libosip2-4.1.0/src/osipparser2/osip_content_length.c Examining data/libosip2-4.1.0/src/osipparser2/osip_via.c Examining data/libosip2-4.1.0/src/osipparser2/osip_parser_cfg.c Examining data/libosip2-4.1.0/src/osipparser2/osip_port.c Examining data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c Examining data/libosip2-4.1.0/src/osipparser2/osip_body.c Examining data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c Examining data/libosip2-4.1.0/src/osip2/ist_fsm.c Examining data/libosip2-4.1.0/src/osip2/nict.c Examining data/libosip2-4.1.0/src/osip2/osip_event.c Examining data/libosip2-4.1.0/src/osip2/ict_fsm.c Examining data/libosip2-4.1.0/src/osip2/fsm.h Examining data/libosip2-4.1.0/src/osip2/port_condv.c Examining data/libosip2-4.1.0/src/osip2/port_thread.c Examining data/libosip2-4.1.0/src/osip2/osip_transaction.c Examining data/libosip2-4.1.0/src/osip2/ist.c Examining data/libosip2-4.1.0/src/osip2/fsm_misc.c Examining data/libosip2-4.1.0/src/osip2/osip_time.c Examining data/libosip2-4.1.0/src/osip2/nist.c Examining data/libosip2-4.1.0/src/osip2/ict.c Examining data/libosip2-4.1.0/src/osip2/nict_fsm.c Examining data/libosip2-4.1.0/src/osip2/port_fifo.c Examining data/libosip2-4.1.0/src/osip2/xixt.h Examining data/libosip2-4.1.0/src/osip2/osip.c Examining data/libosip2-4.1.0/src/osip2/osip_dialog.c Examining data/libosip2-4.1.0/src/osip2/nist_fsm.c Examining data/libosip2-4.1.0/src/osip2/port_sema.c Examining data/libosip2-4.1.0/src/test/torture.c Examining data/libosip2-4.1.0/src/test/tvia.c Examining data/libosip2-4.1.0/src/test/troute.c Examining data/libosip2-4.1.0/src/test/tcallid.c Examining data/libosip2-4.1.0/src/test/tfrom.c Examining data/libosip2-4.1.0/src/test/trecordr.c Examining data/libosip2-4.1.0/src/test/twwwa.c Examining data/libosip2-4.1.0/src/test/turls.c Examining data/libosip2-4.1.0/src/test/tcontentt.c Examining data/libosip2-4.1.0/src/test/tto.c Examining data/libosip2-4.1.0/src/test/tcontact.c Examining data/libosip2-4.1.0/include/osipparser2/osip_message.h Examining data/libosip2-4.1.0/include/osipparser2/osip_md5.h Examining data/libosip2-4.1.0/include/osipparser2/osip_const.h Examining data/libosip2-4.1.0/include/osipparser2/osip_uri.h Examining data/libosip2-4.1.0/include/osipparser2/osip_port.h Examining data/libosip2-4.1.0/include/osipparser2/internal.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_content_disposition.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_allow.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_call_info.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_from.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_www_authenticate.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_to.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_proxy_authorization.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_accept.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_accept_language.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_record_route.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_content_encoding.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_accept_encoding.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_content_length.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_mime_version.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_authorization.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_via.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_proxy_authentication_info.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_route.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_call_id.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_cseq.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_contact.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_alert_info.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_header.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_content_type.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_error_info.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_proxy_authenticate.h Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_authentication_info.h Examining data/libosip2-4.1.0/include/osipparser2/sdp_message.h Examining data/libosip2-4.1.0/include/osipparser2/osip_body.h Examining data/libosip2-4.1.0/include/osipparser2/osip_parser.h Examining data/libosip2-4.1.0/include/osipparser2/osip_headers.h Examining data/libosip2-4.1.0/include/osipparser2/osip_list.h Examining data/libosip2-4.1.0/include/osip2/osip_time.h Examining data/libosip2-4.1.0/include/osip2/osip_condv.h Examining data/libosip2-4.1.0/include/osip2/osip_dialog.h Examining data/libosip2-4.1.0/include/osip2/osip.h Examining data/libosip2-4.1.0/include/osip2/internal.h Examining data/libosip2-4.1.0/include/osip2/osip_mt.h Examining data/libosip2-4.1.0/include/osip2/osip_fifo.h FINAL RESULTS: data/libosip2-4.1.0/include/osip2/internal.h:48:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/libosip2-4.1.0/include/osip2/internal.h:48:19: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/libosip2-4.1.0/include/osip2/internal.h:58:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/libosip2-4.1.0/include/osip2/internal.h:58:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/libosip2-4.1.0/include/osip2/internal.h:105:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf osip_snprintf data/libosip2-4.1.0/include/osipparser2/internal.h:48:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/libosip2-4.1.0/include/osipparser2/internal.h:48:19: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/libosip2-4.1.0/include/osipparser2/internal.h:58:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/libosip2-4.1.0/include/osipparser2/internal.h:58:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/libosip2-4.1.0/include/osipparser2/internal.h:116:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf osip_snprintf data/libosip2-4.1.0/include/osipparser2/osip_port.h:43:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf osip_snprintf data/libosip2-4.1.0/include/osipparser2/osip_port.h:44:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define vsnprintf osip_vsnprintf data/libosip2-4.1.0/src/osipparser2/osip_accept.c:106:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, "%s/%s", accept->type, accept->subtype); data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c:125:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "%s", accept_encoding->element); data/libosip2-4.1.0/src/osipparser2/osip_call_id.c:141:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (*dest, "%s", callid->number); data/libosip2-4.1.0/src/osipparser2/osip_call_id.c:147:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (*dest, "%s@%s", callid->number, callid->host); data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:133:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "%s", call_info->element); data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:150:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, ";%s", u_param->gname); data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:152:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, ";%s=%s", u_param->gname, u_param->gvalue); data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:163:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, "%s/%s", content_type->type, content_type->subtype); data/libosip2-4.1.0/src/osipparser2/osip_from.c:276:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "%s <%s>", from->displayname, url); data/libosip2-4.1.0/src/osipparser2/osip_from.c:281:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "<%s>", url); data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:781:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (sep_boundary, boundary_prefix); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:68:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (tmp, sip_version); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:106:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (tmp, sip->reason_phrase); data/libosip2-4.1.0/src/osipparser2/osip_port.c:1059:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf (buffer + in, MAX_LENGTH_TR - 1 - in, chfr, ap); data/libosip2-4.1.0/src/osipparser2/osip_port.c:1081:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf (f, chfr, ap); data/libosip2-4.1.0/src/osipparser2/osip_port.c:1112:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf (buffer + in, MAX_LENGTH_TR - 1 - in, chfr, ap); data/libosip2-4.1.0/src/osipparser2/osip_port.c:1297:3: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf (&(buffer[strlen (buffer)]), fmt, ap); data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:117:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "%s <%s>", record_route->displayname, url); data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:119:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "<%s>", url); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:533:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "%s:", scheme); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:535:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "%s", url->string); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:552:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, "%s:", scheme); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:563:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, "%s", tmp2); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:575:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, ":%s", tmp2); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:584:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, "[%s]", url->host); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:588:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, "%s", url->host); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:592:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, ":%s", url->port); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:635:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, ";%s", tmp1); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:637:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, ";%s=%s", tmp1, tmp2); data/libosip2-4.1.0/src/osipparser2/osip_via.c:300:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "SIP/%s/%s [%s]", via->version, via->protocol, via->host); data/libosip2-4.1.0/src/osipparser2/osip_via.c:302:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "SIP/%s/%s [%s]:%s", via->version, via->protocol, via->host, via->port); data/libosip2-4.1.0/src/osipparser2/osip_via.c:306:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "SIP/%s/%s %s", via->version, via->protocol, via->host); data/libosip2-4.1.0/src/osipparser2/osip_via.c:308:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "SIP/%s/%s %s:%s", via->version, via->protocol, via->host, via->port); data/libosip2-4.1.0/src/osipparser2/osip_via.c:329:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, ";%s", u_param->gname); data/libosip2-4.1.0/src/osipparser2/osip_via.c:331:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, ";%s=%s", u_param->gname, u_param->gvalue); data/libosip2-4.1.0/src/osip2/port_sema.c:531:3: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection (&mut->h); data/libosip2-4.1.0/src/osipparser2/osip_port.c:234:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand (tv.tv_usec); data/libosip2-4.1.0/src/osipparser2/osip_port.c:274:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand (ticks); data/libosip2-4.1.0/src/osipparser2/osip_port.c:280:21: [3] (random) lrand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. int val = (int) lrand48 (); data/libosip2-4.1.0/src/osipparser2/osip_port.c:289:29: [3] (random) lrand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. return (unsigned int) lrand48 (); data/libosip2-4.1.0/src/osipparser2/osip_port.c:314:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand (ticks); data/libosip2-4.1.0/include/osip2/osip.h:281:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srv[512]; /**< srv */ data/libosip2-4.1.0/include/osip2/osip.h:286:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ipaddress[512]; /**< ipaddress result */ data/libosip2-4.1.0/include/osip2/osip.h:305:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[512]; /**< name */ data/libosip2-4.1.0/include/osip2/osip.h:307:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char protocol[64]; /**< transport protocol*/ data/libosip2-4.1.0/include/osip2/osip.h:333:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char domain[512]; /**< domain */ data/libosip2-4.1.0/include/osipparser2/osip_md5.h:70:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer[64]; /* input buffer */ data/libosip2-4.1.0/include/osipparser2/osip_port.h:173:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define osip_atoi atoi data/libosip2-4.1.0/src/osip2/ict_fsm.c:276:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (ack->sip_method, "ACK"); data/libosip2-4.1.0/src/osip2/osip_transaction.c:404:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&transaction->record, record, sizeof (osip_srv_record_t)); data/libosip2-4.1.0/src/osipparser2/osip_body.c:95:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (copy->body, body->body, body->length); data/libosip2-4.1.0/src/osipparser2/osip_body.c:289:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (body->body, start_of_body, length); data/libosip2-4.1.0/src/osipparser2/osip_body.c:333:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (body->body, start_of_osip_body_header, end_of_osip_body_header - start_of_osip_body_header); data/libosip2-4.1.0/src/osipparser2/osip_body.c:438:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (tmp_body, body->body, body->length); data/libosip2-4.1.0/src/osipparser2/osip_md5c.c:65:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char PADDING[64] = { data/libosip2-4.1.0/src/osipparser2/osip_md5c.c:165:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. osip_MD5Final (unsigned char digest[16], /* message digest */ data/libosip2-4.1.0/src/osipparser2/osip_md5c.c:169:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bits[8]; data/libosip2-4.1.0/src/osipparser2/osip_md5c.c:195:45: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. osip_MD5Transform (UINT4 state[4], unsigned char block[64]) data/libosip2-4.1.0/src/osipparser2/osip_md5c.c:331:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((char *) output)[i] = (char) value; data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:728:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[16]; data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:735:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (tmp, "%i", (int) osip_body_len); data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:753:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (tmp, start_of_body, end_of_body - start_of_body); data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:832:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (tmp, start_of_body, body_len); data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:871:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (tmp, buf, length); /* may contain binary data */ data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:79:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char status_code[5]; data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:91:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (status_code, "%u", sip->status_code); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:351:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (*dest, sip->message, sip->message_length); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:395:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char header_name[30]; data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:468:157: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. i = strcat_simple_header (dest, &malloc_size, &message, table[pos].header_data, table[pos].header_name, table[pos].header_length, ((int (*)(void *, char **)) data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:470:162: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. i = strcat_headers_one_per_line (dest, &malloc_size, &message, table[pos].header_list, table[pos].header_name, table[pos].header_length, ((int (*)(void *, char **)) data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:662:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (message, tmp, body_length); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:690:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp2[15]; data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:702:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (sip->message, *dest, total_length); data/libosip2-4.1.0/src/osipparser2/osip_port.c:258:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open ("/dev/urandom", O_RDONLY); data/libosip2-4.1.0/src/osipparser2/osip_port.c:376:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi (number); data/libosip2-4.1.0/src/osipparser2/osip_port.c:1038:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[MAX_LENGTH_TR]; data/libosip2-4.1.0/src/osipparser2/osip_port.c:1091:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[MAX_LENGTH_TR]; data/libosip2-4.1.0/src/osipparser2/osip_port.c:1133:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[MAX_LENGTH_TR]; data/libosip2-4.1.0/src/osipparser2/osip_port.c:1164:14: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). size = MultiByteToWideChar (CP_UTF8, 0, buffer, -1, wUnicode, MAX_LENGTH_TR * 2); data/libosip2-4.1.0/src/osipparser2/osip_port.c:1245:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ctx->str + ctx->len, buffer, nc); data/libosip2-4.1.0/src/osipparser2/osip_port.c:1291:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[1024]; data/libosip2-4.1.0/src/osipparser2/osip_port.c:1326:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (mem, &line, 2); data/libosip2-4.1.0/src/osipparser2/osip_port.c:1356:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (mem, &line, 2); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:939:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (&ns[index], "%%%02X", in); data/libosip2-4.1.0/src/test/tcallid.c:40:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). callids_file = fopen (argv[1], "r"); data/libosip2-4.1.0/src/test/tcontact.c:41:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). contacts_file = fopen (argv[1], "r"); data/libosip2-4.1.0/src/test/tcontentt.c:41:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). content_types_file = fopen (argv[1], "r"); data/libosip2-4.1.0/src/test/tfrom.c:41:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). froms_file = fopen (argv[1], "r"); data/libosip2-4.1.0/src/test/torture.c:120:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). torture_file = fopen (argv[1], "r"); data/libosip2-4.1.0/src/test/torture.c:133:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). msg = read_text (atoi (argv[2]), torture_file); data/libosip2-4.1.0/src/test/trecordr.c:42:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). record_routes_file = fopen (argv[1], "r"); data/libosip2-4.1.0/src/test/troute.c:42:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). routes_file = fopen (argv[1], "r"); data/libosip2-4.1.0/src/test/tto.c:41:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tos_file = fopen (argv[1], "r"); data/libosip2-4.1.0/src/test/turls.c:43:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). urls_file = fopen (argv[1], "r"); data/libosip2-4.1.0/src/test/tvia.c:42:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). vias_file = fopen (argv[1], "r"); data/libosip2-4.1.0/src/test/twwwa.c:42:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). wwwauthenticates_file = fopen (argv[1], "r"); data/libosip2-4.1.0/src/osip2/osip_transaction.c:692:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length_br = strlen (b_origrequest->gvalue); data/libosip2-4.1.0/src/osip2/osip_transaction.c:693:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length_br2 = strlen (b_request->gvalue); data/libosip2-4.1.0/src/osipparser2/osip_accept.c:81:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen (accept->type); data/libosip2-4.1.0/src/osipparser2/osip_accept.c:84:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen (accept->subtype); data/libosip2-4.1.0/src/osipparser2/osip_accept.c:108:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_accept.c:115:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf (tmp, " "); data/libosip2-4.1.0/src/osipparser2/osip_accept.c:127:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp_len = strlen (buf) + 4 + strlen (u_param->gname) data/libosip2-4.1.0/src/osipparser2/osip_accept.c:127:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp_len = strlen (buf) + 4 + strlen (u_param->gname) data/libosip2-4.1.0/src/osipparser2/osip_accept.c:128:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). + strlen (u_param->gvalue) + 1; data/libosip2-4.1.0/src/osipparser2/osip_accept.c:132:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = buf + strlen (buf); data/libosip2-4.1.0/src/osipparser2/osip_accept.c:135:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c:94:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_accept_encoding_params = hvalue + strlen (hvalue); data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c:120:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (accept_encoding->element) + 2; data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c:135:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + 2; data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c:137:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3; data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c:137:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3; data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c:141:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_authentication_info.c:144:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (space) < 1) data/libosip2-4.1.0/src/osipparser2/osip_authentication_info.c:264:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (ainfo->nextnonce) + 11; data/libosip2-4.1.0/src/osipparser2/osip_authentication_info.c:266:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (ainfo->rspauth) + 10; data/libosip2-4.1.0/src/osipparser2/osip_authentication_info.c:268:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (ainfo->cnonce) + 9; data/libosip2-4.1.0/src/osipparser2/osip_authentication_info.c:270:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (ainfo->nonce_count) + 5; data/libosip2-4.1.0/src/osipparser2/osip_authentication_info.c:272:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (ainfo->qop_options) + 6; data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:216:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (space) < 1) data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:427:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (auth->auth_type) + 1; data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:429:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + 10 + strlen (auth->username); data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:431:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + 8 + strlen (auth->realm); data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:433:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + 8 + strlen (auth->nonce); data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:435:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + 6 + strlen (auth->uri); data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:437:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + 11 + strlen (auth->response); data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:440:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (auth->digest) + 9; data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:442:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (auth->algorithm) + 12; data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:444:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (auth->cnonce) + 9; data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:446:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + 9 + strlen (auth->opaque); data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:448:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (auth->nonce_count) + 5; data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:450:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (auth->message_qop) + 6; data/libosip2-4.1.0/src/osipparser2/osip_body.c:381:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (length < tmp_body - ptr + strlen (tmp) + 4) { data/libosip2-4.1.0/src/osipparser2/osip_body.c:385:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = length + strlen (tmp) + 4; data/libosip2-4.1.0/src/osipparser2/osip_body.c:405:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (length < tmp_body - ptr + strlen (tmp) + 4) { data/libosip2-4.1.0/src/osipparser2/osip_body.c:409:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = length + strlen (tmp) + 4; data/libosip2-4.1.0/src/osipparser2/osip_call_id.c:105:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). end = hvalue + strlen (hvalue); data/libosip2-4.1.0/src/osipparser2/osip_call_id.c:138:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *dest = (char *) osip_malloc (strlen (callid->number) + 1); data/libosip2-4.1.0/src/osipparser2/osip_call_id.c:144:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *dest = (char *) osip_malloc (strlen (callid->number) + strlen (callid->host) + 2); data/libosip2-4.1.0/src/osipparser2/osip_call_id.c:144:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *dest = (char *) osip_malloc (strlen (callid->number) + strlen (callid->host) + 2); data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:100:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_call_info_params = hvalue + strlen (hvalue); data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:127:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (call_info->element) + 2; data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:142:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + 2; data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:144:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3; data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:144:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3; data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:148:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_content_disposition.c:43:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cd_params = hvalue + strlen (hvalue); data/libosip2-4.1.0/src/osipparser2/osip_content_length.c:71:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (hvalue); data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:119:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_content_type_params = subtype + strlen (subtype); data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:155:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (content_type->type) + strlen (content_type->subtype) + 4 /* for '/', ' ', ';' and '\0' */ data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:155:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (content_type->type) + strlen (content_type->subtype) + 4 /* for '/', ' ', ';' and '\0' */ data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:165:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:172:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf (tmp, " "); data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:184:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp_len = strlen (buf) + 4 + strlen (u_param->gname) data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:184:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp_len = strlen (buf) + 4 + strlen (u_param->gname) data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:185:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). + strlen (u_param->gvalue) + 1; data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:189:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = buf + strlen (buf); data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:192:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_cseq.c:84:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). end = hvalue + strlen (hvalue); data/libosip2-4.1.0/src/osipparser2/osip_cseq.c:149:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (cseq->method) + strlen (cseq->number) + 2; data/libosip2-4.1.0/src/osipparser2/osip_cseq.c:149:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (cseq->method) + strlen (cseq->number) + 2; data/libosip2-4.1.0/src/osipparser2/osip_from.c:208:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). url_end = url + strlen (url); data/libosip2-4.1.0/src/osipparser2/osip_from.c:265:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (url) + 5; data/libosip2-4.1.0/src/osipparser2/osip_from.c:267:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (url) + strlen (from->displayname) + 5; data/libosip2-4.1.0/src/osipparser2/osip_from.c:267:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (url) + strlen (from->displayname) + 5; data/libosip2-4.1.0/src/osipparser2/osip_from.c:294:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + 2; data/libosip2-4.1.0/src/osipparser2/osip_from.c:296:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3; data/libosip2-4.1.0/src/osipparser2/osip_from.c:296:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3; data/libosip2-4.1.0/src/osipparser2/osip_from.c:300:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_from.c:474:15: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. const char *equal; data/libosip2-4.1.0/src/osipparser2/osip_from.c:497:21: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (comma - equal < 2) data/libosip2-4.1.0/src/osipparser2/osip_from.c:499:48: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. pvalue = (char *) osip_malloc (comma - equal); data/libosip2-4.1.0/src/osipparser2/osip_from.c:530:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). comma = params + strlen (params); data/libosip2-4.1.0/src/osipparser2/osip_from.c:549:19: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (comma - equal < 2) data/libosip2-4.1.0/src/osipparser2/osip_from.c:551:46: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. pvalue = (char *) osip_malloc (comma - equal); data/libosip2-4.1.0/src/osipparser2/osip_header.c:45:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). h->hname = (char *) osip_malloc (strlen (hname) + 1); data/libosip2-4.1.0/src/osipparser2/osip_header.c:51:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_clrncpy (h->hname, hname, strlen (hname)); data/libosip2-4.1.0/src/osipparser2/osip_header.c:54:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). h->hvalue = (char *) osip_malloc (strlen (hvalue) + 1); data/libosip2-4.1.0/src/osipparser2/osip_header.c:59:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_clrncpy (h->hvalue, hvalue, strlen (hvalue)); data/libosip2-4.1.0/src/osipparser2/osip_header.c:88:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). h->hname = (char *) osip_malloc (strlen (hname) + 1); data/libosip2-4.1.0/src/osipparser2/osip_header.c:94:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_clrncpy (h->hname, hname, strlen (hname)); data/libosip2-4.1.0/src/osipparser2/osip_header.c:97:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). h->hvalue = (char *) osip_malloc (strlen (hvalue) + 1); data/libosip2-4.1.0/src/osipparser2/osip_header.c:102:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_clrncpy (h->hvalue, hvalue, strlen (hvalue)); data/libosip2-4.1.0/src/osipparser2/osip_header.c:137:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). h->hname = (char *) osip_malloc (strlen (hname) + 1); data/libosip2-4.1.0/src/osipparser2/osip_header.c:143:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_clrncpy (h->hname, hname, strlen (hname)); data/libosip2-4.1.0/src/osipparser2/osip_header.c:146:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). h->hvalue = (char *) osip_malloc (strlen (hvalue) + 1); data/libosip2-4.1.0/src/osipparser2/osip_header.c:151:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_clrncpy (h->hvalue, hvalue, strlen (hvalue)); data/libosip2-4.1.0/src/osipparser2/osip_header.c:238:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hlen = strlen (header->hname); data/libosip2-4.1.0/src/osipparser2/osip_header.c:240:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (header->hvalue); data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:266:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char *ptr = buf + strlen (buf); data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:450:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hname_len = strlen (hname); data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:541:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (beg) < 2) data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:575:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (beg) < 2) data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:734:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_body_len = strlen (start_of_body); data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:776:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen (ct_param->gvalue); data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:783:7: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat (sep_boundary, ct_param->gvalue + 1, len - 2); data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:785:7: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat (sep_boundary, ct_param->gvalue, len); data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:788:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len_sep_boundary = strlen (sep_boundary); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:54:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *dest = (char *) osip_malloc (strlen (sip->sip_method) data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:55:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). + strlen (rquri) + strlen (sip_version) + 3); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:55:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). + strlen (rquri) + strlen (sip_version) + 3); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:93:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *dest = (char *) osip_malloc (strlen (sip_version) data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:94:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). + 3 + strlen (sip->reason_phrase) + 4); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:191:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (*malloc_size < message - string + strlen (tmp) + 100) { data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:194:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *malloc_size = message - string + strlen (tmp) + 100; data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:257:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). message = message + strlen (message); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:259:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (*malloc_size < message - string + strlen (tmp) + 100) { data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:262:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *malloc_size = message - string + strlen (tmp) + 100; data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:381:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t message_len = strlen(tmp); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:496:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). header_len = strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:592:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen (ct_param->gvalue); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:695:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (content_length_to_modify + 5 - strlen (tmp2), tmp2, strlen (tmp2)); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:695:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy (content_length_to_modify + 5 - strlen (tmp2), tmp2, strlen (tmp2)); data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:695:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy (content_length_to_modify + 5 - strlen (tmp2), tmp2, strlen (tmp2)); data/libosip2-4.1.0/src/osipparser2/osip_port.c:264:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read (fd, &r, sizeof (r)); data/libosip2-4.1.0/src/osipparser2/osip_port.c:338:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (dest, src, length); data/libosip2-4.1.0/src/osipparser2/osip_port.c:353:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen (ch); data/libosip2-4.1.0/src/osipparser2/osip_port.c:450:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *copy = (char *) osip_malloc (strlen (ch) + 1); data/libosip2-4.1.0/src/osipparser2/osip_port.c:457:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_strncpy (copy, ch + 1, strlen (ch + 1)); data/libosip2-4.1.0/src/osipparser2/osip_port.c:458:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_strncpy (copy + strlen (copy) - 1, "\0", 1); data/libosip2-4.1.0/src/osipparser2/osip_port.c:461:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_strncpy (copy, ch, strlen (ch)); data/libosip2-4.1.0/src/osipparser2/osip_port.c:474:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen (word); data/libosip2-4.1.0/src/osipparser2/osip_port.c:534:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (needle); data/libosip2-4.1.0/src/osipparser2/osip_port.c:560:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (word); data/libosip2-4.1.0/src/osipparser2/osip_port.c:727:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). t = rtn = osip_malloc (strlen (s) * 2 + 3); data/libosip2-4.1.0/src/osipparser2/osip_port.c:762:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (s); data/libosip2-4.1.0/src/osipparser2/osip_port.c:1297:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vsprintf (&(buffer[strlen (buffer)]), fmt, ap); data/libosip2-4.1.0/src/osipparser2/osip_port.c:1299:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retval = strlen (buffer); data/libosip2-4.1.0/src/osipparser2/osip_port.c:1327:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (s = file + strlen (file); s != file; s--) { data/libosip2-4.1.0/src/osipparser2/osip_port.c:1333:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy ((char *) mem + 2, s, 18); data/libosip2-4.1.0/src/osipparser2/osip_port.c:1358:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (s = file + strlen (file); s != file; s--) { data/libosip2-4.1.0/src/osipparser2/osip_port.c:1364:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy ((char *) mem + 2, s, 18); data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:105:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (url) + 5; data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:107:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (url) + strlen (record_route->displayname) + 5; data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:107:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (url) + strlen (record_route->displayname) + 5; data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:132:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + 2; data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:134:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3; data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:134:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3; data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:138:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:127:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (url->scheme) < 3 || (0 != osip_strncasecmp (url->scheme, "sip", 3) data/libosip2-4.1.0/src/osipparser2/osip_uri.c:129:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t i = strlen (tmp + 1); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:193:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). headers = buf + strlen (buf); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:343:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/osip_uri.c:365:17: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (and - equal < 2) { data/libosip2-4.1.0/src/osipparser2/osip_uri.c:369:44: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. hvalue = (char *) osip_malloc (and - equal); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:378:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (headers + strlen (headers) - equal + 1 < 2) { data/libosip2-4.1.0/src/osipparser2/osip_uri.c:382:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hvalue = (char *) osip_malloc (headers + strlen (headers) - equal + 1); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:387:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_strncpy (hvalue, equal + 1, headers + strlen (headers) - equal); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:387:69: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. osip_strncpy (hvalue, equal + 1, headers + strlen (headers) - equal); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:409:10: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while (equal != NULL); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:421:15: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. const char *equal; data/libosip2-4.1.0/src/osipparser2/osip_uri.c:435:19: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (comma - equal < 2) data/libosip2-4.1.0/src/osipparser2/osip_uri.c:437:46: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. pvalue = (char *) osip_malloc (comma - equal); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:469:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). comma = params + strlen (params); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:476:17: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (comma - equal < 2) data/libosip2-4.1.0/src/osipparser2/osip_uri.c:478:44: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. pvalue = (char *) osip_malloc (comma - equal); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:529:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf = (char *) osip_malloc (strlen (scheme) + strlen (url->string) + 3); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:529:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf = (char *) osip_malloc (strlen (scheme) + strlen (url->string) + 3); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:534:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf = buf + strlen (scheme) + 1; data/libosip2-4.1.0/src/osipparser2/osip_uri.c:539:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (scheme) + 1 + strlen (url->host) + 5; data/libosip2-4.1.0/src/osipparser2/osip_uri.c:539:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (scheme) + 1 + strlen (url->host) + 5; data/libosip2-4.1.0/src/osipparser2/osip_uri.c:541:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + (strlen (url->username) * 3) + 1; /* count escaped char */ data/libosip2-4.1.0/src/osipparser2/osip_uri.c:543:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + (strlen (url->password) * 3) + 1; data/libosip2-4.1.0/src/osipparser2/osip_uri.c:545:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (url->port) + 3; data/libosip2-4.1.0/src/osipparser2/osip_uri.c:553:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:565:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:577:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:580:5: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf (tmp, "@"); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:585:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:589:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:593:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:613:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (tmp1) + 2; data/libosip2-4.1.0/src/osipparser2/osip_uri.c:621:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (tmp1) + strlen (tmp2) + 3; data/libosip2-4.1.0/src/osipparser2/osip_uri.c:621:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (tmp1) + strlen (tmp2) + 3; data/libosip2-4.1.0/src/osipparser2/osip_uri.c:633:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:669:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (tmp1) + strlen (tmp2) + 4; data/libosip2-4.1.0/src/osipparser2/osip_uri.c:669:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (tmp1) + strlen (tmp2) + 4; data/libosip2-4.1.0/src/osipparser2/osip_uri.c:681:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:840:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pname_len = strlen (pname); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:847:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (u_param->gname); data/libosip2-4.1.0/src/osipparser2/osip_uri.c:848:70: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (pname_len == len && osip_strncasecmp (u_param->gname, pname, strlen (pname)) == 0) { data/libosip2-4.1.0/src/osipparser2/osip_uri.c:899:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t alloc = strlen (string) + 1; data/libosip2-4.1.0/src/osipparser2/osip_uri.c:985:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t alloc = strlen (string) + 1; data/libosip2-4.1.0/src/osipparser2/osip_via.c:163:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (host) == 1) data/libosip2-4.1.0/src/osipparser2/osip_via.c:198:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). comment = host + strlen (host); data/libosip2-4.1.0/src/osipparser2/osip_via.c:289:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (via->version) + 1 + strlen (via->protocol) + 1 + 3 + 2; /* sip/xxx/xxx */ data/libosip2-4.1.0/src/osipparser2/osip_via.c:289:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (via->version) + 1 + strlen (via->protocol) + 1 + 3 + 2; /* sip/xxx/xxx */ data/libosip2-4.1.0/src/osipparser2/osip_via.c:290:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (via->host) + 3 + 1; data/libosip2-4.1.0/src/osipparser2/osip_via.c:292:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (via->port) + 2; data/libosip2-4.1.0/src/osipparser2/osip_via.c:321:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + 2; data/libosip2-4.1.0/src/osipparser2/osip_via.c:323:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3; data/libosip2-4.1.0/src/osipparser2/osip_via.c:323:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3; data/libosip2-4.1.0/src/osipparser2/osip_via.c:327:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_via.c:337:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (via->comment) + 4; data/libosip2-4.1.0/src/osipparser2/osip_via.c:340:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = tmp + strlen (tmp); data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:78:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (str) <= strlen (name)) data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:78:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (str) <= strlen (name)) data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:80:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (osip_strncasecmp (name, str, strlen (name)) == 0) { data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:91:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((size_t) (hack - str) != strlen (name)) { data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:171:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (str) < 6) data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:180:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (osip_strncasecmp (name, str, strlen (name)) == 0) { data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:185:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). end = str + strlen (str); /* This is the end of the header */ data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:317:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (space) < 1) data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:473:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (wwwa->auth_type) + 1; data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:476:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (wwwa->realm) + 7; data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:478:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (wwwa->nonce) + 8; data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:481:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (wwwa->domain) + 9; data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:483:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (wwwa->opaque) + 9; data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:485:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (wwwa->stale) + 8; data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:487:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (wwwa->algorithm) + 12; data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:489:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen (wwwa->qop_options) + 6; data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:529:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (wwwa->auth_type); data/libosip2-4.1.0/src/osipparser2/sdp_message.c:326:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int length = (int) strlen (string_osip_to_append); data/libosip2-4.1.0/src/osipparser2/sdp_message.c:337:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return cur + strlen (cur); data/libosip2-4.1.0/src/osipparser2/sdp_message.c:343:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:349:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:349:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:358:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 'v') data/libosip2-4.1.0/src/osipparser2/sdp_message.c:384:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:393:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:393:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:399:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 'o') data/libosip2-4.1.0/src/osipparser2/sdp_message.c:475:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:481:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:481:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:487:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 's') data/libosip2-4.1.0/src/osipparser2/sdp_message.c:529:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:537:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:537:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:543:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 'i') data/libosip2-4.1.0/src/osipparser2/sdp_message.c:587:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:593:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:593:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:599:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 'u') data/libosip2-4.1.0/src/osipparser2/sdp_message.c:628:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:635:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:635:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:641:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 'e') data/libosip2-4.1.0/src/osipparser2/sdp_message.c:672:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:679:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:679:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:685:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 'p') data/libosip2-4.1.0/src/osipparser2/sdp_message.c:716:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:726:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:726:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:732:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 'c') data/libosip2-4.1.0/src/osipparser2/sdp_message.c:844:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:854:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:854:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:860:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 'b') data/libosip2-4.1.0/src/osipparser2/sdp_message.c:918:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:928:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:928:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:934:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 't') data/libosip2-4.1.0/src/osipparser2/sdp_message.c:981:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:990:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:990:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:996:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 'r') data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1032:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1039:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1039:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1045:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 'z') data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1075:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1086:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1086:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1092:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 'k') data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1165:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1176:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1176:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1182:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 'a') data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1256:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. char *equal; data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1268:12: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1268:31: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while ((*equal != '=') && (*equal != '\0')) data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1274:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (equal[-1] != 'm') data/libosip2-4.1.0/src/test/tcallid.c:53:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. strncpy (a_callid + strlen (a_callid) - 1, "\0", 1); data/libosip2-4.1.0/src/test/tcallid.c:53:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy (a_callid + strlen (a_callid) - 1, "\0", 1); data/libosip2-4.1.0/src/test/tcontact.c:54:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. strncpy (a_contact + strlen (a_contact) - 1, "\0", 1); data/libosip2-4.1.0/src/test/tcontact.c:54:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy (a_contact + strlen (a_contact) - 1, "\0", 1); data/libosip2-4.1.0/src/test/tcontentt.c:54:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. strncpy (a_content_type + strlen (a_content_type) - 1, "\0", 1); data/libosip2-4.1.0/src/test/tcontentt.c:54:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy (a_content_type + strlen (a_content_type) - 1, "\0", 1); data/libosip2-4.1.0/src/test/tfrom.c:54:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. strncpy (a_from + strlen (a_from) - 1, "\0", 1); data/libosip2-4.1.0/src/test/tfrom.c:54:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy (a_from + strlen (a_from) - 1, "\0", 1); data/libosip2-4.1.0/src/test/torture.c:83:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_strncpy (tmpmsg, tmp, strlen (tmp)); data/libosip2-4.1.0/src/test/torture.c:84:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmpmsg = tmpmsg + strlen (tmp); data/libosip2-4.1.0/src/test/torture.c:136:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (msg); data/libosip2-4.1.0/src/test/trecordr.c:55:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. strncpy (a_record_route + strlen (a_record_route) - 1, "\0", 1); data/libosip2-4.1.0/src/test/trecordr.c:55:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy (a_record_route + strlen (a_record_route) - 1, "\0", 1); data/libosip2-4.1.0/src/test/troute.c:55:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. strncpy (a_route + strlen (a_route) - 1, "\0", 1); data/libosip2-4.1.0/src/test/troute.c:55:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy (a_route + strlen (a_route) - 1, "\0", 1); data/libosip2-4.1.0/src/test/tto.c:54:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. strncpy (a_to + strlen (a_to) - 1, "\0", 1); data/libosip2-4.1.0/src/test/tto.c:54:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy (a_to + strlen (a_to) - 1, "\0", 1); data/libosip2-4.1.0/src/test/turls.c:55:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_strncpy (a_url + strlen (a_url) - 1, "\0", 1); data/libosip2-4.1.0/src/test/tvia.c:55:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osip_strncpy (a_via + strlen (a_via) - 1, "\0", 1); data/libosip2-4.1.0/src/test/twwwa.c:55:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. strncpy (a_wwwauthenticate + strlen (a_wwwauthenticate) - 1, "\0", 1); data/libosip2-4.1.0/src/test/twwwa.c:55:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy (a_wwwauthenticate + strlen (a_wwwauthenticate) - 1, "\0", 1); ANALYSIS SUMMARY: Hits = 407 Lines analyzed = 32762 in approximately 0.96 seconds (34256 lines/second) Physical Source Lines of Code (SLOC) = 20434 Hits@level = [0] 156 [1] 299 [2] 55 [3] 6 [4] 47 [5] 0 Hits@level+ = [0+] 563 [1+] 407 [2+] 108 [3+] 53 [4+] 47 [5+] 0 Hits/KSLOC@level+ = [0+] 27.5521 [1+] 19.9178 [2+] 5.28531 [3+] 2.59372 [4+] 2.30009 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.