Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libosip2-4.1.0/src/osipparser2/osip_list.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_error_info.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_proxy_authenticate.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_header.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_proxy_authentication_info.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_mime_version.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_allow.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_call_info.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_content_type.c
Examining data/libosip2-4.1.0/src/osipparser2/parser.h
Examining data/libosip2-4.1.0/src/osipparser2/osip_from.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_md5c.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_content_disposition.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_accept_language.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_message.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_call_id.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_authorization.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_uri.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_cseq.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_contact.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_authentication_info.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_content_encoding.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_accept.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_alert_info.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_route.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_record_route.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_to.c
Examining data/libosip2-4.1.0/src/osipparser2/sdp_message.c
Examining data/libosip2-4.1.0/src/osipparser2/sdp_accessor.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_proxy_authorization.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_content_length.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_via.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_parser_cfg.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_port.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_body.c
Examining data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c
Examining data/libosip2-4.1.0/src/osip2/ist_fsm.c
Examining data/libosip2-4.1.0/src/osip2/nict.c
Examining data/libosip2-4.1.0/src/osip2/osip_event.c
Examining data/libosip2-4.1.0/src/osip2/ict_fsm.c
Examining data/libosip2-4.1.0/src/osip2/fsm.h
Examining data/libosip2-4.1.0/src/osip2/port_condv.c
Examining data/libosip2-4.1.0/src/osip2/port_thread.c
Examining data/libosip2-4.1.0/src/osip2/osip_transaction.c
Examining data/libosip2-4.1.0/src/osip2/ist.c
Examining data/libosip2-4.1.0/src/osip2/fsm_misc.c
Examining data/libosip2-4.1.0/src/osip2/osip_time.c
Examining data/libosip2-4.1.0/src/osip2/nist.c
Examining data/libosip2-4.1.0/src/osip2/ict.c
Examining data/libosip2-4.1.0/src/osip2/nict_fsm.c
Examining data/libosip2-4.1.0/src/osip2/port_fifo.c
Examining data/libosip2-4.1.0/src/osip2/xixt.h
Examining data/libosip2-4.1.0/src/osip2/osip.c
Examining data/libosip2-4.1.0/src/osip2/osip_dialog.c
Examining data/libosip2-4.1.0/src/osip2/nist_fsm.c
Examining data/libosip2-4.1.0/src/osip2/port_sema.c
Examining data/libosip2-4.1.0/src/test/torture.c
Examining data/libosip2-4.1.0/src/test/tvia.c
Examining data/libosip2-4.1.0/src/test/troute.c
Examining data/libosip2-4.1.0/src/test/tcallid.c
Examining data/libosip2-4.1.0/src/test/tfrom.c
Examining data/libosip2-4.1.0/src/test/trecordr.c
Examining data/libosip2-4.1.0/src/test/twwwa.c
Examining data/libosip2-4.1.0/src/test/turls.c
Examining data/libosip2-4.1.0/src/test/tcontentt.c
Examining data/libosip2-4.1.0/src/test/tto.c
Examining data/libosip2-4.1.0/src/test/tcontact.c
Examining data/libosip2-4.1.0/include/osipparser2/osip_message.h
Examining data/libosip2-4.1.0/include/osipparser2/osip_md5.h
Examining data/libosip2-4.1.0/include/osipparser2/osip_const.h
Examining data/libosip2-4.1.0/include/osipparser2/osip_uri.h
Examining data/libosip2-4.1.0/include/osipparser2/osip_port.h
Examining data/libosip2-4.1.0/include/osipparser2/internal.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_content_disposition.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_allow.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_call_info.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_from.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_www_authenticate.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_to.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_proxy_authorization.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_accept.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_accept_language.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_record_route.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_content_encoding.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_accept_encoding.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_content_length.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_mime_version.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_authorization.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_via.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_proxy_authentication_info.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_route.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_call_id.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_cseq.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_contact.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_alert_info.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_header.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_content_type.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_error_info.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_proxy_authenticate.h
Examining data/libosip2-4.1.0/include/osipparser2/headers/osip_authentication_info.h
Examining data/libosip2-4.1.0/include/osipparser2/sdp_message.h
Examining data/libosip2-4.1.0/include/osipparser2/osip_body.h
Examining data/libosip2-4.1.0/include/osipparser2/osip_parser.h
Examining data/libosip2-4.1.0/include/osipparser2/osip_headers.h
Examining data/libosip2-4.1.0/include/osipparser2/osip_list.h
Examining data/libosip2-4.1.0/include/osip2/osip_time.h
Examining data/libosip2-4.1.0/include/osip2/osip_condv.h
Examining data/libosip2-4.1.0/include/osip2/osip_dialog.h
Examining data/libosip2-4.1.0/include/osip2/osip.h
Examining data/libosip2-4.1.0/include/osip2/internal.h
Examining data/libosip2-4.1.0/include/osip2/osip_mt.h
Examining data/libosip2-4.1.0/include/osip2/osip_fifo.h
FINAL RESULTS:
data/libosip2-4.1.0/include/osip2/internal.h:48:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libosip2-4.1.0/include/osip2/internal.h:48:19: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libosip2-4.1.0/include/osip2/internal.h:58:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libosip2-4.1.0/include/osip2/internal.h:58:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libosip2-4.1.0/include/osip2/internal.h:105:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf osip_snprintf
data/libosip2-4.1.0/include/osipparser2/internal.h:48:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libosip2-4.1.0/include/osipparser2/internal.h:48:19: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libosip2-4.1.0/include/osipparser2/internal.h:58:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libosip2-4.1.0/include/osipparser2/internal.h:58:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libosip2-4.1.0/include/osipparser2/internal.h:116:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf osip_snprintf
data/libosip2-4.1.0/include/osipparser2/osip_port.h:43:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf osip_snprintf
data/libosip2-4.1.0/include/osipparser2/osip_port.h:44:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf osip_vsnprintf
data/libosip2-4.1.0/src/osipparser2/osip_accept.c:106:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, "%s/%s", accept->type, accept->subtype);
data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c:125:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "%s", accept_encoding->element);
data/libosip2-4.1.0/src/osipparser2/osip_call_id.c:141:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (*dest, "%s", callid->number);
data/libosip2-4.1.0/src/osipparser2/osip_call_id.c:147:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (*dest, "%s@%s", callid->number, callid->host);
data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:133:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "%s", call_info->element);
data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:150:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, ";%s", u_param->gname);
data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:152:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, ";%s=%s", u_param->gname, u_param->gvalue);
data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:163:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, "%s/%s", content_type->type, content_type->subtype);
data/libosip2-4.1.0/src/osipparser2/osip_from.c:276:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "%s <%s>", from->displayname, url);
data/libosip2-4.1.0/src/osipparser2/osip_from.c:281:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "<%s>", url);
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:781:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sep_boundary, boundary_prefix);
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:68:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tmp, sip_version);
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:106:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tmp, sip->reason_phrase);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1059:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (buffer + in, MAX_LENGTH_TR - 1 - in, chfr, ap);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1081:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (f, chfr, ap);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1112:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (buffer + in, MAX_LENGTH_TR - 1 - in, chfr, ap);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1297:3: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf (&(buffer[strlen (buffer)]), fmt, ap);
data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:117:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "%s <%s>", record_route->displayname, url);
data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:119:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "<%s>", url);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:533:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "%s:", scheme);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:535:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "%s", url->string);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:552:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, "%s:", scheme);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:563:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, "%s", tmp2);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:575:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, ":%s", tmp2);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:584:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, "[%s]", url->host);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:588:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, "%s", url->host);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:592:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, ":%s", url->port);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:635:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, ";%s", tmp1);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:637:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, ";%s=%s", tmp1, tmp2);
data/libosip2-4.1.0/src/osipparser2/osip_via.c:300:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "SIP/%s/%s [%s]", via->version, via->protocol, via->host);
data/libosip2-4.1.0/src/osipparser2/osip_via.c:302:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "SIP/%s/%s [%s]:%s", via->version, via->protocol, via->host, via->port);
data/libosip2-4.1.0/src/osipparser2/osip_via.c:306:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "SIP/%s/%s %s", via->version, via->protocol, via->host);
data/libosip2-4.1.0/src/osipparser2/osip_via.c:308:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "SIP/%s/%s %s:%s", via->version, via->protocol, via->host, via->port);
data/libosip2-4.1.0/src/osipparser2/osip_via.c:329:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, ";%s", u_param->gname);
data/libosip2-4.1.0/src/osipparser2/osip_via.c:331:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, ";%s=%s", u_param->gname, u_param->gvalue);
data/libosip2-4.1.0/src/osip2/port_sema.c:531:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection (&mut->h);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:234:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand (tv.tv_usec);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:274:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand (ticks);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:280:21: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int val = (int) lrand48 ();
data/libosip2-4.1.0/src/osipparser2/osip_port.c:289:29: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return (unsigned int) lrand48 ();
data/libosip2-4.1.0/src/osipparser2/osip_port.c:314:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand (ticks);
data/libosip2-4.1.0/include/osip2/osip.h:281:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srv[512]; /**< srv */
data/libosip2-4.1.0/include/osip2/osip.h:286:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipaddress[512]; /**< ipaddress result */
data/libosip2-4.1.0/include/osip2/osip.h:305:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[512]; /**< name */
data/libosip2-4.1.0/include/osip2/osip.h:307:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char protocol[64]; /**< transport protocol*/
data/libosip2-4.1.0/include/osip2/osip.h:333:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[512]; /**< domain */
data/libosip2-4.1.0/include/osipparser2/osip_md5.h:70:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[64]; /* input buffer */
data/libosip2-4.1.0/include/osipparser2/osip_port.h:173:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define osip_atoi atoi
data/libosip2-4.1.0/src/osip2/ict_fsm.c:276:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (ack->sip_method, "ACK");
data/libosip2-4.1.0/src/osip2/osip_transaction.c:404:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&transaction->record, record, sizeof (osip_srv_record_t));
data/libosip2-4.1.0/src/osipparser2/osip_body.c:95:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (copy->body, body->body, body->length);
data/libosip2-4.1.0/src/osipparser2/osip_body.c:289:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (body->body, start_of_body, length);
data/libosip2-4.1.0/src/osipparser2/osip_body.c:333:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (body->body, start_of_osip_body_header, end_of_osip_body_header - start_of_osip_body_header);
data/libosip2-4.1.0/src/osipparser2/osip_body.c:438:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp_body, body->body, body->length);
data/libosip2-4.1.0/src/osipparser2/osip_md5c.c:65:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char PADDING[64] = {
data/libosip2-4.1.0/src/osipparser2/osip_md5c.c:165:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
osip_MD5Final (unsigned char digest[16], /* message digest */
data/libosip2-4.1.0/src/osipparser2/osip_md5c.c:169:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bits[8];
data/libosip2-4.1.0/src/osipparser2/osip_md5c.c:195:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
osip_MD5Transform (UINT4 state[4], unsigned char block[64])
data/libosip2-4.1.0/src/osipparser2/osip_md5c.c:331:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) output)[i] = (char) value;
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:728:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[16];
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:735:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tmp, "%i", (int) osip_body_len);
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:753:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp, start_of_body, end_of_body - start_of_body);
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:832:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp, start_of_body, body_len);
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:871:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp, buf, length); /* may contain binary data */
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:79:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_code[5];
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:91:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (status_code, "%u", sip->status_code);
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:351:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (*dest, sip->message, sip->message_length);
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:395:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header_name[30];
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:468:157: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
i = strcat_simple_header (dest, &malloc_size, &message, table[pos].header_data, table[pos].header_name, table[pos].header_length, ((int (*)(void *, char **))
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:470:162: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
i = strcat_headers_one_per_line (dest, &malloc_size, &message, table[pos].header_list, table[pos].header_name, table[pos].header_length, ((int (*)(void *, char **))
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:662:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (message, tmp, body_length);
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:690:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp2[15];
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:702:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sip->message, *dest, total_length);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:258:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open ("/dev/urandom", O_RDONLY);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:376:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi (number);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1038:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_LENGTH_TR];
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1091:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_LENGTH_TR];
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1133:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_LENGTH_TR];
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1164:14: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
size = MultiByteToWideChar (CP_UTF8, 0, buffer, -1, wUnicode, MAX_LENGTH_TR * 2);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1245:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ctx->str + ctx->len, buffer, nc);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1291:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[1024];
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1326:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (mem, &line, 2);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1356:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (mem, &line, 2);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:939:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (&ns[index], "%%%02X", in);
data/libosip2-4.1.0/src/test/tcallid.c:40:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
callids_file = fopen (argv[1], "r");
data/libosip2-4.1.0/src/test/tcontact.c:41:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
contacts_file = fopen (argv[1], "r");
data/libosip2-4.1.0/src/test/tcontentt.c:41:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
content_types_file = fopen (argv[1], "r");
data/libosip2-4.1.0/src/test/tfrom.c:41:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
froms_file = fopen (argv[1], "r");
data/libosip2-4.1.0/src/test/torture.c:120:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
torture_file = fopen (argv[1], "r");
data/libosip2-4.1.0/src/test/torture.c:133:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
msg = read_text (atoi (argv[2]), torture_file);
data/libosip2-4.1.0/src/test/trecordr.c:42:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
record_routes_file = fopen (argv[1], "r");
data/libosip2-4.1.0/src/test/troute.c:42:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
routes_file = fopen (argv[1], "r");
data/libosip2-4.1.0/src/test/tto.c:41:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tos_file = fopen (argv[1], "r");
data/libosip2-4.1.0/src/test/turls.c:43:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
urls_file = fopen (argv[1], "r");
data/libosip2-4.1.0/src/test/tvia.c:42:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vias_file = fopen (argv[1], "r");
data/libosip2-4.1.0/src/test/twwwa.c:42:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
wwwauthenticates_file = fopen (argv[1], "r");
data/libosip2-4.1.0/src/osip2/osip_transaction.c:692:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length_br = strlen (b_origrequest->gvalue);
data/libosip2-4.1.0/src/osip2/osip_transaction.c:693:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length_br2 = strlen (b_request->gvalue);
data/libosip2-4.1.0/src/osipparser2/osip_accept.c:81:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen (accept->type);
data/libosip2-4.1.0/src/osipparser2/osip_accept.c:84:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen (accept->subtype);
data/libosip2-4.1.0/src/osipparser2/osip_accept.c:108:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_accept.c:115:7: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (tmp, " ");
data/libosip2-4.1.0/src/osipparser2/osip_accept.c:127:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_len = strlen (buf) + 4 + strlen (u_param->gname)
data/libosip2-4.1.0/src/osipparser2/osip_accept.c:127:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_len = strlen (buf) + 4 + strlen (u_param->gname)
data/libosip2-4.1.0/src/osipparser2/osip_accept.c:128:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (u_param->gvalue) + 1;
data/libosip2-4.1.0/src/osipparser2/osip_accept.c:132:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = buf + strlen (buf);
data/libosip2-4.1.0/src/osipparser2/osip_accept.c:135:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c:94:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_accept_encoding_params = hvalue + strlen (hvalue);
data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c:120:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (accept_encoding->element) + 2;
data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c:135:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + 2;
data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c:137:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3;
data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c:137:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3;
data/libosip2-4.1.0/src/osipparser2/osip_accept_encoding.c:141:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_authentication_info.c:144:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (space) < 1)
data/libosip2-4.1.0/src/osipparser2/osip_authentication_info.c:264:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (ainfo->nextnonce) + 11;
data/libosip2-4.1.0/src/osipparser2/osip_authentication_info.c:266:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (ainfo->rspauth) + 10;
data/libosip2-4.1.0/src/osipparser2/osip_authentication_info.c:268:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (ainfo->cnonce) + 9;
data/libosip2-4.1.0/src/osipparser2/osip_authentication_info.c:270:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (ainfo->nonce_count) + 5;
data/libosip2-4.1.0/src/osipparser2/osip_authentication_info.c:272:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (ainfo->qop_options) + 6;
data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:216:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (space) < 1)
data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:427:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (auth->auth_type) + 1;
data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:429:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + 10 + strlen (auth->username);
data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:431:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + 8 + strlen (auth->realm);
data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:433:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + 8 + strlen (auth->nonce);
data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:435:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + 6 + strlen (auth->uri);
data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:437:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + 11 + strlen (auth->response);
data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:440:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (auth->digest) + 9;
data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:442:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (auth->algorithm) + 12;
data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:444:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (auth->cnonce) + 9;
data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:446:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + 9 + strlen (auth->opaque);
data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:448:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (auth->nonce_count) + 5;
data/libosip2-4.1.0/src/osipparser2/osip_authorization.c:450:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (auth->message_qop) + 6;
data/libosip2-4.1.0/src/osipparser2/osip_body.c:381:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (length < tmp_body - ptr + strlen (tmp) + 4) {
data/libosip2-4.1.0/src/osipparser2/osip_body.c:385:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = length + strlen (tmp) + 4;
data/libosip2-4.1.0/src/osipparser2/osip_body.c:405:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (length < tmp_body - ptr + strlen (tmp) + 4) {
data/libosip2-4.1.0/src/osipparser2/osip_body.c:409:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = length + strlen (tmp) + 4;
data/libosip2-4.1.0/src/osipparser2/osip_call_id.c:105:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = hvalue + strlen (hvalue);
data/libosip2-4.1.0/src/osipparser2/osip_call_id.c:138:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*dest = (char *) osip_malloc (strlen (callid->number) + 1);
data/libosip2-4.1.0/src/osipparser2/osip_call_id.c:144:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*dest = (char *) osip_malloc (strlen (callid->number) + strlen (callid->host) + 2);
data/libosip2-4.1.0/src/osipparser2/osip_call_id.c:144:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*dest = (char *) osip_malloc (strlen (callid->number) + strlen (callid->host) + 2);
data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:100:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_call_info_params = hvalue + strlen (hvalue);
data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:127:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (call_info->element) + 2;
data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:142:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + 2;
data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:144:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3;
data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:144:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3;
data/libosip2-4.1.0/src/osipparser2/osip_call_info.c:148:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_content_disposition.c:43:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cd_params = hvalue + strlen (hvalue);
data/libosip2-4.1.0/src/osipparser2/osip_content_length.c:71:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (hvalue);
data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:119:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_content_type_params = subtype + strlen (subtype);
data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:155:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (content_type->type) + strlen (content_type->subtype) + 4 /* for '/', ' ', ';' and '\0' */
data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:155:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (content_type->type) + strlen (content_type->subtype) + 4 /* for '/', ' ', ';' and '\0' */
data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:165:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:172:7: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (tmp, " ");
data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:184:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_len = strlen (buf) + 4 + strlen (u_param->gname)
data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:184:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_len = strlen (buf) + 4 + strlen (u_param->gname)
data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:185:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (u_param->gvalue) + 1;
data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:189:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = buf + strlen (buf);
data/libosip2-4.1.0/src/osipparser2/osip_content_type.c:192:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_cseq.c:84:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = hvalue + strlen (hvalue);
data/libosip2-4.1.0/src/osipparser2/osip_cseq.c:149:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (cseq->method) + strlen (cseq->number) + 2;
data/libosip2-4.1.0/src/osipparser2/osip_cseq.c:149:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (cseq->method) + strlen (cseq->number) + 2;
data/libosip2-4.1.0/src/osipparser2/osip_from.c:208:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
url_end = url + strlen (url);
data/libosip2-4.1.0/src/osipparser2/osip_from.c:265:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (url) + 5;
data/libosip2-4.1.0/src/osipparser2/osip_from.c:267:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (url) + strlen (from->displayname) + 5;
data/libosip2-4.1.0/src/osipparser2/osip_from.c:267:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (url) + strlen (from->displayname) + 5;
data/libosip2-4.1.0/src/osipparser2/osip_from.c:294:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + 2;
data/libosip2-4.1.0/src/osipparser2/osip_from.c:296:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3;
data/libosip2-4.1.0/src/osipparser2/osip_from.c:296:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3;
data/libosip2-4.1.0/src/osipparser2/osip_from.c:300:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_from.c:474:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
const char *equal;
data/libosip2-4.1.0/src/osipparser2/osip_from.c:497:21: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (comma - equal < 2)
data/libosip2-4.1.0/src/osipparser2/osip_from.c:499:48: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
pvalue = (char *) osip_malloc (comma - equal);
data/libosip2-4.1.0/src/osipparser2/osip_from.c:530:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
comma = params + strlen (params);
data/libosip2-4.1.0/src/osipparser2/osip_from.c:549:19: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (comma - equal < 2)
data/libosip2-4.1.0/src/osipparser2/osip_from.c:551:46: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
pvalue = (char *) osip_malloc (comma - equal);
data/libosip2-4.1.0/src/osipparser2/osip_header.c:45:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h->hname = (char *) osip_malloc (strlen (hname) + 1);
data/libosip2-4.1.0/src/osipparser2/osip_header.c:51:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_clrncpy (h->hname, hname, strlen (hname));
data/libosip2-4.1.0/src/osipparser2/osip_header.c:54:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h->hvalue = (char *) osip_malloc (strlen (hvalue) + 1);
data/libosip2-4.1.0/src/osipparser2/osip_header.c:59:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_clrncpy (h->hvalue, hvalue, strlen (hvalue));
data/libosip2-4.1.0/src/osipparser2/osip_header.c:88:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h->hname = (char *) osip_malloc (strlen (hname) + 1);
data/libosip2-4.1.0/src/osipparser2/osip_header.c:94:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_clrncpy (h->hname, hname, strlen (hname));
data/libosip2-4.1.0/src/osipparser2/osip_header.c:97:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h->hvalue = (char *) osip_malloc (strlen (hvalue) + 1);
data/libosip2-4.1.0/src/osipparser2/osip_header.c:102:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_clrncpy (h->hvalue, hvalue, strlen (hvalue));
data/libosip2-4.1.0/src/osipparser2/osip_header.c:137:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h->hname = (char *) osip_malloc (strlen (hname) + 1);
data/libosip2-4.1.0/src/osipparser2/osip_header.c:143:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_clrncpy (h->hname, hname, strlen (hname));
data/libosip2-4.1.0/src/osipparser2/osip_header.c:146:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h->hvalue = (char *) osip_malloc (strlen (hvalue) + 1);
data/libosip2-4.1.0/src/osipparser2/osip_header.c:151:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_clrncpy (h->hvalue, hvalue, strlen (hvalue));
data/libosip2-4.1.0/src/osipparser2/osip_header.c:238:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hlen = strlen (header->hname);
data/libosip2-4.1.0/src/osipparser2/osip_header.c:240:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (header->hvalue);
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:266:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char *ptr = buf + strlen (buf);
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:450:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hname_len = strlen (hname);
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:541:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (beg) < 2)
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:575:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (beg) < 2)
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:734:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_body_len = strlen (start_of_body);
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:776:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (ct_param->gvalue);
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:783:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (sep_boundary, ct_param->gvalue + 1, len - 2);
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:785:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (sep_boundary, ct_param->gvalue, len);
data/libosip2-4.1.0/src/osipparser2/osip_message_parse.c:788:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_sep_boundary = strlen (sep_boundary);
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:54:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*dest = (char *) osip_malloc (strlen (sip->sip_method)
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:55:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (rquri) + strlen (sip_version) + 3);
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:55:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (rquri) + strlen (sip_version) + 3);
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:93:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*dest = (char *) osip_malloc (strlen (sip_version)
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:94:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ 3 + strlen (sip->reason_phrase) + 4);
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:191:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*malloc_size < message - string + strlen (tmp) + 100) {
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:194:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*malloc_size = message - string + strlen (tmp) + 100;
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:257:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
message = message + strlen (message);
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:259:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*malloc_size < message - string + strlen (tmp) + 100) {
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:262:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*malloc_size = message - string + strlen (tmp) + 100;
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:381:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t message_len = strlen(tmp);
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:496:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header_len = strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:592:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (ct_param->gvalue);
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:695:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (content_length_to_modify + 5 - strlen (tmp2), tmp2, strlen (tmp2));
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:695:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy (content_length_to_modify + 5 - strlen (tmp2), tmp2, strlen (tmp2));
data/libosip2-4.1.0/src/osipparser2/osip_message_to_str.c:695:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy (content_length_to_modify + 5 - strlen (tmp2), tmp2, strlen (tmp2));
data/libosip2-4.1.0/src/osipparser2/osip_port.c:264:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read (fd, &r, sizeof (r));
data/libosip2-4.1.0/src/osipparser2/osip_port.c:338:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (dest, src, length);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:353:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (ch);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:450:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *copy = (char *) osip_malloc (strlen (ch) + 1);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:457:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_strncpy (copy, ch + 1, strlen (ch + 1));
data/libosip2-4.1.0/src/osipparser2/osip_port.c:458:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_strncpy (copy + strlen (copy) - 1, "\0", 1);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:461:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_strncpy (copy, ch, strlen (ch));
data/libosip2-4.1.0/src/osipparser2/osip_port.c:474:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (word);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:534:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (needle);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:560:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (word);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:727:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = rtn = osip_malloc (strlen (s) * 2 + 3);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:762:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (s);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1297:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vsprintf (&(buffer[strlen (buffer)]), fmt, ap);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1299:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
retval = strlen (buffer);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1327:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (s = file + strlen (file); s != file; s--) {
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1333:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy ((char *) mem + 2, s, 18);
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1358:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (s = file + strlen (file); s != file; s--) {
data/libosip2-4.1.0/src/osipparser2/osip_port.c:1364:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy ((char *) mem + 2, s, 18);
data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:105:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (url) + 5;
data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:107:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (url) + strlen (record_route->displayname) + 5;
data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:107:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (url) + strlen (record_route->displayname) + 5;
data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:132:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + 2;
data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:134:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3;
data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:134:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3;
data/libosip2-4.1.0/src/osipparser2/osip_record_route.c:138:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:127:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (url->scheme) < 3 || (0 != osip_strncasecmp (url->scheme, "sip", 3)
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:129:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t i = strlen (tmp + 1);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:193:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
headers = buf + strlen (buf);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:343:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:365:17: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (and - equal < 2) {
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:369:44: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
hvalue = (char *) osip_malloc (and - equal);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:378:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (headers + strlen (headers) - equal + 1 < 2) {
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:382:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hvalue = (char *) osip_malloc (headers + strlen (headers) - equal + 1);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:387:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_strncpy (hvalue, equal + 1, headers + strlen (headers) - equal);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:387:69: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
osip_strncpy (hvalue, equal + 1, headers + strlen (headers) - equal);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:409:10: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while (equal != NULL);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:421:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
const char *equal;
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:435:19: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (comma - equal < 2)
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:437:46: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
pvalue = (char *) osip_malloc (comma - equal);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:469:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
comma = params + strlen (params);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:476:17: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (comma - equal < 2)
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:478:44: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
pvalue = (char *) osip_malloc (comma - equal);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:529:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = (char *) osip_malloc (strlen (scheme) + strlen (url->string) + 3);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:529:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = (char *) osip_malloc (strlen (scheme) + strlen (url->string) + 3);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:534:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = buf + strlen (scheme) + 1;
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:539:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (scheme) + 1 + strlen (url->host) + 5;
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:539:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (scheme) + 1 + strlen (url->host) + 5;
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:541:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + (strlen (url->username) * 3) + 1; /* count escaped char */
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:543:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + (strlen (url->password) * 3) + 1;
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:545:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (url->port) + 3;
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:553:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:565:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:577:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:580:5: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (tmp, "@");
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:585:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:589:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:593:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:613:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (tmp1) + 2;
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:621:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (tmp1) + strlen (tmp2) + 3;
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:621:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (tmp1) + strlen (tmp2) + 3;
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:633:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:669:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (tmp1) + strlen (tmp2) + 4;
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:669:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (tmp1) + strlen (tmp2) + 4;
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:681:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:840:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pname_len = strlen (pname);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:847:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (u_param->gname);
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:848:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pname_len == len && osip_strncasecmp (u_param->gname, pname, strlen (pname)) == 0) {
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:899:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t alloc = strlen (string) + 1;
data/libosip2-4.1.0/src/osipparser2/osip_uri.c:985:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t alloc = strlen (string) + 1;
data/libosip2-4.1.0/src/osipparser2/osip_via.c:163:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (host) == 1)
data/libosip2-4.1.0/src/osipparser2/osip_via.c:198:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
comment = host + strlen (host);
data/libosip2-4.1.0/src/osipparser2/osip_via.c:289:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (via->version) + 1 + strlen (via->protocol) + 1 + 3 + 2; /* sip/xxx/xxx */
data/libosip2-4.1.0/src/osipparser2/osip_via.c:289:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (via->version) + 1 + strlen (via->protocol) + 1 + 3 + 2; /* sip/xxx/xxx */
data/libosip2-4.1.0/src/osipparser2/osip_via.c:290:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (via->host) + 3 + 1;
data/libosip2-4.1.0/src/osipparser2/osip_via.c:292:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (via->port) + 2;
data/libosip2-4.1.0/src/osipparser2/osip_via.c:321:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + 2;
data/libosip2-4.1.0/src/osipparser2/osip_via.c:323:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3;
data/libosip2-4.1.0/src/osipparser2/osip_via.c:323:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (u_param->gname) + strlen (u_param->gvalue) + 3;
data/libosip2-4.1.0/src/osipparser2/osip_via.c:327:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_via.c:337:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (via->comment) + 4;
data/libosip2-4.1.0/src/osipparser2/osip_via.c:340:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = tmp + strlen (tmp);
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:78:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (str) <= strlen (name))
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:78:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (str) <= strlen (name))
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:80:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (osip_strncasecmp (name, str, strlen (name)) == 0) {
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:91:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((size_t) (hack - str) != strlen (name)) {
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:171:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (str) < 6)
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:180:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (osip_strncasecmp (name, str, strlen (name)) == 0) {
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:185:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = str + strlen (str); /* This is the end of the header */
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:317:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (space) < 1)
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:473:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (wwwa->auth_type) + 1;
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:476:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (wwwa->realm) + 7;
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:478:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (wwwa->nonce) + 8;
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:481:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (wwwa->domain) + 9;
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:483:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (wwwa->opaque) + 9;
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:485:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (wwwa->stale) + 8;
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:487:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (wwwa->algorithm) + 12;
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:489:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = len + strlen (wwwa->qop_options) + 6;
data/libosip2-4.1.0/src/osipparser2/osip_www_authenticate.c:529:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (wwwa->auth_type);
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:326:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = (int) strlen (string_osip_to_append);
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:337:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return cur + strlen (cur);
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:343:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:349:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:349:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:358:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 'v')
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:384:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:393:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:393:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:399:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 'o')
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:475:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:481:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:481:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:487:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 's')
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:529:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:537:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:537:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:543:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 'i')
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:587:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:593:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:593:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:599:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 'u')
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:628:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:635:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:635:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:641:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 'e')
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:672:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:679:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:679:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:685:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 'p')
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:716:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:726:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:726:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:732:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 'c')
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:844:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:854:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:854:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:860:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 'b')
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:918:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:928:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:928:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:934:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 't')
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:981:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:990:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:990:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:996:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 'r')
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1032:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1039:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1039:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1045:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 'z')
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1075:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1086:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1086:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1092:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 'k')
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1165:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1176:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1176:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1182:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 'a')
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1256:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char *equal;
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1268:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1268:31: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while ((*equal != '=') && (*equal != '\0'))
data/libosip2-4.1.0/src/osipparser2/sdp_message.c:1274:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal[-1] != 'm')
data/libosip2-4.1.0/src/test/tcallid.c:53:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy (a_callid + strlen (a_callid) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/tcallid.c:53:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy (a_callid + strlen (a_callid) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/tcontact.c:54:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy (a_contact + strlen (a_contact) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/tcontact.c:54:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy (a_contact + strlen (a_contact) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/tcontentt.c:54:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy (a_content_type + strlen (a_content_type) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/tcontentt.c:54:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy (a_content_type + strlen (a_content_type) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/tfrom.c:54:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy (a_from + strlen (a_from) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/tfrom.c:54:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy (a_from + strlen (a_from) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/torture.c:83:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_strncpy (tmpmsg, tmp, strlen (tmp));
data/libosip2-4.1.0/src/test/torture.c:84:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpmsg = tmpmsg + strlen (tmp);
data/libosip2-4.1.0/src/test/torture.c:136:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (msg);
data/libosip2-4.1.0/src/test/trecordr.c:55:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy (a_record_route + strlen (a_record_route) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/trecordr.c:55:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy (a_record_route + strlen (a_record_route) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/troute.c:55:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy (a_route + strlen (a_route) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/troute.c:55:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy (a_route + strlen (a_route) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/tto.c:54:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy (a_to + strlen (a_to) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/tto.c:54:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy (a_to + strlen (a_to) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/turls.c:55:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_strncpy (a_url + strlen (a_url) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/tvia.c:55:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osip_strncpy (a_via + strlen (a_via) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/twwwa.c:55:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy (a_wwwauthenticate + strlen (a_wwwauthenticate) - 1, "\0", 1);
data/libosip2-4.1.0/src/test/twwwa.c:55:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy (a_wwwauthenticate + strlen (a_wwwauthenticate) - 1, "\0", 1);
ANALYSIS SUMMARY:
Hits = 407
Lines analyzed = 32762 in approximately 0.96 seconds (34256 lines/second)
Physical Source Lines of Code (SLOC) = 20434
Hits@level = [0] 156 [1] 299 [2] 55 [3] 6 [4] 47 [5] 0
Hits@level+ = [0+] 563 [1+] 407 [2+] 108 [3+] 53 [4+] 47 [5+] 0
Hits/KSLOC@level+ = [0+] 27.5521 [1+] 19.9178 [2+] 5.28531 [3+] 2.59372 [4+] 2.30009 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.