Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libpcap-1.9.1/pcap-rdmasniff.c Examining data/libpcap-1.9.1/ftmacros.h Examining data/libpcap-1.9.1/pcap-snf.c Examining data/libpcap-1.9.1/nlpid.h Examining data/libpcap-1.9.1/pcap-dbus.c Examining data/libpcap-1.9.1/msdos/pktdrvr.c Examining data/libpcap-1.9.1/msdos/bin2c.c Examining data/libpcap-1.9.1/msdos/pktdrvr.h Examining data/libpcap-1.9.1/pcap-bpf.h Examining data/libpcap-1.9.1/pcap.h Examining data/libpcap-1.9.1/varattrs.h Examining data/libpcap-1.9.1/optimize.c Examining data/libpcap-1.9.1/pcap-dos.c Examining data/libpcap-1.9.1/nametoaddr.c Examining data/libpcap-1.9.1/pcap.c Examining data/libpcap-1.9.1/pcap-null.c Examining data/libpcap-1.9.1/pcap-bt-linux.c Examining data/libpcap-1.9.1/fad-getad.c Examining data/libpcap-1.9.1/lbl/os-aix7.h Examining data/libpcap-1.9.1/lbl/os-hpux11.h Examining data/libpcap-1.9.1/lbl/os-solaris2.h Examining data/libpcap-1.9.1/lbl/os-sunos4.h Examining data/libpcap-1.9.1/lbl/os-osf5.h Examining data/libpcap-1.9.1/lbl/os-aix4.h Examining data/libpcap-1.9.1/lbl/os-osf4.h Examining data/libpcap-1.9.1/lbl/os-ultrix4.h Examining data/libpcap-1.9.1/sf-pcap.c Examining data/libpcap-1.9.1/pcap-snoop.c Examining data/libpcap-1.9.1/pcap-rpcap.c Examining data/libpcap-1.9.1/pcap-snf.h Examining data/libpcap-1.9.1/pcap-bt-monitor-linux.c Examining data/libpcap-1.9.1/pcap-dos.h Examining data/libpcap-1.9.1/sockutils.h Examining data/libpcap-1.9.1/bpf_dump.c Examining data/libpcap-1.9.1/nametoaddr.h Examining data/libpcap-1.9.1/pcap-sita.h Examining data/libpcap-1.9.1/pcap-dag.c Examining data/libpcap-1.9.1/ieee80211.h Examining data/libpcap-1.9.1/pcap-namedb.h Examining data/libpcap-1.9.1/fad-gifc.c Examining data/libpcap-1.9.1/testprogs/capturetest.c Examining data/libpcap-1.9.1/testprogs/can_set_rfmon_test.c Examining data/libpcap-1.9.1/testprogs/threadsignaltest.c Examining data/libpcap-1.9.1/testprogs/opentest.c Examining data/libpcap-1.9.1/testprogs/selpolltest.c Examining data/libpcap-1.9.1/testprogs/unix.h Examining data/libpcap-1.9.1/testprogs/valgrindtest.c Examining data/libpcap-1.9.1/testprogs/reactivatetest.c Examining data/libpcap-1.9.1/testprogs/findalldevstest.c Examining data/libpcap-1.9.1/testprogs/filtertest.c Examining data/libpcap-1.9.1/pcap/usb.h Examining data/libpcap-1.9.1/pcap/compiler-tests.h Examining data/libpcap-1.9.1/pcap/pcap-inttypes.h Examining data/libpcap-1.9.1/pcap/namedb.h Examining data/libpcap-1.9.1/pcap/pcap.h Examining data/libpcap-1.9.1/pcap/bpf.h Examining data/libpcap-1.9.1/pcap/vlan.h Examining data/libpcap-1.9.1/pcap/ipnet.h Examining data/libpcap-1.9.1/pcap/funcattrs.h Examining data/libpcap-1.9.1/pcap/socket.h Examining data/libpcap-1.9.1/pcap/nflog.h Examining data/libpcap-1.9.1/pcap/can_socketcan.h Examining data/libpcap-1.9.1/pcap/bluetooth.h Examining data/libpcap-1.9.1/pcap/sll.h Examining data/libpcap-1.9.1/pcap/dlt.h Examining data/libpcap-1.9.1/pcap-netfilter-linux.c Examining data/libpcap-1.9.1/portability.h Examining data/libpcap-1.9.1/pcap-int.h Examining data/libpcap-1.9.1/llc.h Examining data/libpcap-1.9.1/pcap-rpcap-int.h Examining data/libpcap-1.9.1/sf-pcapng.h Examining data/libpcap-1.9.1/atmuni31.h Examining data/libpcap-1.9.1/pcap-bt-linux.h Examining data/libpcap-1.9.1/rpcap-protocol.h Examining data/libpcap-1.9.1/pcap-bt-monitor-linux.h Examining data/libpcap-1.9.1/rpcap-protocol.c Examining data/libpcap-1.9.1/ethertype.h Examining data/libpcap-1.9.1/pcap-usb-linux.h Examining data/libpcap-1.9.1/pcap-dbus.h Examining data/libpcap-1.9.1/fmtutils.c Examining data/libpcap-1.9.1/pcap-pf.c Examining data/libpcap-1.9.1/etherent.c Examining data/libpcap-1.9.1/bpf_filter.c Examining data/libpcap-1.9.1/pcap-dag.h Examining data/libpcap-1.9.1/gencode.h Examining data/libpcap-1.9.1/sf-pcapng.c Examining data/libpcap-1.9.1/pcap-septel.h Examining data/libpcap-1.9.1/pcap-npf.c Examining data/libpcap-1.9.1/pcap-sita.c Examining data/libpcap-1.9.1/cmake/have_siocglifconf.c Examining data/libpcap-1.9.1/fmtutils.h Examining data/libpcap-1.9.1/sf-pcap.h Examining data/libpcap-1.9.1/arcnet.h Examining data/libpcap-1.9.1/pcap-common.h Examining data/libpcap-1.9.1/pcap-types.h Examining data/libpcap-1.9.1/pcap-netmap.c Examining data/libpcap-1.9.1/pcap-libdlpi.c Examining data/libpcap-1.9.1/pcap-tc.h Examining data/libpcap-1.9.1/pcap-tc.c Examining data/libpcap-1.9.1/pcap-netfilter-linux.h Examining data/libpcap-1.9.1/missing/strtok_r.c Examining data/libpcap-1.9.1/missing/win_asprintf.c Examining data/libpcap-1.9.1/missing/snprintf.c Examining data/libpcap-1.9.1/missing/win_snprintf.c Examining data/libpcap-1.9.1/missing/getopt.c Examining data/libpcap-1.9.1/missing/strlcat.c Examining data/libpcap-1.9.1/missing/asprintf.c Examining data/libpcap-1.9.1/missing/getopt.h Examining data/libpcap-1.9.1/missing/strlcpy.c Examining data/libpcap-1.9.1/pcap-dlpi.c Examining data/libpcap-1.9.1/fad-glifc.c Examining data/libpcap-1.9.1/pcap-netmap.h Examining data/libpcap-1.9.1/pcap-enet.c Examining data/libpcap-1.9.1/pcap-new.c Examining data/libpcap-1.9.1/bpf_image.c Examining data/libpcap-1.9.1/sunatmpos.h Examining data/libpcap-1.9.1/extract.h Examining data/libpcap-1.9.1/ppp.h Examining data/libpcap-1.9.1/dlpisubs.c Examining data/libpcap-1.9.1/pcap-rpcap.h Examining data/libpcap-1.9.1/gencode.c Examining data/libpcap-1.9.1/pcap-common.c Examining data/libpcap-1.9.1/optimize.h Examining data/libpcap-1.9.1/pcap-linux.c Examining data/libpcap-1.9.1/pcap-nit.c Examining data/libpcap-1.9.1/sockutils.c Examining data/libpcap-1.9.1/pcap-snit.c Examining data/libpcap-1.9.1/pcap-rdmasniff.h Examining data/libpcap-1.9.1/savefile.c Examining data/libpcap-1.9.1/diag-control.h Examining data/libpcap-1.9.1/rpcapd/log.h Examining data/libpcap-1.9.1/rpcapd/log.c Examining data/libpcap-1.9.1/rpcapd/win32-svc.h Examining data/libpcap-1.9.1/rpcapd/fileconf.h Examining data/libpcap-1.9.1/rpcapd/win32-svc.c Examining data/libpcap-1.9.1/rpcapd/fileconf.c Examining data/libpcap-1.9.1/rpcapd/rpcapd.h Examining data/libpcap-1.9.1/rpcapd/daemon.c Examining data/libpcap-1.9.1/rpcapd/config_params.h Examining data/libpcap-1.9.1/rpcapd/rpcapd.c Examining data/libpcap-1.9.1/rpcapd/daemon.h Examining data/libpcap-1.9.1/pcap-septel.c Examining data/libpcap-1.9.1/dlpisubs.h Examining data/libpcap-1.9.1/pcap-usb-linux.c Examining data/libpcap-1.9.1/pcap-hurd.c Examining data/libpcap-1.9.1/pcap-bpf.c FINAL RESULTS: data/libpcap-1.9.1/lbl/os-sunos4.h:129:5: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. int readlink(const char *, char *, int); data/libpcap-1.9.1/pcap-linux.c:607:15: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. bytes_read = readlink(pathstr, phydev_path, phydev_max_pathlen); data/libpcap-1.9.1/lbl/os-sunos4.h:29:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int fprintf(FILE *, const char *, ...); data/libpcap-1.9.1/lbl/os-sunos4.h:40:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int vfprintf(FILE *, const char *, ...); data/libpcap-1.9.1/lbl/os-sunos4.h:41:5: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int vprintf(const char *, ...); data/libpcap-1.9.1/lbl/os-sunos4.h:62:7: [4] (crypto) crypt: The crypt functions use a poor one-way hashing algorithm; since they only accept passwords of 8 characters or fewer and only a two-byte salt, they are excessively vulnerable to dictionary attacks given today's faster computing equipment (CWE-327). Use a different algorithm, such as SHA-256, with a larger, non-repeating salt. char *crypt(const char *, const char *); data/libpcap-1.9.1/lbl/os-sunos4.h:92:7: [4] (misc) getpass: This function is obsolete and not portable. It was in SUSv2 but removed by POSIX.2. What it does exactly varies considerably between systems, particularly in where its prompt is displayed and where it gets its data (e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do exactly what you want. If you continue to use it, or write your own, be sure to zero the password as soon as possible to avoid leaving the cleartext password visible in the process' address space. char *getpass(char *); data/libpcap-1.9.1/lbl/os-sunos4.h:122:7: [4] (tmpfile) mktemp: Temporary file race condition (CWE-377). char *mktemp(char *); data/libpcap-1.9.1/lbl/os-sunos4.h:126:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int printf(const char *, ...); data/libpcap-1.9.1/lbl/os-sunos4.h:163:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. int sscanf(char *, const char *, ...); data/libpcap-1.9.1/lbl/os-sunos4.h:175:6: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. void syslog(int, const char *, ...); data/libpcap-1.9.1/lbl/os-sunos4.h:176:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int system(const char *); data/libpcap-1.9.1/lbl/os-sunos4.h:185:5: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. int vsprintf(char *, const char *, ...); data/libpcap-1.9.1/missing/asprintf.c:64:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = vsnprintf(&buf, sizeof buf, format, args); data/libpcap-1.9.1/missing/asprintf.c:75:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = vsnprintf(str, str_size, format, args); data/libpcap-1.9.1/missing/snprintf.c:511:12: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. ret2 = vsprintf (tmp, format, args); data/libpcap-1.9.1/msdos/bin2c.c:10:3: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf (stderr, fmt, args); data/libpcap-1.9.1/pcap-bpf.c:1842:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(wltdev, p->opt.device + 2); data/libpcap-1.9.1/pcap-bpf.c:2617:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(en_name, name + 3); data/libpcap-1.9.1/pcap-bt-linux.c:195:6: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if (sscanf(handle->opt.device, BT_IFACE"%d", &dev_id) != 1) data/libpcap-1.9.1/pcap-dos.c:696:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (ebuf, pktInfo.error); data/libpcap-1.9.1/pcap-septel.c:309:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(p->errbuf, PCAP_ERRBUF_SIZE, "Non-blocking mode not supported on Septel devices"); data/libpcap-1.9.1/pcap-septel.c:316:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(p->errbuf, PCAP_ERRBUF_SIZE, "Non-blocking mode not supported on Septel devices"); data/libpcap-1.9.1/pcap-sita.c:300:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ptr2, ptr); /* copy the IP address into our malloc'ed memory */ data/libpcap-1.9.1/pcap-sita.c:443:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(name, IOPname); /* and copy it in */ data/libpcap-1.9.1/pcap-sita.c:487:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(name, buf); /* and copy it in */ data/libpcap-1.9.1/pcap-sita.c:713:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(iff->name, newname); /* to this new name */ data/libpcap-1.9.1/pcap-tc.c:523:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newIf->name, name); data/libpcap-1.9.1/pcap-tc.c:524:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newIf->description, description); data/libpcap-1.9.1/pcap-usb-linux.c:628:6: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. if (sscanf(handle->opt.device, USB_IFACE"%d", &handlep->bus_index) != 1) data/libpcap-1.9.1/pcap-usb-linux.c:865:8: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. ret = sscanf(string, "%x %d %c %c%c:%d:%d %s%n", &tag, ×tamp, &etype, data/libpcap-1.9.1/pcap-usb-linux.c:931:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. ret = sscanf(string, "%s %s %s %s %s%n", str1, str2, str3, str4, data/libpcap-1.9.1/pcap-usb-linux.c:1090:10: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. ntok = sscanf(ptr, "%s%n", token, &cnt); data/libpcap-1.9.1/portability.h:122:23: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define pcap_snprintf snprintf data/libpcap-1.9.1/portability.h:129:24: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define pcap_vsnprintf vsnprintf data/libpcap-1.9.1/rpcapd/daemon.c:1202:6: [4] (access) ImpersonateLoggedOnUser: If this call fails, the program could fail to drop heightened privileges (CWE-250). Make sure the return value is checked, and do not continue if a failure is reported. if (ImpersonateLoggedOnUser(Token) == 0) data/libpcap-1.9.1/rpcapd/daemon.c:1278:19: [4] (crypto) crypt: The crypt functions use a poor one-way hashing algorithm; since they only accept passwords of 8 characters or fewer and only a two-byte salt, they are excessively vulnerable to dictionary attacks given today's faster computing equipment (CWE-327). Use a different algorithm, such as SHA-256, with a larger, non-repeating salt. crypt_password = crypt(password, user_password); data/libpcap-1.9.1/rpcapd/log.c:83:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, message, ap); data/libpcap-1.9.1/rpcapd/log.c:160:2: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(msgbuf, message, ap); data/libpcap-1.9.1/testprogs/can_set_rfmon_test.c:87:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/libpcap-1.9.1/testprogs/capturetest.c:239:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/libpcap-1.9.1/testprogs/capturetest.c:258:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/libpcap-1.9.1/testprogs/filtertest.c:131:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/libpcap-1.9.1/testprogs/filtertest.c:150:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/libpcap-1.9.1/testprogs/filtertest.c:351:8: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)fprintf(stderr, data/libpcap-1.9.1/testprogs/findalldevstest.c:59:1: [4] (misc) getpass: This function is obsolete and not portable. It was in SUSv2 but removed by POSIX.2. What it does exactly varies considerably between systems, particularly in where its prompt is displayed and where it gets its data (e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do exactly what you want. If you continue to use it, or write your own, be sure to zero the password as soon as possible to avoid leaving the cleartext password visible in the process' address space. getpass(const char *prompt) data/libpcap-1.9.1/testprogs/findalldevstest.c:125:18: [4] (misc) getpass: This function is obsolete and not portable. It was in SUSv2 but removed by POSIX.2. What it does exactly varies considerably between systems, particularly in where its prompt is displayed and where it gets its data (e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do exactly what you want. If you continue to use it, or write your own, be sure to zero the password as soon as possible to avoid leaving the cleartext password visible in the process' address space. password = getpass("Password: "); data/libpcap-1.9.1/testprogs/opentest.c:210:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/libpcap-1.9.1/testprogs/opentest.c:229:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/libpcap-1.9.1/testprogs/reactivatetest.c:79:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/libpcap-1.9.1/testprogs/selpolltest.c:383:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/libpcap-1.9.1/testprogs/selpolltest.c:402:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/libpcap-1.9.1/testprogs/threadsignaltest.c:333:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/libpcap-1.9.1/testprogs/threadsignaltest.c:352:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/libpcap-1.9.1/testprogs/valgrindtest.c:164:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/libpcap-1.9.1/testprogs/valgrindtest.c:183:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void)vfprintf(stderr, fmt, ap); data/libpcap-1.9.1/lbl/os-sunos4.h:58:5: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. int chroot(const char *); data/libpcap-1.9.1/lbl/os-sunos4.h:90:5: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. int getopt(int, char * const *, const char *); data/libpcap-1.9.1/lbl/os-sunos4.h:107:7: [3] (buffer) getwd: This does not protect against buffer overflows by itself, so use with caution (CWE-120, CWE-20). Use getcwd instead. char *getwd(char *); data/libpcap-1.9.1/lbl/os-sunos4.h:128:6: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. long random(void); data/libpcap-1.9.1/lbl/os-sunos4.h:162:6: [3] (random) srandom: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. void srandom(int); data/libpcap-1.9.1/lbl/os-ultrix4.h:26:5: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. int getopt(int, char * const *, const char *); data/libpcap-1.9.1/missing/getopt.c:59:1: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. getopt(int nargc, char * const *nargv, const char *ostr) data/libpcap-1.9.1/missing/getopt.h:7:12: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. extern int getopt(int nargc, char * const *nargv, const char *ostr); data/libpcap-1.9.1/pcap-dag.c:934:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((s = getenv("ERF_FCS_BITS")) != NULL) { data/libpcap-1.9.1/pcap-dag.c:948:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((s = getenv("ERF_DONT_STRIP_FCS")) != NULL) { data/libpcap-1.9.1/pcap-dlpi.c:807:6: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. getenv("BUFMOD_FIXED") == NULL) { data/libpcap-1.9.1/pcap-dos.c:968:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. env = getenv ("PCAP_TRACE"); data/libpcap-1.9.1/pcap-snf.c:262:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((nr = getenv("SNF_FLAGS")) && *nr) data/libpcap-1.9.1/pcap-snf.c:264:17: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. else if ((nr = getenv("SNF_NUM_RINGS")) && *nr && atoi(nr) > 1) data/libpcap-1.9.1/pcap-snf.c:288:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((nr = getenv("SNF_PCAP_RING_ID")) && *nr) { data/libpcap-1.9.1/pcap-snf.c:369:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((nr = getenv("SNF_FLAGS")) && *nr) { data/libpcap-1.9.1/pcap-tc.c:296:13: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. hModule = LoadLibrary(fullFileName); data/libpcap-1.9.1/rpcapd/rpcapd.c:194:19: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((retval = getopt(argc, argv, "b:dDhip:4l:na:s:f:v")) != -1) data/libpcap-1.9.1/testprogs/capturetest.c:86:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((op = getopt(argc, argv, "i:mnt:")) != -1) { data/libpcap-1.9.1/testprogs/filtertest.c:229:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((op = getopt(argc, argv, "dF:gm:Os:")) != -1) { data/libpcap-1.9.1/testprogs/opentest.c:80:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((op = getopt(argc, argv, "i:Ips:aB:")) != -1) { data/libpcap-1.9.1/testprogs/selpolltest.c:94:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((op = getopt(argc, argv, "i:sptn")) != -1) { data/libpcap-1.9.1/testprogs/threadsignaltest.c:203:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((op = getopt(argc, argv, "i:")) != -1) { data/libpcap-1.9.1/testprogs/valgrindtest.c:261:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((op = getopt(argc, argv, "aF:i:I")) != -1) { data/libpcap-1.9.1/bpf_image.c:41:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char image[256]; data/libpcap-1.9.1/bpf_image.c:42:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char operand_buf[64]; data/libpcap-1.9.1/dlpisubs.c:163:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sbp, bufp, sizeof(*sbp)); data/libpcap-1.9.1/fmtutils.c:114:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strerror_buf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/fmtutils.c:161:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char win32_errbuf[PCAP_ERRBUF_SIZE+1]; data/libpcap-1.9.1/lbl/os-sunos4.h:56:6: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. void bcopy(const void *, void *, u_int); data/libpcap-1.9.1/lbl/os-sunos4.h:121:5: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). int mkstemp(char *); data/libpcap-1.9.1/lbl/os-sunos4.h:184:5: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. int vfork(void); data/libpcap-1.9.1/lbl/os-ultrix4.h:24:6: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. void bcopy(const void *, void *, u_int); data/libpcap-1.9.1/msdos/bin2c.c:25:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((inFile = fopen(argv[1],"rb")) == NULL) data/libpcap-1.9.1/msdos/pktdrvr.c:116:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char pktTemp[20]; /* PktDrvr temp area */ data/libpcap-1.9.1/msdos/pktdrvr.c:124:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define memcpy __memcpy__ data/libpcap-1.9.1/msdos/pktdrvr.c:362:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char str[12]; /* 3 + strlen("PKT DRVR") */ data/libpcap-1.9.1/msdos/pktdrvr.c:363:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pktStr[9] = "PKT DRVR"; /* ASCIIZ string at ofs 3 */ data/libpcap-1.9.1/msdos/pktdrvr.c:458:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ((void*)(realBase+pktTxBuf), eth, len); data/libpcap-1.9.1/msdos/pktdrvr.c:463:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&pktTxBuf, eth, len); data/libpcap-1.9.1/msdos/pktdrvr.c:663:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (addr, (void*)(realBase+pktTemp), sizeof(*addr)); data/libpcap-1.9.1/msdos/pktdrvr.c:666:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ((void*)addr, &pktTemp, sizeof(*addr)); data/libpcap-1.9.1/msdos/pktdrvr.c:685:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ((void*)(realBase+pktTemp), addr, sizeof(*addr)); data/libpcap-1.9.1/msdos/pktdrvr.c:688:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&pktTemp, (void*)addr, sizeof(*addr)); data/libpcap-1.9.1/msdos/pktdrvr.c:763:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&pktInfo.majVer, (void*)DOS_ADDR(reg.r_es,reg.r_di), PKT_PARAM_SIZE); data/libpcap-1.9.1/msdos/pktdrvr.c:909:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, (const void*)(realBase+ofs+6), len); data/libpcap-1.9.1/msdos/pktdrvr.c:1155:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ((void*)realBase, &real_stub_array, sizeof(real_stub_array)); data/libpcap-1.9.1/msdos/pktdrvr.h:44:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[8]; data/libpcap-1.9.1/nametoaddr.c:107:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ether_addr_octet[6]; data/libpcap-1.9.1/nametoaddr.c:230:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; /* arbitrary size */ data/libpcap-1.9.1/nametoaddr.c:263:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; /* arbitrary size */ data/libpcap-1.9.1/nametoaddr.c:503:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; /* arbitrary size */ data/libpcap-1.9.1/nametoaddr.c:519:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; /* arbitrary size */ data/libpcap-1.9.1/nametoaddr.c:737:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(PCAP_ETHERS_FILE, "r"); data/libpcap-1.9.1/nametoaddr.c:750:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ap, ep->addr, 6); data/libpcap-1.9.1/nametoaddr.c:773:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)ap, (char *)a, 6); data/libpcap-1.9.1/nametoaddr.c:793:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)res, (char *)nep->n_addr, sizeof(unsigned short)); data/libpcap-1.9.1/optimize.c:1399:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)b->val, (char *)p->pred->val, sizeof(b->val)); data/libpcap-1.9.1/optimize.c:2536:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p->fcode.bf_insns, fp->bf_insns, prog_size); data/libpcap-1.9.1/optimize.c:2651:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/pcap-bpf.c:484:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char device[sizeof "/dev/bpf0000000000"]; data/libpcap-1.9.1/pcap-bpf.c:504:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). (fd = open(cloning_device, O_RDWR)) == -1 && data/libpcap-1.9.1/pcap-bpf.c:506:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). (fd = open(cloning_device, O_RDONLY)) == -1)) { data/libpcap-1.9.1/pcap-bpf.c:541:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(device, O_RDWR); data/libpcap-1.9.1/pcap-bpf.c:543:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(device, O_RDONLY); data/libpcap-1.9.1/pcap-bpf.c:1313:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/libpcap-1.9.1/pcap-bpf.c:1725:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path_zname[ZONENAME_MAX]; data/libpcap-1.9.1/pcap-bpf.c:1841:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(wltdev, "wlt"); data/libpcap-1.9.1/pcap-bpf.c:2582:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/pcap-bpf.c:2616:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(en_name, "en"); data/libpcap-1.9.1/pcap-bpf.c:2719:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(name, usbus_prefix, USBUS_PREFIX_LEN); data/libpcap-1.9.1/pcap-bpf.c:2720:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(name + USBUS_PREFIX_LEN, usbitem->d_name, busnumlen); data/libpcap-1.9.1/pcap-bt-linux.c:113:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dev_name[20], dev_descr[40]; data/libpcap-1.9.1/pcap-bt-linux.c:356:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&in, CMSG_DATA(cmsg), sizeof in); data/libpcap-1.9.1/pcap-bt-linux.c:359:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&pkth.ts, CMSG_DATA(cmsg), data/libpcap-1.9.1/pcap-dag.c:202:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char TempPkt[MAX_DAG_PACKET]; data/libpcap-1.9.1/pcap-dag.c:614:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(TempPkt+MTP2_HDR_LEN, dp, caplen); data/libpcap-1.9.1/pcap-dag.c:935:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ((n = atoi(s)) == 0 || n == 16 || n == 32) { data/libpcap-1.9.1/pcap-dag.c:1138:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[12]; /* XXX - pick a size */ data/libpcap-1.9.1/pcap-dag.c:1140:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dagname[DAGNAME_BUFSIZE]; data/libpcap-1.9.1/pcap-dlpi.c:351:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dname[100]; data/libpcap-1.9.1/pcap-dlpi.c:357:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dname2[100]; data/libpcap-1.9.1/pcap-dlpi.c:391:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(cp, O_RDWR)) < 0) { data/libpcap-1.9.1/pcap-dlpi.c:439:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(dname, O_RDWR)) < 0) { data/libpcap-1.9.1/pcap-dlpi.c:451:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(dname2, O_RDWR)) < 0) { data/libpcap-1.9.1/pcap-dlpi.c:513:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char release[GET_RELEASE_BUFSIZE]; data/libpcap-1.9.1/pcap-dlpi.c:537:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pd->send_fd = open("/dev/dlpi", O_RDWR); data/libpcap-1.9.1/pcap-dlpi.c:1014:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/pcap-dlpi.c:1082:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pad[516]; /* XXX - must be at least 513; is 516 data/libpcap-1.9.1/pcap-dlpi.c:1085:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char baname[2+1+1]; data/libpcap-1.9.1/pcap-dlpi.c:1100:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open("/dev/ba", O_RDWR)) < 0) { data/libpcap-1.9.1/pcap-dlpi.c:1157:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsgbuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/pcap-dlpi.c:1158:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dlprimbuf[64]; data/libpcap-1.9.1/pcap-dlpi.c:1613:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dname[100]; data/libpcap-1.9.1/pcap-dlpi.c:1617:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXDLBUF]; data/libpcap-1.9.1/pcap-dlpi.c:1810:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char if_name[sizeof(ifnet.if_name) + 1]; data/libpcap-1.9.1/pcap-dlpi.c:1826:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). kd = open("/dev/kmem", O_RDONLY); data/libpcap-1.9.1/pcap-dos.c:383:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (p->errbuf, "illegal pcap handle"); data/libpcap-1.9.1/pcap-dos.c:389:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (p->errbuf, "device statistics not available"); data/libpcap-1.9.1/pcap-dos.c:427:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (se, (*dev->get_stats)(dev), sizeof(*se)); data/libpcap-1.9.1/pcap-dos.c:511:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (ebuf, "No driver found"); data/libpcap-1.9.1/pcap-dos.c:525:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (errbuf, "pcap_open_offline() or pcap_activate() must be " data/libpcap-1.9.1/pcap-dos.c:617:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (errbuf, "No drivers found"); data/libpcap-1.9.1/pcap-dos.c:688:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PCAP_ASSERT (dev->open); data/libpcap-1.9.1/pcap-dos.c:690:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(*dev->open)(dev)) data/libpcap-1.9.1/pcap-dos.c:695:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat (ebuf, ": "); data/libpcap-1.9.1/pcap-dos.c:807:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (ebuf, "Not enough memory (Rx pool)"); data/libpcap-1.9.1/pcap-dos.c:869:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char rxbuf [ETH_MAX+100]; /* rx-buffer with some margin */ data/libpcap-1.9.1/pcap-dos.c:879:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (rxbuf, buf, pcap->caplen); data/libpcap-1.9.1/pcap-dos.c:969:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (env && atoi(env) > 0 && data/libpcap-1.9.1/pcap-dos.c:973:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pcap_pkt_debug = atoi (env); data/libpcap-1.9.1/pcap-dos.h:155:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int (*open) (struct device *dev); data/libpcap-1.9.1/pcap-enet.c:158:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if_fd = open("/dev/enet", O_RDONLY, 0); data/libpcap-1.9.1/pcap-int.h:250:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE + 1]; data/libpcap-1.9.1/pcap-libdlpi.c:60:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linkname[DLPI_LINKNAME_MAX]; data/libpcap-1.9.1/pcap-linux.c:890:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char phydev_path[PATH_MAX+1]; data/libpcap-1.9.1/pcap-linux.c:921:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mondevice[3+10+1]; /* mon{UINT_MAX}\0 */ data/libpcap-1.9.1/pcap-linux.c:1064:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char phydev_path[PATH_MAX+1]; data/libpcap-1.9.1/pcap-linux.c:1159:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[512]; data/libpcap-1.9.1/pcap-linux.c:1165:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen("/proc/net/dev", "r"); data/libpcap-1.9.1/pcap-linux.c:1804:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[CMSG_SPACE(sizeof(struct tpacket_auxdata))]; data/libpcap-1.9.1/pcap-linux.c:1965:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hdrp->sll2_addr, from.sll_addr, data/libpcap-1.9.1/pcap-linux.c:1978:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hdrp->sll_addr, from.sll_addr, data/libpcap-1.9.1/pcap-linux.c:2375:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[512]; /* XXX - pick a size */ data/libpcap-1.9.1/pcap-linux.c:2464:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char subsystem_path[PATH_MAX+1]; data/libpcap-1.9.1/pcap-linux.c:2580:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linebuf[512]; data/libpcap-1.9.1/pcap-linux.c:2585:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). proc_net_f = fopen("/proc/net/dev", "r"); data/libpcap-1.9.1/pcap-linux.c:2724:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fh = fopen(pathstr, "r"); data/libpcap-1.9.1/pcap-linux.c:3102:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/pcap-linux.c:4899:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(handlep->oneshot_buffer, bytes, h->caplen); data/libpcap-1.9.1/pcap-linux.c:5177:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hdrp->sll2_addr, sll->sll_addr, SLL_ADDRLEN); data/libpcap-1.9.1/pcap-linux.c:5214:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hdrp->sll_addr, sll->sll_addr, SLL_ADDRLEN); data/libpcap-1.9.1/pcap-linux.c:6260:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ireq.u.name, args, sizeof (int)); data/libpcap-1.9.1/pcap-linux.c:6352:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ireq.u.name, args, sizeof (int)); data/libpcap-1.9.1/pcap-linux.c:6363:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ireq.u.name, args, sizeof (int)); data/libpcap-1.9.1/pcap-linux.c:6374:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ireq.u.name, args, sizeof (int)); data/libpcap-1.9.1/pcap-linux.c:6392:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ireq.u.name, args, sizeof (int)); data/libpcap-1.9.1/pcap-linux.c:6419:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ireq.u.name, args, 2*sizeof (int)); data/libpcap-1.9.1/pcap-linux.c:6432:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ireq.u.name, args, sizeof (int)); data/libpcap-1.9.1/pcap-linux.c:6444:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ireq.u.name, args, sizeof (int)); data/libpcap-1.9.1/pcap-linux.c:6469:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ireq.u.name, args, sizeof (int)); data/libpcap-1.9.1/pcap-linux.c:7195:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f, handle->fcode.bf_insns, prog_size); data/libpcap-1.9.1/pcap-linux.c:7395:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char drain[1]; data/libpcap-1.9.1/pcap-netfilter-linux.c:318:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024] __attribute__ ((aligned)); data/libpcap-1.9.1/pcap-netfilter-linux.c:346:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(NFA_DATA(nfa), mynfa->data, mynfa->nfa_len); data/libpcap-1.9.1/pcap-new.c:77:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[PCAP_BUF_SIZE], path[PCAP_BUF_SIZE], filename[PCAP_BUF_SIZE]; data/libpcap-1.9.1/pcap-new.c:81:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpstring[PCAP_BUF_SIZE + 1]; /* Needed to convert names and descriptions from 'old' syntax to the 'new' one */ data/libpcap-1.9.1/pcap-new.c:356:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[PCAP_BUF_SIZE]; data/libpcap-1.9.1/pcap-npf.c:183:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, oid_data_arg->Data, *lenp); data/libpcap-1.9.1/pcap-npf.c:360:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(oid_data_arg->Data, data, *lenp); data/libpcap-1.9.1/pcap-npf.c:1167:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyname[512]; data/libpcap-1.9.1/pcap-npf.c:1875:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char AdaptersName[ADAPTERSNAME_LEN]; data/libpcap-1.9.1/pcap-npf.c:1978:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(Adescptr, tAstr, desclen); data/libpcap-1.9.1/pcap-pf.c:170:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)sp, (char *)bp, sizeof(*sp)); data/libpcap-1.9.1/pcap-rdmasniff.c:184:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(priv->oneshot_buffer, bytes, h->caplen); data/libpcap-1.9.1/pcap-rpcap.c:1015:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sendbuf[RPCAP_NETBUF_SIZE]; /* temporary buffer in which data to be sent is buffered */ data/libpcap-1.9.1/pcap-rpcap.c:1017:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char portdata[PCAP_BUF_SIZE]; /* temp variable needed to keep the network port for the data connection */ data/libpcap-1.9.1/pcap-rpcap.c:1021:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[INET6_ADDRSTRLEN + 1]; /* numeric name of the other host */ data/libpcap-1.9.1/pcap-rpcap.c:1503:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sendbuf[RPCAP_NETBUF_SIZE]; /* temporary buffer in which data to be sent is buffered */ data/libpcap-1.9.1/pcap-rpcap.c:1610:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char myaddress[128]; data/libpcap-1.9.1/pcap-rpcap.c:1611:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char myctrlport[128]; data/libpcap-1.9.1/pcap-rpcap.c:1612:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mydataport[128]; data/libpcap-1.9.1/pcap-rpcap.c:1613:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peeraddress[128]; data/libpcap-1.9.1/pcap-rpcap.c:1614:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peerctrlport[128]; data/libpcap-1.9.1/pcap-rpcap.c:1733:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sendbuf[RPCAP_NETBUF_SIZE];/* temporary buffer in which data to be sent is buffered */ data/libpcap-1.9.1/pcap-rpcap.c:1836:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sendbuf[RPCAP_NETBUF_SIZE]; /* temporary buffer in which data that has to be sent is buffered */ data/libpcap-1.9.1/pcap-rpcap.c:2191:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[PCAP_BUF_SIZE], ctrlport[PCAP_BUF_SIZE], iface[PCAP_BUF_SIZE]; data/libpcap-1.9.1/pcap-rpcap.c:2196:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sendbuf[RPCAP_NETBUF_SIZE]; /* temporary buffer in which data to be sent is buffered */ data/libpcap-1.9.1/pcap-rpcap.c:2352:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[PCAP_BUF_SIZE], port[PCAP_BUF_SIZE]; data/libpcap-1.9.1/pcap-rpcap.c:2353:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpstring[PCAP_BUF_SIZE + 1]; /* Needed to convert names and descriptions from 'old' syntax to the 'new' one */ data/libpcap-1.9.1/pcap-rpcap.c:2393:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpstring2[PCAP_BUF_SIZE + 1]; /* Needed to convert names and descriptions from 'old' syntax to the 'new' one */ data/libpcap-1.9.1/pcap-rpcap.c:2759:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&temp->host, &from, fromlen); data/libpcap-1.9.1/pcap-rpcap.c:2879:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hoststr[RPCAP_HOSTLIST_SIZE + 1]; data/libpcap-1.9.1/pcap-rpcap.c:3100:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/pcap-sita.c:261:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_LINE_SIZE]; data/libpcap-1.9.1/pcap-sita.c:268:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen("/etc/hosts", "r")) == NULL) { /* try to open the hosts file and if it fails */ data/libpcap-1.9.1/pcap-sita.c:423:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; data/libpcap-1.9.1/pcap-sita.c:447:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). IOPportnum = atoi(&IOPname[2]); data/libpcap-1.9.1/pcap-sita.c:457:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). IOPportnum = atoi(&IOPname[3]); data/libpcap-1.9.1/pcap-sita.c:467:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). IOPportnum = atoi(&IOPname[3]); data/libpcap-1.9.1/pcap-sita.c:504:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str1[MAX_LINE_SIZE], str2[MAX_LINE_SIZE]; data/libpcap-1.9.1/pcap-sita.c:601:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iff->name, (ptr + 1), *ptr); /* copy the name into the malloc'ed space */ data/libpcap-1.9.1/pcap-sita.c:614:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iff->description, (ptr + 1), *ptr); /* copy the name into the malloc'ed space */ data/libpcap-1.9.1/pcap-sita.c:721:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[256]; data/libpcap-1.9.1/pcap-sita.c:732:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((u->imsg + u->len), buf, len); /* append the new data */ data/libpcap-1.9.1/pcap-sita.c:755:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&working_set, &readfds, sizeof(readfds)); /* otherwise, we still have to listen for more stuff, till we timeout */ data/libpcap-1.9.1/pcap-sita.c:824:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[12]; data/libpcap-1.9.1/pcap-sita.c:868:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[8]; data/libpcap-1.9.1/pcap-sita.c:939:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&w_fds, &r_fds, sizeof(r_fds)); data/libpcap-1.9.1/pcap-sita.c:963:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char packet_header[HEADER_SIZE]; data/libpcap-1.9.1/pcap-snf.c:264:52: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else if ((nr = getenv("SNF_NUM_RINGS")) && *nr && atoi(nr) > 1) data/libpcap-1.9.1/pcap-snf.c:352:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[MAX_DESC_LENGTH]; data/libpcap-1.9.1/pcap-snf.c:353:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char desc[MAX_DESC_LENGTH]; data/libpcap-1.9.1/pcap-snit.c:331:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). p->fd = fd = open(dev, O_RDWR); data/libpcap-1.9.1/pcap-snit.c:333:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). p->fd = fd = open(dev, O_RDONLY); data/libpcap-1.9.1/pcap-tc.c:265:3: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR path[MAX_PATH]; data/libpcap-1.9.1/pcap-tc.c:266:3: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR fullFileName[MAX_PATH]; data/libpcap-1.9.1/pcap-tc.c:292:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fullFileName, path, res * sizeof(TCHAR)); data/libpcap-1.9.1/pcap-tc.c:294:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fullFileName[res + 1], lpFileName, (_tcslen(lpFileName) + 1) * sizeof(TCHAR)); data/libpcap-1.9.1/pcap-tc.c:1019:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data2, data, filterResult); data/libpcap-1.9.1/pcap-tc.c:1025:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data2, data, MAX_TC_PACKET_SIZE); data/libpcap-1.9.1/pcap-usb-linux.c:231:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dev_name[10]; data/libpcap-1.9.1/pcap-usb-linux.c:232:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dev_descr[30]; data/libpcap-1.9.1/pcap-usb-linux.c:265:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char usb_mon_dir[PATH_MAX]; data/libpcap-1.9.1/pcap-usb-linux.c:504:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof("/dev/bus/usb/000/") + NAME_MAX]; data/libpcap-1.9.1/pcap-usb-linux.c:522:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(buf, O_RDWR); data/libpcap-1.9.1/pcap-usb-linux.c:601:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char full_path[USB_LINE_LEN]; data/libpcap-1.9.1/pcap-usb-linux.c:642:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). handle->fd = open(full_path, O_RDONLY, 0); data/libpcap-1.9.1/pcap-usb-linux.c:735:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). handle->fd = open(full_path, O_RDONLY, 0); data/libpcap-1.9.1/pcap-usb-linux.c:745:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). handle->fd = open(full_path, O_RDONLY, 0); data/libpcap-1.9.1/pcap-usb-linux.c:835:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char etype, pipeid1, pipeid2, status[16], urb_tag, line[USB_LINE_LEN]; data/libpcap-1.9.1/pcap-usb-linux.c:930:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str1[3], str2[3], str3[5], str4[5], str5[5]; data/libpcap-1.9.1/pcap-usb-linux.c:1035:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[USB_LINE_LEN]; data/libpcap-1.9.1/pcap-usb-linux.c:1036:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char token[USB_LINE_LEN]; data/libpcap-1.9.1/pcap-usb-linux.c:1041:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(string, O_RDONLY, 0); data/libpcap-1.9.1/pcap-usb-linux.c:1051:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(string, O_RDONLY, 0); data/libpcap-1.9.1/pcap.c:407:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(*tstamp_typesp, p->tstamp_type_list, data/libpcap-1.9.1/pcap.c:614:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. return (memcpy(newsa, sa, sa_length)); data/libpcap-1.9.1/pcap.c:660:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(cp) + 1; data/libpcap-1.9.1/pcap.c:1368:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char device[IF_NAMESIZE + 1]; data/libpcap-1.9.1/pcap.c:1523:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(token, p, len); data/libpcap-1.9.1/pcap.c:1661:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(scheme, source, scheme_len); data/libpcap-1.9.1/pcap.c:2572:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[PCAP_BUF_SIZE + 1]; data/libpcap-1.9.1/pcap.c:2573:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char port[PCAP_BUF_SIZE + 1]; data/libpcap-1.9.1/pcap.c:2574:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[PCAP_BUF_SIZE + 1]; data/libpcap-1.9.1/pcap.c:2774:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(*dlt_buffer, p->dlt_list, data/libpcap-1.9.1/pcap.c:3139:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char unkbuf[40]; data/libpcap-1.9.1/pcap.c:3389:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ebuf[15+10+1]; data/libpcap-1.9.1/pcap.c:3450:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char errbuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/pcap.c:3462:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char errbuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/pcap.c:3465:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. return ((char *)sys_errlist[errnum]); data/libpcap-1.9.1/pcap.c:3582:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(queue->buffer + queue->len, pkt_header, sizeof(struct pcap_pkthdr)); data/libpcap-1.9.1/pcap.c:3586:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(queue->buffer + queue->len, pkt_data, pkt_header->caplen); data/libpcap-1.9.1/pcap/namedb.h:53:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[122]; data/libpcap-1.9.1/rpcap-protocol.c:83:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sendbuf[RPCAP_NETBUF_SIZE]; /* temporary buffer in which data to be sent is buffered */ data/libpcap-1.9.1/rpcap-protocol.h:217:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[128-2]; /* Data */ data/libpcap-1.9.1/rpcapd/config_params.h:46:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char address[MAX_LINE + 1]; // keeps the network address (either numeric or literal) to of the active client data/libpcap-1.9.1/rpcapd/config_params.h:47:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char port[MAX_LINE + 1]; // keeps the network port to bind to data/libpcap-1.9.1/rpcapd/config_params.h:51:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char hostlist[MAX_HOST_LIST + 1]; //!< Keeps the list of the hosts that are allowed to connect to this server data/libpcap-1.9.1/rpcapd/config_params.h:54:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char loadfile[MAX_LINE + 1]; //!< Name of the file from which we have to load the configuration data/libpcap-1.9.1/rpcapd/daemon.c:166:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed data/libpcap-1.9.1/rpcapd/daemon.c:167:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsgbuf[PCAP_ERRBUF_SIZE + 1]; // buffer for errors to send to the client data/libpcap-1.9.1/rpcapd/daemon.c:173:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char source[PCAP_BUF_SIZE+1]; // keeps the string that contains the interface to open data/libpcap-1.9.1/rpcapd/daemon.c:887:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/rpcapd/daemon.c:888:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remote_errbuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/rpcapd/daemon.c:966:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; // buffer for network errors data/libpcap-1.9.1/rpcapd/daemon.c:967:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsgbuf[PCAP_ERRBUF_SIZE]; // buffer for errors to send to the client data/libpcap-1.9.1/rpcapd/daemon.c:970:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sendbuf[RPCAP_NETBUF_SIZE]; // temporary buffer in which data to be sent is buffered data/libpcap-1.9.1/rpcapd/daemon.c:1183:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsgbuf[PCAP_ERRBUF_SIZE]; // buffer for errors to log data/libpcap-1.9.1/rpcapd/daemon.c:1330:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; // buffer for network errors data/libpcap-1.9.1/rpcapd/daemon.c:1331:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsgbuf[PCAP_ERRBUF_SIZE]; // buffer for errors to send to the client data/libpcap-1.9.1/rpcapd/daemon.c:1332:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sendbuf[RPCAP_NETBUF_SIZE]; // temporary buffer in which data to be sent is buffered data/libpcap-1.9.1/rpcapd/daemon.c:1538:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; // buffer for network errors data/libpcap-1.9.1/rpcapd/daemon.c:1539:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsgbuf[PCAP_ERRBUF_SIZE]; // buffer for errors to send to the client data/libpcap-1.9.1/rpcapd/daemon.c:1542:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sendbuf[RPCAP_NETBUF_SIZE]; // temporary buffer in which data to be sent is buffered data/libpcap-1.9.1/rpcapd/daemon.c:1634:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; // buffer for network errors data/libpcap-1.9.1/rpcapd/daemon.c:1635:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsgbuf[PCAP_ERRBUF_SIZE]; // buffer for errors to send to the client data/libpcap-1.9.1/rpcapd/daemon.c:1636:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char portdata[PCAP_BUF_SIZE]; // temp variable needed to derive the data port data/libpcap-1.9.1/rpcapd/daemon.c:1637:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char peerhost[PCAP_BUF_SIZE]; // temp variable needed to derive the host name of our peer data/libpcap-1.9.1/rpcapd/daemon.c:1640:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sendbuf[RPCAP_NETBUF_SIZE]; // temporary buffer in which data to be sent is buffered data/libpcap-1.9.1/rpcapd/daemon.c:1938:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; // buffer for network errors data/libpcap-1.9.1/rpcapd/daemon.c:2058:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/rpcapd/daemon.c:2059:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsgbuf[PCAP_ERRBUF_SIZE]; // buffer for errors to send to the client data/libpcap-1.9.1/rpcapd/daemon.c:2112:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; // buffer for network errors data/libpcap-1.9.1/rpcapd/daemon.c:2113:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsgbuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/rpcapd/daemon.c:2172:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; // buffer for network errors data/libpcap-1.9.1/rpcapd/daemon.c:2173:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsgbuf[PCAP_ERRBUF_SIZE]; // buffer for errors to send to the client data/libpcap-1.9.1/rpcapd/daemon.c:2174:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sendbuf[RPCAP_NETBUF_SIZE]; // temporary buffer in which data to be sent is buffered data/libpcap-1.9.1/rpcapd/daemon.c:2244:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE + 1]; // error buffer data/libpcap-1.9.1/rpcapd/daemon.c:2525:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; // buffer for network errors data/libpcap-1.9.1/rpcapd/daemon.c:2557:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; // buffer for network errors data/libpcap-1.9.1/rpcapd/daemon.c:2585:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed data/libpcap-1.9.1/rpcapd/fileconf.c:67:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen(loadfile, "r")) != NULL) data/libpcap-1.9.1/rpcapd/fileconf.c:69:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[MAX_LINE + 1]; data/libpcap-1.9.1/rpcapd/fileconf.c:488:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen(savefile, "w")) != NULL) data/libpcap-1.9.1/rpcapd/fileconf.c:491:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temphostlist[MAX_HOST_LIST + 1]; data/libpcap-1.9.1/rpcapd/log.c:103:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msgbuf[1024]; data/libpcap-1.9.1/rpcapd/log.c:104:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *strings[1]; data/libpcap-1.9.1/rpcapd/log.c:230:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logbuf[1024+1]; data/libpcap-1.9.1/rpcapd/rpcapd.c:75:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostlist[MAX_HOST_LIST + 1]; //!< Keeps the list of the hosts that are allowed to connect to this server data/libpcap-1.9.1/rpcapd/rpcapd.c:79:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char loadfile[MAX_LINE + 1]; //!< Name of the file from which we have to load the configuration data/libpcap-1.9.1/rpcapd/rpcapd.c:82:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char address[MAX_LINE + 1]; //!< keeps the network address (either numeric or literal) to bind to data/libpcap-1.9.1/rpcapd/rpcapd.c:83:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char port[MAX_LINE + 1]; //!< keeps the network port to bind to data/libpcap-1.9.1/rpcapd/rpcapd.c:163:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char savefile[MAX_LINE + 1]; // name of the file on which we have to save the configuration data/libpcap-1.9.1/rpcapd/rpcapd.c:171:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed data/libpcap-1.9.1/rpcapd/rpcapd.c:378:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). devnull_fd = open("/dev/null", O_RDWR); data/libpcap-1.9.1/rpcapd/rpcapd.c:496:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed data/libpcap-1.9.1/rpcapd/rpcapd.c:571:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addrbuf[INET_ADDRSTRLEN]; data/libpcap-1.9.1/rpcapd/rpcapd.c:585:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addrbuf[INET6_ADDRSTRLEN]; data/libpcap-1.9.1/rpcapd/rpcapd.c:673:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed data/libpcap-1.9.1/rpcapd/rpcapd.c:795:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed data/libpcap-1.9.1/rpcapd/rpcapd.c:1074:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed data/libpcap-1.9.1/rpcapd/rpcapd.c:1266:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE + 1]; // keeps the error string, prior to be printed data/libpcap-1.9.1/rpcapd/win32-svc.c:55:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/savefile.c:280:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(fname, "rb"); data/libpcap-1.9.1/sf-pcap.c:598:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char discard_buf[4096]; data/libpcap-1.9.1/sf-pcap.c:825:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fname, "wb"); data/libpcap-1.9.1/sf-pcap.c:925:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fname, "ab+"); data/libpcap-1.9.1/sf-pcapng.c:351:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p->buffer, &bhdr, sizeof(bhdr)); data/libpcap-1.9.1/sf-pcapng.c:575:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tsoffset, optvalue, sizeof(*tsoffset)); data/libpcap-1.9.1/sockutils.c:426:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char TmpBuffer[100]; data/libpcap-1.9.1/sockutils.c:427:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char SocketErrorMessage[SOCK_ERRBUF_SIZE]; data/libpcap-1.9.1/sockutils.c:527:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostport[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/sockutils.c:920:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempbuf + (*offset), buffer, size); data/libpcap-1.9.1/sockutils.c:1199:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[TEMP_BUF_SIZE]; /* network buffer, to be used when the message is discarded */ data/libpcap-1.9.1/sockutils.c:1622:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sockaddr, addrinfo->ai_addr, sizeof(struct sockaddr_in)); data/libpcap-1.9.1/sockutils.c:1624:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sockaddr, addrinfo->ai_addr, sizeof(struct sockaddr_in6)); data/libpcap-1.9.1/testprogs/can_set_rfmon_test.c:49:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ebuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/testprogs/capturetest.c:75:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ebuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/testprogs/filtertest.c:95:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(fname, O_RDONLY|O_BINARY); data/libpcap-1.9.1/testprogs/findalldevstest.c:39:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char errbuf[ERRBUF_SIZE+1]; data/libpcap-1.9.1/testprogs/findalldevstest.c:63:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char password[128+1]; data/libpcap-1.9.1/testprogs/findalldevstest.c:103:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE+1]; data/libpcap-1.9.1/testprogs/findalldevstest.c:106:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char username[128+1]; data/libpcap-1.9.1/testprogs/findalldevstest.c:171:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ipv4_buf[INET_ADDRSTRLEN]; data/libpcap-1.9.1/testprogs/findalldevstest.c:172:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ipv6_buf[INET6_ADDRSTRLEN]; data/libpcap-1.9.1/testprogs/findalldevstest.c:303:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char output[IPTOSBUFFERS][3*4+3+1]; data/libpcap-1.9.1/testprogs/findalldevstest.c:309:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(output[which], "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); data/libpcap-1.9.1/testprogs/opentest.c:63:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ebuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/testprogs/opentest.c:109:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bufsize = atoi(optarg)*1024; data/libpcap-1.9.1/testprogs/reactivatetest.c:44:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ebuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/testprogs/selpolltest.c:75:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ebuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/testprogs/threadsignaltest.c:85:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char errbuf[ERRBUF_SIZE+1]; data/libpcap-1.9.1/testprogs/threadsignaltest.c:189:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ebuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/testprogs/unix.h:46:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define open _open data/libpcap-1.9.1/testprogs/valgrindtest.c:128:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(fname, O_RDONLY|O_BINARY); data/libpcap-1.9.1/testprogs/valgrindtest.c:234:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ebuf[PCAP_ERRBUF_SIZE]; data/libpcap-1.9.1/etherent.c:62:7: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(f); data/libpcap-1.9.1/etherent.c:74:7: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(f); data/libpcap-1.9.1/etherent.c:110:8: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(fp); data/libpcap-1.9.1/etherent.c:116:9: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(fp); data/libpcap-1.9.1/etherent.c:123:8: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(fp); data/libpcap-1.9.1/etherent.c:156:8: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(fp); data/libpcap-1.9.1/fad-gifc.c:268:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifrflags.ifr_name, ifrp->ifr_name, data/libpcap-1.9.1/fad-gifc.c:284:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifrnetmask.ifr_name, ifrp->ifr_name, data/libpcap-1.9.1/fad-gifc.c:314:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifrbroadaddr.ifr_name, ifrp->ifr_name, data/libpcap-1.9.1/fad-gifc.c:353:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifrdstaddr.ifr_name, ifrp->ifr_name, data/libpcap-1.9.1/fad-glifc.c:196:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifrflags.lifr_name, ifrp->lifr_name, data/libpcap-1.9.1/fad-glifc.c:212:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifrnetmask.lifr_name, ifrp->lifr_name, data/libpcap-1.9.1/fad-glifc.c:239:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifrbroadaddr.lifr_name, ifrp->lifr_name, data/libpcap-1.9.1/fad-glifc.c:274:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifrdstaddr.lifr_name, ifrp->lifr_name, data/libpcap-1.9.1/fmtutils.c:72:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). msglen = strlen(errbuf); data/libpcap-1.9.1/fmtutils.c:166:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). msglen = strlen(errbuf); data/libpcap-1.9.1/gencode.c:658:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t n = strlen(s) + 1; data/libpcap-1.9.1/gencode.c:8359:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ifname) >= len) { data/libpcap-1.9.1/gencode.c:8364:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). b0 = gen_bcmp(cstate, OR_LINKHDR, off, (u_int)strlen(ifname), data/libpcap-1.9.1/gencode.c:8387:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ruleset) >= sizeof(((struct pfloghdr *)0)->ruleset)) { data/libpcap-1.9.1/gencode.c:8394:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (u_int)strlen(ruleset), (const u_char *)ruleset); data/libpcap-1.9.1/lbl/os-sunos4.h:28:5: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int fgetc(FILE *); data/libpcap-1.9.1/lbl/os-sunos4.h:45:5: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int read(int, char *, u_int); data/libpcap-1.9.1/missing/snprintf.c:228:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). width -= strlen((char *)arg); data/libpcap-1.9.1/missing/strlcat.c:50:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return(dlen + strlen(src)); data/libpcap-1.9.1/msdos/bin2c.c:34:16: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((ch = fgetc(inFile)) != EOF) data/libpcap-1.9.1/pcap-bpf.c:624:8: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); data/libpcap-1.9.1/pcap-bpf.c:831:8: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(ifr.ifr_name, p->opt.device, sizeof(ifr.ifr_name)); data/libpcap-1.9.1/pcap-bpf.c:986:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cc = read(p->fd, p->buffer, p->bufsize); data/libpcap-1.9.1/pcap-bpf.c:1441:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(req.ifm_name, pb->device, data/libpcap-1.9.1/pcap-bpf.c:1455:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(ifr.ifr_name, data/libpcap-1.9.1/pcap-bpf.c:1833:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). wltdev = malloc(strlen(p->opt.device) + 2); data/libpcap-1.9.1/pcap-bpf.c:1998:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(ifrname, p->opt.device, ifnamsiz); data/libpcap-1.9.1/pcap-bpf.c:2029:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(ifrname, p->opt.device, ifnamsiz); data/libpcap-1.9.1/pcap-bpf.c:2062:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(ifrname, p->opt.device, ifnamsiz); data/libpcap-1.9.1/pcap-bpf.c:2609:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). en_name_len = strlen(name) - 1; data/libpcap-1.9.1/pcap-bpf.c:2760:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(req.ifm_name, name, sizeof(req.ifm_name)); data/libpcap-1.9.1/pcap-bpf.c:2887:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(req.ifm_name, p->opt.device, sizeof req.ifm_name); data/libpcap-1.9.1/pcap-bpf.c:2997:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(ifr.ifr_name, p->opt.device, data/libpcap-1.9.1/pcap-dag.c:424:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(p->errbuf, "dag_read: record too small", PCAP_ERRBUF_SIZE); data/libpcap-1.9.1/pcap-dag.c:758:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newDev = (char *)malloc(strlen(device) + 16); data/libpcap-1.9.1/pcap-dag.c:767:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (dag_parse_name(device, newDev, strlen(device) + 16, &pd->dag_stream) < 0) { data/libpcap-1.9.1/pcap-dag.c:1212:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(p->errbuf, "setfilter: No filter specified", data/libpcap-1.9.1/pcap-dbus.c:290:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dbus_bus_add_match(handlep->conn, rules[i] + strlen(EAVESDROPPING_RULE), &error); data/libpcap-1.9.1/pcap-dlpi.c:881:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = device + strlen(device) - 1; data/libpcap-1.9.1/pcap-dlpi.c:1867:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cc = read(fd, buf, len); data/libpcap-1.9.1/pcap-enet.c:66:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((cc = read(if_fd, (char *)buf.p, sizeof(buf))) < 0) data/libpcap-1.9.1/pcap-linux.c:1538:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(device) >= sizeof(ifr.ifr_name)) { data/libpcap-1.9.1/pcap-netfilter-linux.c:497:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(dev, NFLOG_IFACE, strlen(NFLOG_IFACE)) == 0) { data/libpcap-1.9.1/pcap-netfilter-linux.c:498:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dev += strlen(NFLOG_IFACE); data/libpcap-1.9.1/pcap-netfilter-linux.c:501:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (strncmp(dev, NFQUEUE_IFACE, strlen(NFQUEUE_IFACE)) == 0) { data/libpcap-1.9.1/pcap-netfilter-linux.c:502:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dev += strlen(NFQUEUE_IFACE); data/libpcap-1.9.1/pcap-netmap.c:145:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifr.ifr_name, d->req.nr_name, sizeof(ifr.ifr_name)); data/libpcap-1.9.1/pcap-new.c:89:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(source) > PCAP_BUF_SIZE) data/libpcap-1.9.1/pcap-new.c:194:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). stringlen = strlen(name); data/libpcap-1.9.1/pcap-new.c:213:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pathlen = strlen(path); data/libpcap-1.9.1/pcap-new.c:250:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (pathlen + strlen(filedata.cFileName) >= sizeof(filename)) data/libpcap-1.9.1/pcap-new.c:254:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (pathlen + strlen(filedata->d_name) >= sizeof(filename)) data/libpcap-1.9.1/pcap-new.c:371:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(source) > PCAP_BUF_SIZE) data/libpcap-1.9.1/pcap-nit.c:113:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cc = read(p->fd, (char *)p->buffer, p->bufsize); data/libpcap-1.9.1/pcap-nit.c:206:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(sa.sa_data, device, sizeof(sa.sa_data)); data/libpcap-1.9.1/pcap-nit.c:299:8: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(snit.snit_ifname, p->opt.device, NITIFSIZ); data/libpcap-1.9.1/pcap-npf.c:449:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). res = PacketSetDumpName(pw->adapter, filename, (int)strlen(filename)); data/libpcap-1.9.1/pcap-npf.c:1840:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name += strlen(name) + 1; data/libpcap-1.9.1/pcap-npf.c:1841:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). desc += strlen(desc) + 1; data/libpcap-1.9.1/pcap-npf.c:1923:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). namelen = strlen(tAstr) + 1; data/libpcap-1.9.1/pcap-npf.c:1960:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). desclen = strlen(tAstr) + 1; data/libpcap-1.9.1/pcap-pf.c:115:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cc = read(pc->fd, (char *)pc->buffer + pc->offset, pc->bufsize); data/libpcap-1.9.1/pcap-rdmasniff.c:375:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). namelen = strlen(device); data/libpcap-1.9.1/pcap-rdmasniff.c:390:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dev_list[i]->name) == namelen && data/libpcap-1.9.1/pcap-rpcap.c:1859:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_length = strlen(auth->username); data/libpcap-1.9.1/pcap-rpcap.c:1869:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_length = strlen(auth->password); data/libpcap-1.9.1/pcap-rpcap.c:1912:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rpauth->slen1 = (uint16)strlen(auth->username); data/libpcap-1.9.1/pcap-rpcap.c:1921:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rpauth->slen2 = (uint16)strlen(auth->password); data/libpcap-1.9.1/pcap-rpcap.c:2255:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). RPCAP_MSG_OPEN_REQ, 0, (uint32) strlen(iface)); data/libpcap-1.9.1/pcap-rpcap.c:2257:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (sock_bufferize(iface, (int) strlen(iface), sendbuf, &sendbufidx, data/libpcap-1.9.1/pcap-rpcap.c:2900:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = len + strlen(hoststr) + 1 /* the separator */; data/libpcap-1.9.1/pcap-septel.c:287:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(p->errbuf, "setfilter: No filter specified", data/libpcap-1.9.1/pcap-sita.c:90:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (iff->name && (strlen(iff->name) > longest_name_len)) longest_name_len = strlen(iff->name); data/libpcap-1.9.1/pcap-sita.c:90:79: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (iff->name && (strlen(iff->name) > longest_name_len)) longest_name_len = strlen(iff->name); data/libpcap-1.9.1/pcap-sita.c:278:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (pos == strlen(buf)) /* if there is nothing but white space on the line */ data/libpcap-1.9.1/pcap-sita.c:295:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((ptr2 = (char *)malloc(strlen(ptr) + 1)) == NULL) { data/libpcap-1.9.1/pcap-sita.c:437:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name = malloc(strlen(IOPname) + 1); /* get memory for the IOP's name */ data/libpcap-1.9.1/pcap-sita.c:481:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name = malloc(strlen(buf) + 1); /* get memory for that name */ data/libpcap-1.9.1/pcap-sita.c:512:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s1_p1_len = strlen(s1); /* the prefix length is the length of the string itself */ data/libpcap-1.9.1/pcap-sita.c:519:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s2_p1_len = strlen(s2); data/libpcap-1.9.1/pcap-sita.c:522:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str1, s1, (s1_p1_len > sizeof(str1)) ? s1_p1_len : sizeof(str1)); *(str1 + s1_p1_len) = 0; data/libpcap-1.9.1/pcap-sita.c:523:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str2, s2, (s2_p1_len > sizeof(str2)) ? s2_p1_len : sizeof(str2)); *(str2 + s2_p1_len) = 0; data/libpcap-1.9.1/pcap-sita.c:706:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bigger_buffer = realloc(iff->name, strlen(newname) + 1)); data/libpcap-1.9.1/pcap-sita.c:853:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). send_to_fd(u->fd, strlen(p->IOPname)+1, (unsigned char *)p->IOPname); /* send the IOP's interface name, and a terminating null */ data/libpcap-1.9.1/pcap-sita.c:1062:2: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(errbuf, ""); data/libpcap-1.9.1/pcap-snf.c:202:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(p->errbuf, "setfilter: No filter specified", data/libpcap-1.9.1/pcap-snf.c:536:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). devlen = strlen(device) + 1; data/libpcap-1.9.1/pcap-snit.c:129:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cc = read(p->fd, (char *)p->buffer, p->bufsize); data/libpcap-1.9.1/pcap-snit.c:370:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifr.ifr_name, p->opt.device, sizeof(ifr.ifr_name)); data/libpcap-1.9.1/pcap-snoop.c:87:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cc = read(p->fd, (char *)p->buffer, p->bufsize); data/libpcap-1.9.1/pcap-snoop.c:222:8: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(sr.sr_ifname, p->opt.device, sizeof(sr.sr_ifname)); data/libpcap-1.9.1/pcap-snoop.c:344:8: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void)strncpy(ifr.ifr_name, p->opt.device, sizeof(ifr.ifr_name)); data/libpcap-1.9.1/pcap-tc.c:290:16: [1] (buffer) _tcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (res + 1 + _tcslen(lpFileName) + 1 < MAX_PATH) data/libpcap-1.9.1/pcap-tc.c:294:47: [1] (buffer) _tcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(&fullFileName[res + 1], lpFileName, (_tcslen(lpFileName) + 1) * sizeof(TCHAR)); data/libpcap-1.9.1/pcap-tc.c:508:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newIf->name = (char*)malloc(strlen(name) + 1); data/libpcap-1.9.1/pcap-tc.c:515:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newIf->description = (char*)malloc(strlen(description) + 1); data/libpcap-1.9.1/pcap-tc.c:1111:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(p->errbuf, "setfilter: No filter specified", sizeof(p->errbuf)); data/libpcap-1.9.1/pcap-usb-linux.c:292:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). usb_mon_prefix_len = strlen(usb_mon_prefix); data/libpcap-1.9.1/pcap-usb-linux.c:363:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(name); data/libpcap-1.9.1/pcap-usb-linux.c:845:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(handle->fd, line, USB_LINE_LEN - 1); data/libpcap-1.9.1/pcap-usb-linux.c:1063:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(fd, string, USB_LINE_LEN-1); data/libpcap-1.9.1/pcap.c:656:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = dev->name + strlen(dev->name) - 1; data/libpcap-1.9.1/pcap.c:1853:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). port_len = strlen(parsep); data/libpcap-1.9.1/pcap.c:2107:13: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = wcslen((wchar_t *)device); data/libpcap-1.9.1/pcap.c:2620:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(device, PCAP_SRC_IF_STRING, strlen(PCAP_SRC_IF_STRING)) == 0) { data/libpcap-1.9.1/pcap.c:2621:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(device) - strlen(PCAP_SRC_IF_STRING) + 1; data/libpcap-1.9.1/pcap.c:2621:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(device) - strlen(PCAP_SRC_IF_STRING) + 1; data/libpcap-1.9.1/pcap.c:2624:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). device += strlen(PCAP_SRC_IF_STRING); data/libpcap-1.9.1/rpcap-protocol.c:87:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = (uint16)strlen(error); data/libpcap-1.9.1/rpcapd/daemon.c:1373:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). replylen += strlen(d->description); data/libpcap-1.9.1/rpcapd/daemon.c:1375:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). replylen += strlen(d->name); data/libpcap-1.9.1/rpcapd/daemon.c:1421:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (d->description) ldescr = (short) strlen(d->description); data/libpcap-1.9.1/rpcapd/daemon.c:1423:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (d->name) lname = (short) strlen(d->name); data/libpcap-1.9.1/rpcapd/fileconf.c:86:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). linelen = strlen(line); data/libpcap-1.9.1/rpcapd/fileconf.c:104:17: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((c = getc(fp)) != '\n') data/libpcap-1.9.1/rpcapd/fileconf.c:385:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). eos = hostlist + strlen(hostlist); data/libpcap-1.9.1/rpcapd/fileconf.c:501:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(temphostlist, hostlist, MAX_HOST_LIST); data/libpcap-1.9.1/rpcapd/rpcapd.c:183:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(address, RPCAP_DEFAULT_NETADDR, MAX_LINE); data/libpcap-1.9.1/rpcapd/rpcapd.c:184:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(port, RPCAP_DEFAULT_NETPORT, MAX_LINE); data/libpcap-1.9.1/rpcapd/rpcapd.c:203:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(address, optarg, MAX_LINE); data/libpcap-1.9.1/rpcapd/rpcapd.c:206:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(port, optarg, MAX_LINE); data/libpcap-1.9.1/rpcapd/rpcapd.c:234:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(hostlist, optarg, sizeof(hostlist)); data/libpcap-1.9.1/sockutils.c:443:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). msglen = strlen(errbufptr); data/libpcap-1.9.1/testprogs/can_set_rfmon_test.c:90:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt += strlen(fmt); data/libpcap-1.9.1/testprogs/capturetest.c:242:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt += strlen(fmt); data/libpcap-1.9.1/testprogs/capturetest.c:261:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt += strlen(fmt); data/libpcap-1.9.1/testprogs/capturetest.c:283:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(*p++) + 1; data/libpcap-1.9.1/testprogs/filtertest.c:106:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cc = read(fd, cp, (u_int)buf.st_size); data/libpcap-1.9.1/testprogs/filtertest.c:134:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt += strlen(fmt); data/libpcap-1.9.1/testprogs/filtertest.c:153:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt += strlen(fmt); data/libpcap-1.9.1/testprogs/filtertest.c:175:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(*p++) + 1; data/libpcap-1.9.1/testprogs/findalldevstest.c:49:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). errlen = strlen(errbuf); data/libpcap-1.9.1/testprogs/opentest.c:213:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt += strlen(fmt); data/libpcap-1.9.1/testprogs/opentest.c:232:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt += strlen(fmt); data/libpcap-1.9.1/testprogs/reactivatetest.c:82:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt += strlen(fmt); data/libpcap-1.9.1/testprogs/selpolltest.c:386:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt += strlen(fmt); data/libpcap-1.9.1/testprogs/selpolltest.c:405:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt += strlen(fmt); data/libpcap-1.9.1/testprogs/selpolltest.c:427:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(*p++) + 1; data/libpcap-1.9.1/testprogs/threadsignaltest.c:95:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). errlen = strlen(errbuf); data/libpcap-1.9.1/testprogs/threadsignaltest.c:336:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt += strlen(fmt); data/libpcap-1.9.1/testprogs/threadsignaltest.c:355:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt += strlen(fmt); data/libpcap-1.9.1/testprogs/threadsignaltest.c:377:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(*p++) + 1; data/libpcap-1.9.1/testprogs/unix.h:53:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #define read _read data/libpcap-1.9.1/testprogs/valgrindtest.c:139:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cc = read(fd, cp, (u_int)buf.st_size); data/libpcap-1.9.1/testprogs/valgrindtest.c:167:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt += strlen(fmt); data/libpcap-1.9.1/testprogs/valgrindtest.c:186:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fmt += strlen(fmt); data/libpcap-1.9.1/testprogs/valgrindtest.c:208:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(*p++) + 1; ANALYSIS SUMMARY: Hits = 536 Lines analyzed = 78149 in approximately 2.17 seconds (36009 lines/second) Physical Source Lines of Code (SLOC) = 44182 Hits@level = [0] 274 [1] 153 [2] 303 [3] 24 [4] 54 [5] 2 Hits@level+ = [0+] 810 [1+] 536 [2+] 383 [3+] 80 [4+] 56 [5+] 2 Hits/KSLOC@level+ = [0+] 18.3333 [1+] 12.1316 [2+] 8.66869 [3+] 1.81069 [4+] 1.26748 [5+] 0.0452673 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.