Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libzeep-5.0.2/examples/http-server-0.cpp Examining data/libzeep-5.0.2/examples/http-server-1.cpp Examining data/libzeep-5.0.2/examples/http-server-2.cpp Examining data/libzeep-5.0.2/examples/rest-sample-2.cpp Examining data/libzeep-5.0.2/examples/rest-sample.cpp Examining data/libzeep-5.0.2/examples/security-sample.cpp Examining data/libzeep-5.0.2/examples/serialize-xml.cpp Examining data/libzeep-5.0.2/examples/synopsis-el-1.cpp Examining data/libzeep-5.0.2/examples/synopsis-json.cpp Examining data/libzeep-5.0.2/examples/synopsis-xml.cpp Examining data/libzeep-5.0.2/examples/validating-xml-sample.cpp Examining data/libzeep-5.0.2/examples/xpath-sample.cpp Examining data/libzeep-5.0.2/include/zeep/config.hpp Examining data/libzeep-5.0.2/include/zeep/crypto.hpp Examining data/libzeep-5.0.2/include/zeep/exception.hpp Examining data/libzeep-5.0.2/include/zeep/http/connection.hpp Examining data/libzeep-5.0.2/include/zeep/http/controller.hpp Examining data/libzeep-5.0.2/include/zeep/http/daemon.hpp Examining data/libzeep-5.0.2/include/zeep/http/el-processing.hpp Examining data/libzeep-5.0.2/include/zeep/http/error-handler.hpp Examining data/libzeep-5.0.2/include/zeep/http/header.hpp Examining data/libzeep-5.0.2/include/zeep/http/html-controller.hpp Examining data/libzeep-5.0.2/include/zeep/http/login-controller.hpp Examining data/libzeep-5.0.2/include/zeep/http/message-parser.hpp Examining data/libzeep-5.0.2/include/zeep/http/preforked-server.hpp Examining data/libzeep-5.0.2/include/zeep/http/reply.hpp Examining data/libzeep-5.0.2/include/zeep/http/request.hpp Examining data/libzeep-5.0.2/include/zeep/http/rest-controller.hpp Examining data/libzeep-5.0.2/include/zeep/http/security.hpp Examining data/libzeep-5.0.2/include/zeep/http/server.hpp Examining data/libzeep-5.0.2/include/zeep/http/soap-controller.hpp Examining data/libzeep-5.0.2/include/zeep/http/tag-processor.hpp Examining data/libzeep-5.0.2/include/zeep/http/template-processor.hpp Examining data/libzeep-5.0.2/include/zeep/json/element.hpp Examining data/libzeep-5.0.2/include/zeep/json/element_fwd.hpp Examining data/libzeep-5.0.2/include/zeep/json/factory.hpp Examining data/libzeep-5.0.2/include/zeep/json/from_element.hpp Examining data/libzeep-5.0.2/include/zeep/json/iterator.hpp Examining data/libzeep-5.0.2/include/zeep/json/parser.hpp Examining data/libzeep-5.0.2/include/zeep/json/serializer.hpp Examining data/libzeep-5.0.2/include/zeep/json/to_element.hpp Examining data/libzeep-5.0.2/include/zeep/json/type_traits.hpp Examining data/libzeep-5.0.2/include/zeep/nvp.hpp Examining data/libzeep-5.0.2/include/zeep/streambuf.hpp Examining data/libzeep-5.0.2/include/zeep/type-traits.hpp Examining data/libzeep-5.0.2/include/zeep/unicode-support.hpp Examining data/libzeep-5.0.2/include/zeep/value-serializer.hpp Examining data/libzeep-5.0.2/include/zeep/xml/character-classification.hpp Examining data/libzeep-5.0.2/include/zeep/xml/doctype.hpp Examining data/libzeep-5.0.2/include/zeep/xml/document.hpp Examining data/libzeep-5.0.2/include/zeep/xml/node.hpp Examining data/libzeep-5.0.2/include/zeep/xml/parser.hpp Examining data/libzeep-5.0.2/include/zeep/xml/serialize.hpp Examining data/libzeep-5.0.2/include/zeep/xml/xpath.hpp Examining data/libzeep-5.0.2/lib-http/src/connection.cpp Examining data/libzeep-5.0.2/lib-http/src/controller-rsrc.cpp Examining data/libzeep-5.0.2/lib-http/src/controller.cpp Examining data/libzeep-5.0.2/lib-http/src/crypto.cpp Examining data/libzeep-5.0.2/lib-http/src/daemon.cpp Examining data/libzeep-5.0.2/lib-http/src/el-processing.cpp Examining data/libzeep-5.0.2/lib-http/src/error-handler.cpp Examining data/libzeep-5.0.2/lib-http/src/format.cpp Examining data/libzeep-5.0.2/lib-http/src/format.hpp Examining data/libzeep-5.0.2/lib-http/src/glob.cpp Examining data/libzeep-5.0.2/lib-http/src/glob.hpp Examining data/libzeep-5.0.2/lib-http/src/html-controller.cpp Examining data/libzeep-5.0.2/lib-http/src/login-controller.cpp Examining data/libzeep-5.0.2/lib-http/src/message-parser.cpp Examining data/libzeep-5.0.2/lib-http/src/preforked-server.cpp Examining data/libzeep-5.0.2/lib-http/src/reply.cpp Examining data/libzeep-5.0.2/lib-http/src/request.cpp Examining data/libzeep-5.0.2/lib-http/src/rest-controller.cpp Examining data/libzeep-5.0.2/lib-http/src/security.cpp Examining data/libzeep-5.0.2/lib-http/src/server.cpp Examining data/libzeep-5.0.2/lib-http/src/soap-controller.cpp Examining data/libzeep-5.0.2/lib-http/src/tag-processor-v2.cpp Examining data/libzeep-5.0.2/lib-http/src/tag-processor.cpp Examining data/libzeep-5.0.2/lib-http/src/template-processor.cpp Examining data/libzeep-5.0.2/lib-http/test/client-test-code.cpp Examining data/libzeep-5.0.2/lib-http/test/client-test-code.hpp Examining data/libzeep-5.0.2/lib-http/test/crypto-test.cpp Examining data/libzeep-5.0.2/lib-http/test/http-test.cpp Examining data/libzeep-5.0.2/lib-http/test/processor-test.cpp Examining data/libzeep-5.0.2/lib-http/test/rest-test.cpp Examining data/libzeep-5.0.2/lib-http/test/rsrc_webapp-test.cpp Examining data/libzeep-5.0.2/lib-http/test/soap-test.cpp Examining data/libzeep-5.0.2/lib-http/test/webapp-test.cpp Examining data/libzeep-5.0.2/lib-json/src/element.cpp Examining data/libzeep-5.0.2/lib-json/src/json-parser.cpp Examining data/libzeep-5.0.2/lib-json/test/json-test.cpp Examining data/libzeep-5.0.2/lib-xml/src/character-classification.cpp Examining data/libzeep-5.0.2/lib-xml/src/doctype.cpp Examining data/libzeep-5.0.2/lib-xml/src/document.cpp Examining data/libzeep-5.0.2/lib-xml/src/node.cpp Examining data/libzeep-5.0.2/lib-xml/src/xml-parser.cpp Examining data/libzeep-5.0.2/lib-xml/src/xpath.cpp Examining data/libzeep-5.0.2/lib-xml/test/parser-test.cpp Examining data/libzeep-5.0.2/lib-xml/test/serializer-test.cpp Examining data/libzeep-5.0.2/lib-xml/test/unit-test.cpp Examining data/libzeep-5.0.2/lib-xml/test/xpath-test.cpp FINAL RESULTS: data/libzeep-5.0.2/lib-http/src/controller-rsrc.cpp:429:10: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. int r = readlink("/proc/self/exe", exePath, PATH_MAX); data/libzeep-5.0.2/lib-http/src/daemon.cpp:486:7: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (readlink(("/proc/" + std::to_string(pid) + "/exe").c_str(), path, sizeof(path)) > 0) data/libzeep-5.0.2/lib-http/src/daemon.cpp:489:8: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (readlink("/proc/self/exe", exe, sizeof(exe)) == -1) data/libzeep-5.0.2/include/zeep/http/connection.hpp:38:26: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. void handle_read(boost::system::error_code ec, size_t bytes_transferred); data/libzeep-5.0.2/include/zeep/http/connection.hpp:39:27: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. void handle_write(boost::system::error_code ec, size_t bytes_transferred); data/libzeep-5.0.2/include/zeep/http/server.hpp:171:28: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. void handle_accept(boost::system::error_code ec); data/libzeep-5.0.2/lib-http/src/connection.cpp:33:36: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. [self=shared_from_this()](boost::system::error_code ec, size_t bytes_transferred) data/libzeep-5.0.2/lib-http/src/connection.cpp:37:37: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. void connection::handle_read(boost::system::error_code ec, size_t bytes_transferred) data/libzeep-5.0.2/lib-http/src/connection.cpp:67:38: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. [self=shared_from_this()](boost::system::error_code ec, size_t bytes_transferred) data/libzeep-5.0.2/lib-http/src/connection.cpp:77:38: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. [self=shared_from_this()](boost::system::error_code ec, size_t bytes_transferred) data/libzeep-5.0.2/lib-http/src/connection.cpp:84:38: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. [self=shared_from_this()](boost::system::error_code ec, size_t bytes_transferred) data/libzeep-5.0.2/lib-http/src/connection.cpp:90:38: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. void connection::handle_write(boost::system::error_code ec, size_t bytes_transferred) data/libzeep-5.0.2/lib-http/src/connection.cpp:99:38: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. [self=shared_from_this()](boost::system::error_code ec, size_t bytes_transferred) data/libzeep-5.0.2/lib-http/src/connection.cpp:113:39: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. [self=shared_from_this()](boost::system::error_code ec, size_t bytes_transferred) data/libzeep-5.0.2/lib-http/src/daemon.cpp:195:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. boost::system::error_code ec; data/libzeep-5.0.2/lib-http/src/preforked-server.cpp:129:34: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. void handle_accept(const boost::system::error_code& ec); data/libzeep-5.0.2/lib-http/src/preforked-server.cpp:240:48: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. void child_process::handle_accept(const boost::system::error_code& ec) data/libzeep-5.0.2/lib-http/src/server.cpp:85:17: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. [this](boost::system::error_code ec) { this->handle_accept(ec); }); data/libzeep-5.0.2/lib-http/src/server.cpp:123:35: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. void server::handle_accept(boost::system::error_code ec) data/libzeep-5.0.2/lib-http/src/server.cpp:130:18: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. [this](boost::system::error_code ec) { this->handle_accept(ec); }); data/libzeep-5.0.2/lib-http/test/client-test-code.cpp:32:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. boost::system::error_code ignored_error; data/libzeep-5.0.2/lib-http/test/client-test-code.cpp:41:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. boost::system::error_code error; data/libzeep-5.0.2/lib-http/test/client-test-code.cpp:48:17: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. throw boost::system::system_error(error); // Some other error. data/libzeep-5.0.2/include/zeep/http/reply.hpp:174:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_size_buffer[8]; ///< to store the string with the size for chunked encoding data/libzeep-5.0.2/include/zeep/http/request.hpp:271:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_version[3]; ///< The version string data/libzeep-5.0.2/include/zeep/unicode-support.hpp:75:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[2] = { data/libzeep-5.0.2/include/zeep/unicode-support.hpp:83:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[3] = { data/libzeep-5.0.2/include/zeep/unicode-support.hpp:92:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[4] = { data/libzeep-5.0.2/include/zeep/unicode-support.hpp:152:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ch[3]; data/libzeep-5.0.2/include/zeep/unicode-support.hpp:181:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[sizeof(i) * 2 + 3]; data/libzeep-5.0.2/lib-http/src/controller-rsrc.cpp:428:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exePath[PATH_MAX + 1]; data/libzeep-5.0.2/lib-http/src/crypto.cpp:181:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[4] = { '=', '=', '=', '=' }; data/libzeep-5.0.2/lib-http/src/crypto.cpp:436:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char kURLAcceptable[96] = data/libzeep-5.0.2/lib-http/src/crypto.cpp:475:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[4 * 4]; data/libzeep-5.0.2/lib-http/src/crypto.cpp:681:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b, &l, sizeof(l)); data/libzeep-5.0.2/lib-http/src/crypto.cpp:702:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(w.s, data, 64); data/libzeep-5.0.2/lib-http/src/crypto.cpp:764:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(const_cast<char*>(result.data()), &m_h, digest_size); data/libzeep-5.0.2/lib-http/src/crypto.cpp:806:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b, &l, sizeof(l)); data/libzeep-5.0.2/lib-http/src/crypto.cpp:842:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(w.w, data, 64); data/libzeep-5.0.2/lib-http/src/crypto.cpp:889:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(const_cast<char*>(result.data()), &m_h, digest_size); data/libzeep-5.0.2/lib-http/src/crypto.cpp:959:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_data + m_data_length, p, n); data/libzeep-5.0.2/lib-http/src/crypto.cpp:981:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_data, p, length); data/libzeep-5.0.2/lib-http/src/daemon.cpp:83:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). acceptor.open(endpoint.protocol()); data/libzeep-5.0.2/lib-http/src/daemon.cpp:200:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). acceptor.open(endpoint.protocol()); data/libzeep-5.0.2/lib-http/src/daemon.cpp:297:5: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open("/dev/null", O_RDONLY); data/libzeep-5.0.2/lib-http/src/daemon.cpp:303:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd_out = open(m_stdout_log_file.c_str(), O_CREAT|O_APPEND|O_RDWR, 0644); data/libzeep-5.0.2/lib-http/src/daemon.cpp:316:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd_err = open(m_stderr_log_file.c_str(), O_CREAT|O_APPEND|O_RDWR, 0644); data/libzeep-5.0.2/lib-http/src/daemon.cpp:485:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[PATH_MAX] = ""; data/libzeep-5.0.2/lib-http/src/daemon.cpp:488:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exe[PATH_MAX] = ""; data/libzeep-5.0.2/lib-http/src/el-processing.cpp:399:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ch[5]; data/libzeep-5.0.2/lib-http/src/preforked-server.cpp:43:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char control[16]; data/libzeep-5.0.2/lib-http/src/preforked-server.cpp:45:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char control[CMSG_SPACE(sizeof(int))]; data/libzeep-5.0.2/lib-http/src/preforked-server.cpp:259:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char control[16]; data/libzeep-5.0.2/lib-http/src/preforked-server.cpp:261:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char control[CMSG_SPACE(sizeof(native_handle_type))]; data/libzeep-5.0.2/lib-http/src/preforked-server.cpp:341:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). acceptor.open(endpoint.protocol()); data/libzeep-5.0.2/lib-http/src/reply.cpp:196:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[10240]; data/libzeep-5.0.2/lib-http/src/server.cpp:80:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_acceptor->open(endpoint.protocol()); data/libzeep-5.0.2/lib-http/src/template-processor.cpp:225:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024] = ""; data/libzeep-5.0.2/lib-json/src/element.cpp:805:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char kHex[17] = "0123456789abcdef"; data/libzeep-5.0.2/lib-json/src/json-parser.cpp:110:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ch[3]; data/libzeep-5.0.2/lib-json/src/json-parser.cpp:179:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[2] = { data/libzeep-5.0.2/lib-json/src/json-parser.cpp:186:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[3] = { data/libzeep-5.0.2/lib-json/src/json-parser.cpp:194:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[4] = { data/libzeep-5.0.2/lib-xml/src/document.cpp:365:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file->open(m_dtd_dir + '/' + path, std::ios::binary); data/libzeep-5.0.2/lib-xml/src/xml-parser.cpp:281:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ch[3]; data/libzeep-5.0.2/lib-xml/src/xml-parser.cpp:2997:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ++open; data/libzeep-5.0.2/lib-xml/src/xml-parser.cpp:3002:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). --open; data/libzeep-5.0.2/lib-xml/src/xml-parser.cpp:3110:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (open != 0) data/libzeep-5.0.2/lib-xml/src/xpath.cpp:1859:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ch[5]; data/libzeep-5.0.2/include/zeep/streambuf.hpp:40:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). : m_begin(buffer), m_end(buffer + strlen(buffer)), m_current(buffer) data/libzeep-5.0.2/include/zeep/unicode-support.hpp:60:37: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. for (std::string::size_type i = 0; equal and i < a.length(); ++i) data/libzeep-5.0.2/include/zeep/unicode-support.hpp:63:9: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. return equal; data/libzeep-5.0.2/include/zeep/xml/serialize.hpp:197:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) == 0 or strcmp(name, ".") == 0) data/libzeep-5.0.2/include/zeep/xml/serialize.hpp:209:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) == 0 or strcmp(name, ".") == 0) data/libzeep-5.0.2/include/zeep/xml/serialize.hpp:310:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) == 0 or strcmp(name, ".") == 0) data/libzeep-5.0.2/include/zeep/xml/serialize.hpp:322:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (std::strlen(name) == 0 or std::strcmp(name, ".") == 0) data/libzeep-5.0.2/include/zeep/xml/serialize.hpp:389:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) == 0 or strcmp(name, ".") == 0) data/libzeep-5.0.2/include/zeep/xml/serialize.hpp:408:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) == 0 or strcmp(name, ".") == 0) data/libzeep-5.0.2/lib-http/src/request.cpp:198:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t nlen = strlen(name); data/libzeep-5.0.2/lib-http/src/request.cpp:252:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). std::string boundary = contentType.substr(b + strlen("boundary=")); data/libzeep-5.0.2/lib-http/src/request.cpp:463:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). m_boundary = contentType.substr(b + strlen("boundary=")); data/libzeep-5.0.2/lib-http/src/template-processor.cpp:241:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(msg, lpMsgBuf, sizeof(msg)); data/libzeep-5.0.2/lib-http/test/crypto-test.cpp:100:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). BOOST_CHECK_EQUAL(len, strlen(s)); data/libzeep-5.0.2/lib-http/test/crypto-test.cpp:104:5: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). is.read(b.data(), len); data/libzeep-5.0.2/lib-http/test/http-test.cpp:97:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). io::stream<io::array_source> is(s, s + strlen(s)); data/libzeep-5.0.2/lib-http/test/http-test.cpp:100:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). BOOST_CHECK_EQUAL(len, strlen(s)); ANALYSIS SUMMARY: Hits = 86 Lines analyzed = 36201 in approximately 0.78 seconds (46659 lines/second) Physical Source Lines of Code (SLOC) = 25623 Hits@level = [0] 1 [1] 17 [2] 46 [3] 0 [4] 20 [5] 3 Hits@level+ = [0+] 87 [1+] 86 [2+] 69 [3+] 23 [4+] 23 [5+] 3 Hits/KSLOC@level+ = [0+] 3.39539 [1+] 3.35636 [2+] 2.69289 [3+] 0.897631 [4+] 0.897631 [5+] 0.117082 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.