Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libzeep-5.0.2/examples/http-server-0.cpp
Examining data/libzeep-5.0.2/examples/http-server-1.cpp
Examining data/libzeep-5.0.2/examples/http-server-2.cpp
Examining data/libzeep-5.0.2/examples/rest-sample-2.cpp
Examining data/libzeep-5.0.2/examples/rest-sample.cpp
Examining data/libzeep-5.0.2/examples/security-sample.cpp
Examining data/libzeep-5.0.2/examples/serialize-xml.cpp
Examining data/libzeep-5.0.2/examples/synopsis-el-1.cpp
Examining data/libzeep-5.0.2/examples/synopsis-json.cpp
Examining data/libzeep-5.0.2/examples/synopsis-xml.cpp
Examining data/libzeep-5.0.2/examples/validating-xml-sample.cpp
Examining data/libzeep-5.0.2/examples/xpath-sample.cpp
Examining data/libzeep-5.0.2/include/zeep/config.hpp
Examining data/libzeep-5.0.2/include/zeep/crypto.hpp
Examining data/libzeep-5.0.2/include/zeep/exception.hpp
Examining data/libzeep-5.0.2/include/zeep/http/connection.hpp
Examining data/libzeep-5.0.2/include/zeep/http/controller.hpp
Examining data/libzeep-5.0.2/include/zeep/http/daemon.hpp
Examining data/libzeep-5.0.2/include/zeep/http/el-processing.hpp
Examining data/libzeep-5.0.2/include/zeep/http/error-handler.hpp
Examining data/libzeep-5.0.2/include/zeep/http/header.hpp
Examining data/libzeep-5.0.2/include/zeep/http/html-controller.hpp
Examining data/libzeep-5.0.2/include/zeep/http/login-controller.hpp
Examining data/libzeep-5.0.2/include/zeep/http/message-parser.hpp
Examining data/libzeep-5.0.2/include/zeep/http/preforked-server.hpp
Examining data/libzeep-5.0.2/include/zeep/http/reply.hpp
Examining data/libzeep-5.0.2/include/zeep/http/request.hpp
Examining data/libzeep-5.0.2/include/zeep/http/rest-controller.hpp
Examining data/libzeep-5.0.2/include/zeep/http/security.hpp
Examining data/libzeep-5.0.2/include/zeep/http/server.hpp
Examining data/libzeep-5.0.2/include/zeep/http/soap-controller.hpp
Examining data/libzeep-5.0.2/include/zeep/http/tag-processor.hpp
Examining data/libzeep-5.0.2/include/zeep/http/template-processor.hpp
Examining data/libzeep-5.0.2/include/zeep/json/element.hpp
Examining data/libzeep-5.0.2/include/zeep/json/element_fwd.hpp
Examining data/libzeep-5.0.2/include/zeep/json/factory.hpp
Examining data/libzeep-5.0.2/include/zeep/json/from_element.hpp
Examining data/libzeep-5.0.2/include/zeep/json/iterator.hpp
Examining data/libzeep-5.0.2/include/zeep/json/parser.hpp
Examining data/libzeep-5.0.2/include/zeep/json/serializer.hpp
Examining data/libzeep-5.0.2/include/zeep/json/to_element.hpp
Examining data/libzeep-5.0.2/include/zeep/json/type_traits.hpp
Examining data/libzeep-5.0.2/include/zeep/nvp.hpp
Examining data/libzeep-5.0.2/include/zeep/streambuf.hpp
Examining data/libzeep-5.0.2/include/zeep/type-traits.hpp
Examining data/libzeep-5.0.2/include/zeep/unicode-support.hpp
Examining data/libzeep-5.0.2/include/zeep/value-serializer.hpp
Examining data/libzeep-5.0.2/include/zeep/xml/character-classification.hpp
Examining data/libzeep-5.0.2/include/zeep/xml/doctype.hpp
Examining data/libzeep-5.0.2/include/zeep/xml/document.hpp
Examining data/libzeep-5.0.2/include/zeep/xml/node.hpp
Examining data/libzeep-5.0.2/include/zeep/xml/parser.hpp
Examining data/libzeep-5.0.2/include/zeep/xml/serialize.hpp
Examining data/libzeep-5.0.2/include/zeep/xml/xpath.hpp
Examining data/libzeep-5.0.2/lib-http/src/connection.cpp
Examining data/libzeep-5.0.2/lib-http/src/controller-rsrc.cpp
Examining data/libzeep-5.0.2/lib-http/src/controller.cpp
Examining data/libzeep-5.0.2/lib-http/src/crypto.cpp
Examining data/libzeep-5.0.2/lib-http/src/daemon.cpp
Examining data/libzeep-5.0.2/lib-http/src/el-processing.cpp
Examining data/libzeep-5.0.2/lib-http/src/error-handler.cpp
Examining data/libzeep-5.0.2/lib-http/src/format.cpp
Examining data/libzeep-5.0.2/lib-http/src/format.hpp
Examining data/libzeep-5.0.2/lib-http/src/glob.cpp
Examining data/libzeep-5.0.2/lib-http/src/glob.hpp
Examining data/libzeep-5.0.2/lib-http/src/html-controller.cpp
Examining data/libzeep-5.0.2/lib-http/src/login-controller.cpp
Examining data/libzeep-5.0.2/lib-http/src/message-parser.cpp
Examining data/libzeep-5.0.2/lib-http/src/preforked-server.cpp
Examining data/libzeep-5.0.2/lib-http/src/reply.cpp
Examining data/libzeep-5.0.2/lib-http/src/request.cpp
Examining data/libzeep-5.0.2/lib-http/src/rest-controller.cpp
Examining data/libzeep-5.0.2/lib-http/src/security.cpp
Examining data/libzeep-5.0.2/lib-http/src/server.cpp
Examining data/libzeep-5.0.2/lib-http/src/soap-controller.cpp
Examining data/libzeep-5.0.2/lib-http/src/tag-processor-v2.cpp
Examining data/libzeep-5.0.2/lib-http/src/tag-processor.cpp
Examining data/libzeep-5.0.2/lib-http/src/template-processor.cpp
Examining data/libzeep-5.0.2/lib-http/test/client-test-code.cpp
Examining data/libzeep-5.0.2/lib-http/test/client-test-code.hpp
Examining data/libzeep-5.0.2/lib-http/test/crypto-test.cpp
Examining data/libzeep-5.0.2/lib-http/test/http-test.cpp
Examining data/libzeep-5.0.2/lib-http/test/processor-test.cpp
Examining data/libzeep-5.0.2/lib-http/test/rest-test.cpp
Examining data/libzeep-5.0.2/lib-http/test/rsrc_webapp-test.cpp
Examining data/libzeep-5.0.2/lib-http/test/soap-test.cpp
Examining data/libzeep-5.0.2/lib-http/test/webapp-test.cpp
Examining data/libzeep-5.0.2/lib-json/src/element.cpp
Examining data/libzeep-5.0.2/lib-json/src/json-parser.cpp
Examining data/libzeep-5.0.2/lib-json/test/json-test.cpp
Examining data/libzeep-5.0.2/lib-xml/src/character-classification.cpp
Examining data/libzeep-5.0.2/lib-xml/src/doctype.cpp
Examining data/libzeep-5.0.2/lib-xml/src/document.cpp
Examining data/libzeep-5.0.2/lib-xml/src/node.cpp
Examining data/libzeep-5.0.2/lib-xml/src/xml-parser.cpp
Examining data/libzeep-5.0.2/lib-xml/src/xpath.cpp
Examining data/libzeep-5.0.2/lib-xml/test/parser-test.cpp
Examining data/libzeep-5.0.2/lib-xml/test/serializer-test.cpp
Examining data/libzeep-5.0.2/lib-xml/test/unit-test.cpp
Examining data/libzeep-5.0.2/lib-xml/test/xpath-test.cpp
FINAL RESULTS:
data/libzeep-5.0.2/lib-http/src/controller-rsrc.cpp:429:10: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
int r = readlink("/proc/self/exe", exePath, PATH_MAX);
data/libzeep-5.0.2/lib-http/src/daemon.cpp:486:7: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if (readlink(("/proc/" + std::to_string(pid) + "/exe").c_str(), path, sizeof(path)) > 0)
data/libzeep-5.0.2/lib-http/src/daemon.cpp:489:8: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if (readlink("/proc/self/exe", exe, sizeof(exe)) == -1)
data/libzeep-5.0.2/include/zeep/http/connection.hpp:38:26: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_read(boost::system::error_code ec, size_t bytes_transferred);
data/libzeep-5.0.2/include/zeep/http/connection.hpp:39:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_write(boost::system::error_code ec, size_t bytes_transferred);
data/libzeep-5.0.2/include/zeep/http/server.hpp:171:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_accept(boost::system::error_code ec);
data/libzeep-5.0.2/lib-http/src/connection.cpp:33:36: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
[self=shared_from_this()](boost::system::error_code ec, size_t bytes_transferred)
data/libzeep-5.0.2/lib-http/src/connection.cpp:37:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void connection::handle_read(boost::system::error_code ec, size_t bytes_transferred)
data/libzeep-5.0.2/lib-http/src/connection.cpp:67:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
[self=shared_from_this()](boost::system::error_code ec, size_t bytes_transferred)
data/libzeep-5.0.2/lib-http/src/connection.cpp:77:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
[self=shared_from_this()](boost::system::error_code ec, size_t bytes_transferred)
data/libzeep-5.0.2/lib-http/src/connection.cpp:84:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
[self=shared_from_this()](boost::system::error_code ec, size_t bytes_transferred)
data/libzeep-5.0.2/lib-http/src/connection.cpp:90:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void connection::handle_write(boost::system::error_code ec, size_t bytes_transferred)
data/libzeep-5.0.2/lib-http/src/connection.cpp:99:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
[self=shared_from_this()](boost::system::error_code ec, size_t bytes_transferred)
data/libzeep-5.0.2/lib-http/src/connection.cpp:113:39: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
[self=shared_from_this()](boost::system::error_code ec, size_t bytes_transferred)
data/libzeep-5.0.2/lib-http/src/daemon.cpp:195:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code ec;
data/libzeep-5.0.2/lib-http/src/preforked-server.cpp:129:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void handle_accept(const boost::system::error_code& ec);
data/libzeep-5.0.2/lib-http/src/preforked-server.cpp:240:48: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void child_process::handle_accept(const boost::system::error_code& ec)
data/libzeep-5.0.2/lib-http/src/server.cpp:85:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
[this](boost::system::error_code ec) { this->handle_accept(ec); });
data/libzeep-5.0.2/lib-http/src/server.cpp:123:35: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void server::handle_accept(boost::system::error_code ec)
data/libzeep-5.0.2/lib-http/src/server.cpp:130:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
[this](boost::system::error_code ec) { this->handle_accept(ec); });
data/libzeep-5.0.2/lib-http/test/client-test-code.cpp:32:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code ignored_error;
data/libzeep-5.0.2/lib-http/test/client-test-code.cpp:41:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
boost::system::error_code error;
data/libzeep-5.0.2/lib-http/test/client-test-code.cpp:48:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
throw boost::system::system_error(error); // Some other error.
data/libzeep-5.0.2/include/zeep/http/reply.hpp:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_size_buffer[8]; ///< to store the string with the size for chunked encoding
data/libzeep-5.0.2/include/zeep/http/request.hpp:271:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_version[3]; ///< The version string
data/libzeep-5.0.2/include/zeep/unicode-support.hpp:75:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[2] = {
data/libzeep-5.0.2/include/zeep/unicode-support.hpp:83:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[3] = {
data/libzeep-5.0.2/include/zeep/unicode-support.hpp:92:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[4] = {
data/libzeep-5.0.2/include/zeep/unicode-support.hpp:152:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ch[3];
data/libzeep-5.0.2/include/zeep/unicode-support.hpp:181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[sizeof(i) * 2 + 3];
data/libzeep-5.0.2/lib-http/src/controller-rsrc.cpp:428:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exePath[PATH_MAX + 1];
data/libzeep-5.0.2/lib-http/src/crypto.cpp:181:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[4] = { '=', '=', '=', '=' };
data/libzeep-5.0.2/lib-http/src/crypto.cpp:436:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char kURLAcceptable[96] =
data/libzeep-5.0.2/lib-http/src/crypto.cpp:475:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[4 * 4];
data/libzeep-5.0.2/lib-http/src/crypto.cpp:681:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b, &l, sizeof(l));
data/libzeep-5.0.2/lib-http/src/crypto.cpp:702:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(w.s, data, 64);
data/libzeep-5.0.2/lib-http/src/crypto.cpp:764:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(const_cast<char*>(result.data()), &m_h, digest_size);
data/libzeep-5.0.2/lib-http/src/crypto.cpp:806:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b, &l, sizeof(l));
data/libzeep-5.0.2/lib-http/src/crypto.cpp:842:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(w.w, data, 64);
data/libzeep-5.0.2/lib-http/src/crypto.cpp:889:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(const_cast<char*>(result.data()), &m_h, digest_size);
data/libzeep-5.0.2/lib-http/src/crypto.cpp:959:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_data + m_data_length, p, n);
data/libzeep-5.0.2/lib-http/src/crypto.cpp:981:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_data, p, length);
data/libzeep-5.0.2/lib-http/src/daemon.cpp:83:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
acceptor.open(endpoint.protocol());
data/libzeep-5.0.2/lib-http/src/daemon.cpp:200:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
acceptor.open(endpoint.protocol());
data/libzeep-5.0.2/lib-http/src/daemon.cpp:297:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open("/dev/null", O_RDONLY);
data/libzeep-5.0.2/lib-http/src/daemon.cpp:303:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd_out = open(m_stdout_log_file.c_str(), O_CREAT|O_APPEND|O_RDWR, 0644);
data/libzeep-5.0.2/lib-http/src/daemon.cpp:316:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd_err = open(m_stderr_log_file.c_str(), O_CREAT|O_APPEND|O_RDWR, 0644);
data/libzeep-5.0.2/lib-http/src/daemon.cpp:485:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX] = "";
data/libzeep-5.0.2/lib-http/src/daemon.cpp:488:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exe[PATH_MAX] = "";
data/libzeep-5.0.2/lib-http/src/el-processing.cpp:399:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ch[5];
data/libzeep-5.0.2/lib-http/src/preforked-server.cpp:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control[16];
data/libzeep-5.0.2/lib-http/src/preforked-server.cpp:45:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control[CMSG_SPACE(sizeof(int))];
data/libzeep-5.0.2/lib-http/src/preforked-server.cpp:259:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control[16];
data/libzeep-5.0.2/lib-http/src/preforked-server.cpp:261:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control[CMSG_SPACE(sizeof(native_handle_type))];
data/libzeep-5.0.2/lib-http/src/preforked-server.cpp:341:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
acceptor.open(endpoint.protocol());
data/libzeep-5.0.2/lib-http/src/reply.cpp:196:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10240];
data/libzeep-5.0.2/lib-http/src/server.cpp:80:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_acceptor->open(endpoint.protocol());
data/libzeep-5.0.2/lib-http/src/template-processor.cpp:225:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[1024] = "";
data/libzeep-5.0.2/lib-json/src/element.cpp:805:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char kHex[17] = "0123456789abcdef";
data/libzeep-5.0.2/lib-json/src/json-parser.cpp:110:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ch[3];
data/libzeep-5.0.2/lib-json/src/json-parser.cpp:179:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[2] = {
data/libzeep-5.0.2/lib-json/src/json-parser.cpp:186:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[3] = {
data/libzeep-5.0.2/lib-json/src/json-parser.cpp:194:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[4] = {
data/libzeep-5.0.2/lib-xml/src/document.cpp:365:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file->open(m_dtd_dir + '/' + path, std::ios::binary);
data/libzeep-5.0.2/lib-xml/src/xml-parser.cpp:281:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ch[3];
data/libzeep-5.0.2/lib-xml/src/xml-parser.cpp:2997:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
++open;
data/libzeep-5.0.2/lib-xml/src/xml-parser.cpp:3002:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
--open;
data/libzeep-5.0.2/lib-xml/src/xml-parser.cpp:3110:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open != 0)
data/libzeep-5.0.2/lib-xml/src/xpath.cpp:1859:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ch[5];
data/libzeep-5.0.2/include/zeep/streambuf.hpp:40:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
: m_begin(buffer), m_end(buffer + strlen(buffer)), m_current(buffer)
data/libzeep-5.0.2/include/zeep/unicode-support.hpp:60:37: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
for (std::string::size_type i = 0; equal and i < a.length(); ++i)
data/libzeep-5.0.2/include/zeep/unicode-support.hpp:63:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return equal;
data/libzeep-5.0.2/include/zeep/xml/serialize.hpp:197:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == 0 or strcmp(name, ".") == 0)
data/libzeep-5.0.2/include/zeep/xml/serialize.hpp:209:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == 0 or strcmp(name, ".") == 0)
data/libzeep-5.0.2/include/zeep/xml/serialize.hpp:310:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == 0 or strcmp(name, ".") == 0)
data/libzeep-5.0.2/include/zeep/xml/serialize.hpp:322:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (std::strlen(name) == 0 or std::strcmp(name, ".") == 0)
data/libzeep-5.0.2/include/zeep/xml/serialize.hpp:389:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == 0 or strcmp(name, ".") == 0)
data/libzeep-5.0.2/include/zeep/xml/serialize.hpp:408:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == 0 or strcmp(name, ".") == 0)
data/libzeep-5.0.2/lib-http/src/request.cpp:198:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nlen = strlen(name);
data/libzeep-5.0.2/lib-http/src/request.cpp:252:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::string boundary = contentType.substr(b + strlen("boundary="));
data/libzeep-5.0.2/lib-http/src/request.cpp:463:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_boundary = contentType.substr(b + strlen("boundary="));
data/libzeep-5.0.2/lib-http/src/template-processor.cpp:241:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(msg, lpMsgBuf, sizeof(msg));
data/libzeep-5.0.2/lib-http/test/crypto-test.cpp:100:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BOOST_CHECK_EQUAL(len, strlen(s));
data/libzeep-5.0.2/lib-http/test/crypto-test.cpp:104:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
is.read(b.data(), len);
data/libzeep-5.0.2/lib-http/test/http-test.cpp:97:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
io::stream<io::array_source> is(s, s + strlen(s));
data/libzeep-5.0.2/lib-http/test/http-test.cpp:100:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BOOST_CHECK_EQUAL(len, strlen(s));
ANALYSIS SUMMARY:
Hits = 86
Lines analyzed = 36201 in approximately 0.78 seconds (46659 lines/second)
Physical Source Lines of Code (SLOC) = 25623
Hits@level = [0] 1 [1] 17 [2] 46 [3] 0 [4] 20 [5] 3
Hits@level+ = [0+] 87 [1+] 86 [2+] 69 [3+] 23 [4+] 23 [5+] 3
Hits/KSLOC@level+ = [0+] 3.39539 [1+] 3.35636 [2+] 2.69289 [3+] 0.897631 [4+] 0.897631 [5+] 0.117082
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.