Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/linuxptp-1.9.2/address.h
Examining data/linuxptp-1.9.2/bmc.c
Examining data/linuxptp-1.9.2/bmc.h
Examining data/linuxptp-1.9.2/clock.c
Examining data/linuxptp-1.9.2/clock.h
Examining data/linuxptp-1.9.2/clockadj.c
Examining data/linuxptp-1.9.2/clockadj.h
Examining data/linuxptp-1.9.2/clockcheck.c
Examining data/linuxptp-1.9.2/clockcheck.h
Examining data/linuxptp-1.9.2/config.c
Examining data/linuxptp-1.9.2/config.h
Examining data/linuxptp-1.9.2/contain.h
Examining data/linuxptp-1.9.2/ddt.h
Examining data/linuxptp-1.9.2/dm.h
Examining data/linuxptp-1.9.2/ds.h
Examining data/linuxptp-1.9.2/ether.h
Examining data/linuxptp-1.9.2/fault.c
Examining data/linuxptp-1.9.2/fault.h
Examining data/linuxptp-1.9.2/fd.h
Examining data/linuxptp-1.9.2/filter.c
Examining data/linuxptp-1.9.2/filter.h
Examining data/linuxptp-1.9.2/filter_private.h
Examining data/linuxptp-1.9.2/foreign.h
Examining data/linuxptp-1.9.2/fsm.c
Examining data/linuxptp-1.9.2/fsm.h
Examining data/linuxptp-1.9.2/hash.c
Examining data/linuxptp-1.9.2/hash.h
Examining data/linuxptp-1.9.2/hwstamp_ctl.c
Examining data/linuxptp-1.9.2/linreg.c
Examining data/linuxptp-1.9.2/linreg.h
Examining data/linuxptp-1.9.2/mave.c
Examining data/linuxptp-1.9.2/mave.h
Examining data/linuxptp-1.9.2/missing.h
Examining data/linuxptp-1.9.2/mmedian.c
Examining data/linuxptp-1.9.2/mmedian.h
Examining data/linuxptp-1.9.2/msg.c
Examining data/linuxptp-1.9.2/msg.h
Examining data/linuxptp-1.9.2/notification.h
Examining data/linuxptp-1.9.2/nsm.c
Examining data/linuxptp-1.9.2/ntpshm.c
Examining data/linuxptp-1.9.2/ntpshm.h
Examining data/linuxptp-1.9.2/nullf.c
Examining data/linuxptp-1.9.2/nullf.h
Examining data/linuxptp-1.9.2/pdt.h
Examining data/linuxptp-1.9.2/phc.c
Examining data/linuxptp-1.9.2/phc.h
Examining data/linuxptp-1.9.2/phc2sys.c
Examining data/linuxptp-1.9.2/phc_ctl.c
Examining data/linuxptp-1.9.2/pi.c
Examining data/linuxptp-1.9.2/pi.h
Examining data/linuxptp-1.9.2/pmc.c
Examining data/linuxptp-1.9.2/pmc_common.c
Examining data/linuxptp-1.9.2/pmc_common.h
Examining data/linuxptp-1.9.2/port.c
Examining data/linuxptp-1.9.2/port.h
Examining data/linuxptp-1.9.2/print.c
Examining data/linuxptp-1.9.2/print.h
Examining data/linuxptp-1.9.2/ptp4l.c
Examining data/linuxptp-1.9.2/raw.c
Examining data/linuxptp-1.9.2/raw.h
Examining data/linuxptp-1.9.2/rtnl.c
Examining data/linuxptp-1.9.2/rtnl.h
Examining data/linuxptp-1.9.2/servo.c
Examining data/linuxptp-1.9.2/servo.h
Examining data/linuxptp-1.9.2/servo_private.h
Examining data/linuxptp-1.9.2/sk.c
Examining data/linuxptp-1.9.2/sk.h
Examining data/linuxptp-1.9.2/stats.c
Examining data/linuxptp-1.9.2/stats.h
Examining data/linuxptp-1.9.2/sysoff.c
Examining data/linuxptp-1.9.2/sysoff.h
Examining data/linuxptp-1.9.2/timemaster.c
Examining data/linuxptp-1.9.2/tlv.c
Examining data/linuxptp-1.9.2/tlv.h
Examining data/linuxptp-1.9.2/tmv.h
Examining data/linuxptp-1.9.2/transport.c
Examining data/linuxptp-1.9.2/transport.h
Examining data/linuxptp-1.9.2/transport_private.h
Examining data/linuxptp-1.9.2/tsproc.c
Examining data/linuxptp-1.9.2/tsproc.h
Examining data/linuxptp-1.9.2/udp.c
Examining data/linuxptp-1.9.2/udp.h
Examining data/linuxptp-1.9.2/udp6.c
Examining data/linuxptp-1.9.2/udp6.h
Examining data/linuxptp-1.9.2/uds.c
Examining data/linuxptp-1.9.2/uds.h
Examining data/linuxptp-1.9.2/util.c
Examining data/linuxptp-1.9.2/util.h
Examining data/linuxptp-1.9.2/version.c
Examining data/linuxptp-1.9.2/version.h
FINAL RESULTS:
data/linuxptp-1.9.2/uds.c:89:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(name, UDS_FILEMODE);
data/linuxptp-1.9.2/pmc.c:196:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, IFMT "manufacturerId %s"
data/linuxptp-1.9.2/pmc.c:200:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, IFMT "revisionData %s",
data/linuxptp-1.9.2/pmc.c:202:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, IFMT "userDescription %s"
data/linuxptp-1.9.2/print.c:71:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), format, ap);
data/linuxptp-1.9.2/print.h:31:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 2, 3)))
data/linuxptp-1.9.2/timemaster.c:978:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(command[0], (char **)command);
data/linuxptp-1.9.2/util.h:320:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 1, 2)))
data/linuxptp-1.9.2/util.h:333:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 2, 3)))
data/linuxptp-1.9.2/clock.c:857:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(ts.tv_sec ^ ts.tv_nsec);
data/linuxptp-1.9.2/hwstamp_ctl.c:93:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (EOF != (c = getopt(argc, argv, "hi:r:t:v"))) {
data/linuxptp-1.9.2/nsm.c:514:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (EOF != (c = getopt_long(argc, argv, "f:hi:v", opts, &index))) {
data/linuxptp-1.9.2/phc2sys.c:1371:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (EOF != (c = getopt(argc, argv,
data/linuxptp-1.9.2/phc_ctl.c:515:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (EOF != (c = getopt(argc, argv,
data/linuxptp-1.9.2/pmc.c:707:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (EOF != (c = getopt_long(argc, argv, "246u""b:d:f:hi:s:t:vz",
data/linuxptp-1.9.2/port.c:326:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
value_ns = min_ns + (span_ns * (random() % (1 << 15) + 1) >> 15);
data/linuxptp-1.9.2/ptp4l.c:91:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (EOF != (c = getopt_long(argc, argv, "AEP246HSLf:i:p:sl:mqvh",
data/linuxptp-1.9.2/timemaster.c:1185:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (EOF != (c = getopt(argc, argv, "f:nl:mqvh"))) {
data/linuxptp-1.9.2/clock.c:164:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->events, bitmask, EVENT_BITMASK_CNT);
data/linuxptp-1.9.2/clock.c:183:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->events, bitmask, EVENT_BITMASK_CNT);
data/linuxptp-1.9.2/clock.c:199:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bitmask, s->events, EVENT_BITMASK_CNT);
data/linuxptp-1.9.2/clock.c:355:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(text->text, c->desc.userDescription.text, text->length);
data/linuxptp-1.9.2/clock.c:359:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tlv->data, &c->dds, sizeof(c->dds));
data/linuxptp-1.9.2/clock.c:363:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tlv->data, &c->cur, sizeof(c->cur));
data/linuxptp-1.9.2/clock.c:367:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tlv->data, &c->dad.pds, sizeof(c->dad.pds));
data/linuxptp-1.9.2/clock.c:371:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tlv->data, &c->tds, sizeof(c->tds));
data/linuxptp-1.9.2/clock.c:850:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char oui[OUI_LEN];
data/linuxptp-1.9.2/clock.c:851:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char phc[32], *tmp;
data/linuxptp-1.9.2/clock.c:907:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c->desc.manufacturerIdentity, oui, OUI_LEN);
data/linuxptp-1.9.2/clock.c:1553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char phc[32];
data/linuxptp-1.9.2/config.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[CONFIG_LABEL_SIZE];
data/linuxptp-1.9.2/config.c:258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CONFIG_LABEL_SIZE + MAX_IFNAME_SIZE];
data/linuxptp-1.9.2/config.c:290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CONFIG_LABEL_SIZE + MAX_IFNAME_SIZE];
data/linuxptp-1.9.2/config.c:439:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *str, *fault_options[2] = {
data/linuxptp-1.9.2/config.c:529:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], *line, *c;
data/linuxptp-1.9.2/config.c:534:44: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = 0 == strncmp(name, "-", 2) ? stdin : fopen(name, "r");
data/linuxptp-1.9.2/config.c:561:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port[17];
data/linuxptp-1.9.2/config.c:649:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CONFIG_LABEL_SIZE + 8];
data/linuxptp-1.9.2/config.h:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_IFNAME_SIZE + 1];
data/linuxptp-1.9.2/config.h:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ts_label[MAX_IFNAME_SIZE + 1];
data/linuxptp-1.9.2/fault.c:21:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *fault_type_str[FT_CNT] = {
data/linuxptp-1.9.2/hwstamp_ctl.c:100:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rxopt = atoi(optarg);
data/linuxptp-1.9.2/hwstamp_ctl.c:104:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
txopt = atoi(optarg);
data/linuxptp-1.9.2/msg.c:43:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reserved[MSG_HEADROOM];
data/linuxptp-1.9.2/nsm.c:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char action_str[10+1] = {0}, id_str[64+1] = {0};
data/linuxptp-1.9.2/nsm.c:361:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac[MAC_LEN];
data/linuxptp-1.9.2/nsm.c:395:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dst.sll.sll_addr, mac, MAC_LEN);
data/linuxptp-1.9.2/phc.c:45:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(phc, O_RDWR);
data/linuxptp-1.9.2/phc2sys.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char phc_device[16];
data/linuxptp-1.9.2/phc2sys.c:162:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(phc_device, "/dev/ptp%d", ts_info.phc_index);
data/linuxptp-1.9.2/phc2sys.c:350:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface[IFNAMSIZ];
data/linuxptp-1.9.2/phc2sys.c:902:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uds_local[MAX_IFNAME_SIZE + 1];
data/linuxptp-1.9.2/phc2sys.c:1105:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iface, ppn->interface.text, len);
data/linuxptp-1.9.2/phc2sys.c:1128:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&node->clock_identity, &dds->clockIdentity,
data/linuxptp-1.9.2/phc2sys.c:1148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface[IFNAMSIZ];
data/linuxptp-1.9.2/phc2sys.c:1384:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pps_fd = open(optarg, O_RDONLY);
data/linuxptp-1.9.2/phc_ctl.c:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char phc_device[16];
data/linuxptp-1.9.2/phc_ctl.c:139:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(phc_device, "/dev/ptp%d", ts_info.phc_index);
data/linuxptp-1.9.2/pmc.c:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/linuxptp-1.9.2/pmc.c:132:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BIN_BUF_SIZE];
data/linuxptp-1.9.2/pmc.c:624:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char action_str[10+1] = {0}, id_str[64+1] = {0};
data/linuxptp-1.9.2/pmc.c:686:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024], *command = NULL, uds_local[MAX_IFNAME_SIZE + 1];
data/linuxptp-1.9.2/pmc.c:741:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
boundary_hops = atoi(optarg);
data/linuxptp-1.9.2/pmc.c:744:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (config_set_int(cfg, "domainNumber", atoi(optarg))) {
data/linuxptp-1.9.2/pmc_common.c:299:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgt->data, data, datasize);
data/linuxptp-1.9.2/port.c:197:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(paddr->address, &m->address.sin.sin_addr.s_addr, len);
data/linuxptp-1.9.2/port.c:201:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(paddr->address, &m->address.sin6.sin6_addr.s6_addr, len);
data/linuxptp-1.9.2/port.c:205:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(paddr->address, &m->address.sll.sll_addr, len);
data/linuxptp-1.9.2/port.c:483:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fui->id, ieee8021_id, sizeof(ieee8021_id));
data/linuxptp-1.9.2/port.c:539:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(head->parent_addr.address, paddr->address, paddr->addressLength);
data/linuxptp-1.9.2/port.c:624:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptt->cid, dad->ptl, ptt->length);
data/linuxptp-1.9.2/port.c:892:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cd->physicalAddress->length, &u16, 2);
data/linuxptp-1.9.2/port.c:897:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cd->protocolAddress->networkProtocol, &u16, 2);
data/linuxptp-1.9.2/port.c:900:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cd->protocolAddress->addressLength, &u16, 2);
data/linuxptp-1.9.2/port.c:905:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cd->manufacturerIdentity,
data/linuxptp-1.9.2/port.c:923:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, profile_id_p2p, PROFILE_ID_LEN);
data/linuxptp-1.9.2/port.c:925:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, profile_id_drr, PROFILE_ID_LEN);
data/linuxptp-1.9.2/port.c:1741:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dad->ptl, ptt->cid, ptt->length);
data/linuxptp-1.9.2/port.c:2440:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ts_label[MAX_IFNAME_SIZE + 1] = {0};
data/linuxptp-1.9.2/print.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/linuxptp-1.9.2/raw.c:110:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mreq.mr_address, addr1, MAC_LEN);
data/linuxptp-1.9.2/raw.c:116:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mreq.mr_address, addr2, MAC_LEN);
data/linuxptp-1.9.2/raw.c:193:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr->sll.sll_addr, mac, MAC_LEN);
data/linuxptp-1.9.2/raw.c:199:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mac, &addr->sll.sll_addr, MAC_LEN);
data/linuxptp-1.9.2/raw.c:206:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ptp_dst_mac[MAC_LEN];
data/linuxptp-1.9.2/raw.c:207:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char p2p_dst_mac[MAC_LEN];
data/linuxptp-1.9.2/raw.c:300:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pkt[1600], *ptr = buf;
data/linuxptp-1.9.2/sk.c:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[64], buf[64], addr[8];
data/linuxptp-1.9.2/sk.c:170:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "r");
data/linuxptp-1.9.2/sk.c:197:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(guid, addr, GUID_LEN);
data/linuxptp-1.9.2/sk.c:242:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mac->sll.sll_addr, &ifreq.ifr_hwaddr.sa_data, MAC_LEN);
data/linuxptp-1.9.2/sk.c:267:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->sin, i->ifa_addr, addr->len);
data/linuxptp-1.9.2/sk.c:271:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->sin6, i->ifa_addr, addr->len);
data/linuxptp-1.9.2/sk.c:290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control[256];
data/linuxptp-1.9.2/timemaster.c:501:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096], *line, *section_name = NULL;
data/linuxptp-1.9.2/timemaster.c:519:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(path, "r");
data/linuxptp-1.9.2/timemaster.c:1016:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(config->path, "w");
data/linuxptp-1.9.2/timemaster.c:1194:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
print_set_level(atoi(optarg));
data/linuxptp-1.9.2/tlv.c:60:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, &v, sizeof(v));
data/linuxptp-1.9.2/tlv.c:69:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, &v, sizeof(v));
data/linuxptp-1.9.2/tlv.c:78:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, &v, sizeof(v));
data/linuxptp-1.9.2/transport.c:37:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return t->open(t, iface, fda, tt);
data/linuxptp-1.9.2/transport_private.h:35:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int (*open)(struct transport *t, struct interface *iface,
data/linuxptp-1.9.2/udp.c:73:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&req.imr_multiaddr, &sa->sin_addr, sizeof(struct in_addr));
data/linuxptp-1.9.2/udp.c:95:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int open_socket(const char *name, struct in_addr mc_addr[2], short port,
data/linuxptp-1.9.2/udp.c:225:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char junk[1600];
data/linuxptp-1.9.2/udp.c:270:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, udp->mac.sll.sll_addr, len);
data/linuxptp-1.9.2/udp.c:282:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, &udp->ip.sin.sin_addr.s_addr, len);
data/linuxptp-1.9.2/udp6.c:78:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&req.ipv6mr_multiaddr, &sa->sin6_addr, sizeof(struct in6_addr));
data/linuxptp-1.9.2/udp6.c:100:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int open_socket_ipv6(const char *name, struct in6_addr mc_addr[2], short port,
data/linuxptp-1.9.2/udp6.c:236:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char junk[1600];
data/linuxptp-1.9.2/udp6.c:278:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, udp6->mac.sll.sll_addr, len);
data/linuxptp-1.9.2/udp6.c:290:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, &udp6->ip.sin6.sin6_addr.s6_addr, len);
data/linuxptp-1.9.2/util.c:93:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[64];
data/linuxptp-1.9.2/util.c:114:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[64];
data/linuxptp-1.9.2/util.c:125:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BIN_BUF_SIZE];
data/linuxptp-1.9.2/util.c:142:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int str2mac(const char *s, unsigned char mac[MAC_LEN])
data/linuxptp-1.9.2/util.c:142:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int str2mac(const char *s, unsigned char mac[MAC_LEN])
data/linuxptp-1.9.2/util.c:144:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[MAC_LEN];
data/linuxptp-1.9.2/util.c:151:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mac, buf, MAC_LEN);
data/linuxptp-1.9.2/util.c:225:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->text, src->text, len);
data/linuxptp-1.9.2/util.c:233:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->text, src->text, src->length);
data/linuxptp-1.9.2/util.c:244:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->text, src, len);
data/linuxptp-1.9.2/util.c:259:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->text, src, len);
data/linuxptp-1.9.2/util.c:503:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*s) + len1, str, len2 + 1);
data/linuxptp-1.9.2/util.c:525:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*s) + len1, s2, len2 + 1);
data/linuxptp-1.9.2/util.h:90:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int str2mac(const char *s, unsigned char mac[MAC_LEN]);
data/linuxptp-1.9.2/util.h:90:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int str2mac(const char *s, unsigned char mac[MAC_LEN]);
data/linuxptp-1.9.2/clock.c:838:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(iface->ts_label, iface->name, MAX_IFNAME_SIZE);
data/linuxptp-1.9.2/config.c:297:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ci->label, name, CONFIG_LABEL_SIZE - 1);
data/linuxptp-1.9.2/config.c:555:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c += strlen(line) - 1;
data/linuxptp-1.9.2/config.c:562:14: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (1 != sscanf(line, " %16s", port)) {
data/linuxptp-1.9.2/config.c:640:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(iface->name, name, MAX_IFNAME_SIZE);
data/linuxptp-1.9.2/hwstamp_ctl.c:134:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifreq.ifr_name, device, sizeof(ifreq.ifr_name) - 1);
data/linuxptp-1.9.2/nsm.c:60:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == strncasecmp(cmd, "HELP", strlen(cmd))) {
data/linuxptp-1.9.2/nsm.c:64:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (2 != sscanf(cmd, " %10s %64s", action_str, id_str)) {
data/linuxptp-1.9.2/nsm.c:68:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == strncasecmp(action_str, "NSM", strlen(action_str))) {
data/linuxptp-1.9.2/nsm.c:272:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(iface->ts_label, iface->name, MAX_IFNAME_SIZE);
data/linuxptp-1.9.2/nsm.c:596:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(line);
data/linuxptp-1.9.2/phc2sys.c:1470:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg) > MAX_IFNAME_SIZE) {
data/linuxptp-1.9.2/phc_ctl.c:460:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(all_commands[i].name)))
data/linuxptp-1.9.2/pmc.c:558:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(s);
data/linuxptp-1.9.2/pmc.c:572:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, index = BAD_ID, len = strlen(s);
data/linuxptp-1.9.2/pmc.c:626:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == strncasecmp(str, "HELP", strlen(str))) {
data/linuxptp-1.9.2/pmc.c:631:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (2 != sscanf(str, " %10s %64s", action_str, id_str))
data/linuxptp-1.9.2/pmc.c:634:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == strncasecmp(action_str, "TARGET", strlen(action_str)))
data/linuxptp-1.9.2/pmc.c:756:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg) > MAX_IFNAME_SIZE) {
data/linuxptp-1.9.2/pmc.c:876:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(line);
data/linuxptp-1.9.2/pmc_common.c:97:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(iface.name, iface_name, MAX_IFNAME_SIZE);
data/linuxptp-1.9.2/pmc_common.c:99:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(iface.ts_label, iface.name, MAX_IFNAME_SIZE);
data/linuxptp-1.9.2/port.c:2453:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p->iface->ts_label, ts_label, MAX_IFNAME_SIZE);
data/linuxptp-1.9.2/raw.c:175:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, name, strlen(name))) {
data/linuxptp-1.9.2/sk.c:55:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifreq.ifr_name, device, sizeof(ifreq.ifr_name) - 1);
data/linuxptp-1.9.2/sk.c:99:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifreq.ifr_name, name, sizeof(ifreq.ifr_name) - 1);
data/linuxptp-1.9.2/sk.c:128:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, name, IFNAMSIZ - 1);
data/linuxptp-1.9.2/sk.c:213:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifreq.ifr_name, name, sizeof(ifreq.ifr_name) - 1);
data/linuxptp-1.9.2/timemaster.c:528:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (line = buf + strlen(buf) - 1;
data/linuxptp-1.9.2/timemaster.c:1023:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(config->content), 1, file) != 1) {
data/linuxptp-1.9.2/udp.c:123:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, name, strlen(name))) {
data/linuxptp-1.9.2/udp6.c:130:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, name, strlen(name))) {
data/linuxptp-1.9.2/uds.c:71:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sa.sun_path, name, sizeof(sa.sun_path) - 1);
data/linuxptp-1.9.2/uds.c:85:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sa.sun_path, uds_path, sizeof(sa.sun_path) - 1);
data/linuxptp-1.9.2/util.c:240:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(src);
data/linuxptp-1.9.2/util.c:253:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(src);
data/linuxptp-1.9.2/util.c:500:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(*s);
data/linuxptp-1.9.2/util.c:501:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str);
data/linuxptp-1.9.2/util.c:513:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(*s);
ANALYSIS SUMMARY:
Hits = 167
Lines analyzed = 22436 in approximately 0.57 seconds (39634 lines/second)
Physical Source Lines of Code (SLOC) = 16108
Hits@level = [0] 154 [1] 39 [2] 110 [3] 9 [4] 8 [5] 1
Hits@level+ = [0+] 321 [1+] 167 [2+] 128 [3+] 18 [4+] 9 [5+] 1
Hits/KSLOC@level+ = [0+] 19.928 [1+] 10.3675 [2+] 7.94636 [3+] 1.11746 [4+] 0.558729 [5+] 0.062081
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.