Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/netmate-0.2.0/layer2.h
Examining data/netmate-0.2.0/layer3.h
Examining data/netmate-0.2.0/layer4.h
Examining data/netmate-0.2.0/netmate.c
Examining data/netmate-0.2.0/tooltips.h
Examining data/netmate-0.2.0/win32.h
FINAL RESULTS:
data/netmate-0.2.0/layer2.h:306:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Packet Type: %u (%s)", htons(sll->sll_pkttype), "Sent to us (unicast)");
data/netmate-0.2.0/layer2.h:309:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Packet Type: %u (%s)", htons(sll->sll_pkttype), "Sent to us (broadcast)");
data/netmate-0.2.0/layer2.h:312:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Packet Type: %u (%s)", htons(sll->sll_pkttype), "Sent to us (multicast)");
data/netmate-0.2.0/layer2.h:315:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Packet Type: %u (%s)", htons(sll->sll_pkttype), "Sent to someone else (unicast)");
data/netmate-0.2.0/layer2.h:318:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Packet Type: %u (%s)", htons(sll->sll_pkttype), "Sent by us");
data/netmate-0.2.0/layer2.h:321:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Packet Type: %u (%s)", htons(sll->sll_pkttype), "UNKNOWN");
data/netmate-0.2.0/layer2.h:326:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "ARPHRD_ Type: %u (%s)", htons(sll->sll_hatype), hardwaretype(htons(sll->sll_hatype)));
data/netmate-0.2.0/layer2.h:338:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Protocol Type: 0x%04x (%s)", htons(sll->sll_protocol), ethertype(htons(sll->sll_protocol)));
data/netmate-0.2.0/layer2.h:384:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Type: 0x%04x (%s)", htons(eth->ether_type), ethertype(htons(eth->ether_type)));
data/netmate-0.2.0/layer3.h:918:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Protocol: %u (%s)", ipv4->protocol, ipprotocol(ipv4->protocol));
data/netmate-0.2.0/layer3.h:949:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Class: %u (%s)", opttype & IPOPT_CLASS_MASK, ipv4_optclass(opttype & IPOPT_CLASS_MASK));
data/netmate-0.2.0/layer3.h:953:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Number: %u (%s)", opttype & IPOPT_NUMBER_MASK, ipv4_optnumber(opttype & IPOPT_NUMBER_MASK));
data/netmate-0.2.0/layer3.h:972:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Opt. Data 0x%s (%s)", optdata, ipv4_optdata(opttype & IPOPT_NUMBER_MASK, optdata));
data/netmate-0.2.0/layer3.h:1050:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Next Header: %u (%s)", ipv6_nh, ipprotocol(ipv6_nh));
data/netmate-0.2.0/layer3.h:1068:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Next Header: %u (%s)", ipv6_nh, ipprotocol(ipv6_nh));
data/netmate-0.2.0/layer3.h:1080:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Type: %u (%s)", opttype, ipv6_hopopt_type(opttype));
data/netmate-0.2.0/layer3.h:1093:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Data: 0x%s", optdata);
data/netmate-0.2.0/layer3.h:1140:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Hardware Type: %u (%s)", htons(arp->ar_hrd), hardwaretype(htons(arp->ar_hrd)));
data/netmate-0.2.0/layer3.h:1144:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Protocol Type: 0x%04x (%s)", htons(arp->ar_pro), ethertype(htons(arp->ar_pro)));
data/netmate-0.2.0/layer3.h:1156:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Operation: %u (%s)", htons(arp->ar_op), arp_operation(htons(arp->ar_op)));
data/netmate-0.2.0/layer3.h:1217:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Type: %u (%s)", icmp->type, icmp_type(icmp->type));
data/netmate-0.2.0/layer3.h:1221:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Code: %u (%s)", icmp->code, icmp_code(icmp->type, icmp->code));
data/netmate-0.2.0/layer3.h:1317:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Data 0x%s", optdata);
data/netmate-0.2.0/layer3.h:1368:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Type: %u (%s)", icmpv6->icmp6_type, icmpv6_type(icmpv6->icmp6_type));
data/netmate-0.2.0/layer3.h:1372:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Code: %u (%s)", icmpv6->icmp6_code, icmpv6_code(icmpv6->icmp6_type, icmpv6->icmp6_code));
data/netmate-0.2.0/layer3.h:1507:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Type: %u (%s)", opttype, icmpv6_opttype(opttype));
data/netmate-0.2.0/layer3.h:1521:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Source Link-layer Address: %s", optdata);
data/netmate-0.2.0/layer3.h:1529:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Target Link-layer Address: %s", optdata);
data/netmate-0.2.0/layer3.h:1577:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "IP Header + Data: 0x%s", optdata);
data/netmate-0.2.0/layer4.h:204:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Option Kind: %u (%s)", optkind, tcp_optkind(optkind));
data/netmate-0.2.0/layer4.h:230:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "Option Data: 0x%s", optdata);
data/netmate-0.2.0/netmate.c:209:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label, "\n%s is not supported yet.\n\nPlease send an email to Ruport@web.de if you want it to be supported in future releases.", protocol);
data/netmate-0.2.0/netmate.c:443:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*protocol, "%s", hardwaretype(pcap_datalink(handler)));
data/netmate-0.2.0/netmate.c:477:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*protocol, "%s", ethertype(nextproto));
data/netmate-0.2.0/netmate.c:530:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(*protocol, "%s", ipprotocol(nextproto));
data/netmate-0.2.0/netmate.c:620:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(filename, F_OK ) == -1 ) {
data/netmate-0.2.0/netmate.c:792:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title, "NetMate v%s", VERSION);
data/netmate-0.2.0/layer2.h:295:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "%u", x);
data/netmate-0.2.0/layer2.h:330:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Link-layer Address Length: %u", htons(sll->sll_halen));
data/netmate-0.2.0/layer2.h:334:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Link-layer Address: %02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x", sll->sll_addr[0], sll->sll_addr[1], sll->sll_addr[2], sll->sll_addr[3], sll->sll_addr[4], sll->sll_addr[5], sll->sll_addr[6], sll->sll_addr[7]);
data/netmate-0.2.0/layer2.h:367:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "%u", x);
data/netmate-0.2.0/layer2.h:376:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Destination: %02x:%02x:%02x:%02x:%02x:%02x", eth->ether_dhost[0], eth->ether_dhost[1], eth->ether_dhost[2], eth->ether_dhost[3], eth->ether_dhost[4], eth->ether_dhost[5]);
data/netmate-0.2.0/layer2.h:380:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Source: %02x:%02x:%02x:%02x:%02x:%02x", eth->ether_shost[0], eth->ether_shost[1], eth->ether_shost[2], eth->ether_shost[3], eth->ether_shost[4], eth->ether_shost[5]);
data/netmate-0.2.0/layer3.h:853:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "%u", x);
data/netmate-0.2.0/layer3.h:862:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Version: %u", ipv4->version);
data/netmate-0.2.0/layer3.h:866:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "IHL: %u (%u bytes)", ipv4->ihl, ipv4->ihl*4);
data/netmate-0.2.0/layer3.h:871:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "DSCP: 0x%02x", ipv4_dscp);
data/netmate-0.2.0/layer3.h:876:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "ECN:\n0x%02x", ipv4_ecn);
data/netmate-0.2.0/layer3.h:880:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Total Length: %u", htons(ipv4->tot_len));
data/netmate-0.2.0/layer3.h:884:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Identification: 0x%04x", htons(ipv4->id));
data/netmate-0.2.0/layer3.h:910:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Fragment Offset: %u (%u bytes)", ipv4_offset, ipv4_offset << 3);
data/netmate-0.2.0/layer3.h:914:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Time To Live: %u", ipv4->ttl);
data/netmate-0.2.0/layer3.h:922:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Header checksum: 0x%04x", htons(ipv4->check));
data/netmate-0.2.0/layer3.h:926:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Source IP Address: %u.%u.%u.%u", ipv4->saddr & 0xff, (ipv4->saddr >> 8) & 0xff, (ipv4->saddr >> 16) & 0xff, (ipv4->saddr >> 24) & 0xff);
data/netmate-0.2.0/layer3.h:930:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Destination IP Address: %u.%u.%u.%u", ipv4->daddr & 0xff, (ipv4->daddr >> 8) & 0xff, (ipv4->daddr >> 16) & 0xff, (ipv4->daddr >> 24) & 0xff);
data/netmate-0.2.0/layer3.h:961:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Length: %u", optlen);
data/netmate-0.2.0/layer3.h:968:32: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
for (i=0; i<optlen-2; ++i) sprintf(&optdata[i*2], "%02x", (unsigned int)options[i+2]);
data/netmate-0.2.0/layer3.h:1021:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "%u", x);
data/netmate-0.2.0/layer3.h:1031:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Version: %u", ipv6_version);
data/netmate-0.2.0/layer3.h:1036:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Traffic Class: 0x%02x", ipv6_tc);
data/netmate-0.2.0/layer3.h:1041:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Flow Label: 0x%06x", ipv6_fl);
data/netmate-0.2.0/layer3.h:1045:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Payload Length: %u", htons(ipv6->ip6_ctlun.ip6_un1.ip6_un1_plen));
data/netmate-0.2.0/layer3.h:1054:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Hop Limit: %u", ipv6->ip6_ctlun.ip6_un1.ip6_un1_hlim);
data/netmate-0.2.0/layer3.h:1058:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Source Address: %04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x", htons(ipv6->ip6_src.__in6_u.__u6_addr16[0]), htons(ipv6->ip6_src.__in6_u.__u6_addr16[1]), htons(ipv6->ip6_src.__in6_u.__u6_addr16[2]), htons(ipv6->ip6_src.__in6_u.__u6_addr16[3]), htons(ipv6->ip6_src.__in6_u.__u6_addr16[4]), htons(ipv6->ip6_src.__in6_u.__u6_addr16[5]), htons(ipv6->ip6_src.__in6_u.__u6_addr16[6]), htons(ipv6->ip6_src.__in6_u.__u6_addr16[7]));
data/netmate-0.2.0/layer3.h:1062:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Destination Address: %04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x", htons(ipv6->ip6_dst.__in6_u.__u6_addr16[0]), htons(ipv6->ip6_dst.__in6_u.__u6_addr16[1]), htons(ipv6->ip6_dst.__in6_u.__u6_addr16[2]), htons(ipv6->ip6_dst.__in6_u.__u6_addr16[3]), htons(ipv6->ip6_dst.__in6_u.__u6_addr16[4]), htons(ipv6->ip6_dst.__in6_u.__u6_addr16[5]), htons(ipv6->ip6_dst.__in6_u.__u6_addr16[6]), htons(ipv6->ip6_dst.__in6_u.__u6_addr16[7]));
data/netmate-0.2.0/layer3.h:1073:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Length: %u (%u bytes)", hoplen, hoplen*8);
data/netmate-0.2.0/layer3.h:1084:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Length: %u", optlen);
data/netmate-0.2.0/layer3.h:1090:34: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
for (i=0; i<optlen; ++i) sprintf(&optdata[i*2], "%02x", (unsigned int)options[i+2]);
data/netmate-0.2.0/layer3.h:1131:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "%u", x);
data/netmate-0.2.0/layer3.h:1148:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Hardware Length: %u", arp->ar_hln);
data/netmate-0.2.0/layer3.h:1152:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Protocol Length: %u", arp->ar_pln);
data/netmate-0.2.0/layer3.h:1160:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Sender Hardware Address: %02x:%02x:%02x:%02x:%02x:%02x", options[0], options[1], options[2], options[3], options[4], options[5]);
data/netmate-0.2.0/layer3.h:1165:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Sender Protocol Address: %u.%u.%u.%u", options[0], options[1], options[2], options[3]);
data/netmate-0.2.0/layer3.h:1170:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Target Hardware Address: %02x:%02x:%02x:%02x:%02x:%02x", options[0], options[1], options[2], options[3], options[4], options[5]);
data/netmate-0.2.0/layer3.h:1175:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Target Protocol Address: %u.%u.%u.%u", options[0], options[1], options[2], options[3]);
data/netmate-0.2.0/layer3.h:1208:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "%u", x);
data/netmate-0.2.0/layer3.h:1225:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Checksum: 0x%04x", htons(icmp->checksum));
data/netmate-0.2.0/layer3.h:1233:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Identifier: 0x%04x", htons(icmp->un.echo.id));
data/netmate-0.2.0/layer3.h:1236:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Sequence Number: 0x%04x", htons(icmp->un.echo.sequence));
data/netmate-0.2.0/layer3.h:1245:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Unused: 0x%08x", htonl(icmp->un.gateway));
data/netmate-0.2.0/layer3.h:1253:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Gateway Internet Address: %u.%u.%u.%u", icmp->un.gateway & 0xff, (icmp->un.gateway >> 8) & 0xff, (icmp->un.gateway >> 16) & 0xff, (icmp->un.gateway >> 24) & 0xff);
data/netmate-0.2.0/layer3.h:1259:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Pointer: 0x%02x", htonl(icmp->un.gateway & 0x000000ff));
data/netmate-0.2.0/layer3.h:1262:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Unused: 0x%06x", htonl(icmp->un.gateway & 0xffffff00));
data/netmate-0.2.0/layer3.h:1272:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Identifier: 0x%04x", htons(icmp->un.echo.id));
data/netmate-0.2.0/layer3.h:1275:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Sequence Number: 0x%04x", htons(icmp->un.echo.sequence));
data/netmate-0.2.0/layer3.h:1287:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Identifier: 0x%04x", htons(icmp->un.echo.id));
data/netmate-0.2.0/layer3.h:1290:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Sequence Number: 0x%04x", htons(icmp->un.echo.sequence));
data/netmate-0.2.0/layer3.h:1299:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Unused: 0x%08x", htonl(icmp->un.gateway));
data/netmate-0.2.0/layer3.h:1313:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
for (i=0; i<optlen; ++i) sprintf(&optdata[i*2], "%02x", (unsigned int)options[i]);
data/netmate-0.2.0/layer3.h:1359:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "%u", x);
data/netmate-0.2.0/layer3.h:1376:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Checksum: 0x%04x", htons(icmpv6->icmp6_cksum));
data/netmate-0.2.0/layer3.h:1383:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ifield, options, 4);
data/netmate-0.2.0/layer3.h:1384:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Reserved: 0x%08x", htonl(ifield));
data/netmate-0.2.0/layer3.h:1391:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Cur Hop Limit: %u", options[0]);
data/netmate-0.2.0/layer3.h:1410:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Reserved: 0x%02x", options[0] & 0x3F);
data/netmate-0.2.0/layer3.h:1415:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sfield, options, 2);
data/netmate-0.2.0/layer3.h:1416:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Router Lifetime: %u", htons(sfield));
data/netmate-0.2.0/layer3.h:1421:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ifield, options, 4);
data/netmate-0.2.0/layer3.h:1422:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Reachable Time: %u", htonl(ifield));
data/netmate-0.2.0/layer3.h:1427:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ifield, options, 4);
data/netmate-0.2.0/layer3.h:1428:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Retrans Timer: %u", htonl(ifield));
data/netmate-0.2.0/layer3.h:1435:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ifield, options, 4);
data/netmate-0.2.0/layer3.h:1436:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Reserved: 0x%08x", htonl(ifield));
data/netmate-0.2.0/layer3.h:1441:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Target Address: %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x", options[0], options[1], options[2], options[3], options[4], options[5], options[6], options[7], options[8], options[9], options[10], options[11], options[12], options[13], options[14], options[15]);
data/netmate-0.2.0/layer3.h:1448:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ifield, options, 4);
data/netmate-0.2.0/layer3.h:1472:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Reserved: 0x%08x", ifield & 0x1FFFFFFF);
data/netmate-0.2.0/layer3.h:1477:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Target Address: %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x", options[0], options[1], options[2], options[3], options[4], options[5], options[6], options[7], options[8], options[9], options[10], options[11], options[12], options[13], options[14], options[15]);
data/netmate-0.2.0/layer3.h:1484:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ifield, options, 4);
data/netmate-0.2.0/layer3.h:1485:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Reserved: 0x%08x", htonl(ifield));
data/netmate-0.2.0/layer3.h:1490:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Target Address: %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x", options[0], options[1], options[2], options[3], options[4], options[5], options[6], options[7], options[8], options[9], options[10], options[11], options[12], options[13], options[14], options[15]);
data/netmate-0.2.0/layer3.h:1495:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Destination Address: %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x", options[0], options[1], options[2], options[3], options[4], options[5], options[6], options[7], options[8], options[9], options[10], options[11], options[12], options[13], options[14], options[15]);
data/netmate-0.2.0/layer3.h:1511:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Length: %u (%u bytes)", options[1], optlen);
data/netmate-0.2.0/layer3.h:1518:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
for (i=0; i<optlen-2; ++i) sprintf(&optdata[i*3], "%02x:", (unsigned int)options[i+2]);
data/netmate-0.2.0/layer3.h:1526:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
for (i=0; i<optlen-2; ++i) sprintf(&optdata[i*3], "%02x:", (unsigned int)options[i+2]);
data/netmate-0.2.0/layer3.h:1534:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Prefix Length: %u", options[3]);
data/netmate-0.2.0/layer3.h:1551:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Reserved: 0x%02x", options[4] & 0x3F);
data/netmate-0.2.0/layer3.h:1554:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ifield, options+4, 4);
data/netmate-0.2.0/layer3.h:1555:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Valid Lifetime: 0x%08x (%u)", htonl(ifield), htonl(ifield));
data/netmate-0.2.0/layer3.h:1558:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ifield, options+8, 4);
data/netmate-0.2.0/layer3.h:1559:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Preferred Lifetime: 0x%08x (%u)", htonl(ifield), htonl(ifield));
data/netmate-0.2.0/layer3.h:1562:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ifield, options+12, 4);
data/netmate-0.2.0/layer3.h:1563:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Reserved: 0x%08x", htonl(ifield));
data/netmate-0.2.0/layer3.h:1566:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Prefix: %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x", options[16], options[17], options[18], options[19], options[20], options[21], options[22], options[23], options[24], options[25], options[26], options[27], options[28], options[29], options[30], options[31]);
data/netmate-0.2.0/layer3.h:1571:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Reserved: 0x%02x%02x%02x%02x%02x%02x", options[2], options[3], options[4], options[5], options[6], options[7]);
data/netmate-0.2.0/layer3.h:1574:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
for (i=0; i<optlen-8; ++i) sprintf(&optdata[i*2], "%02x", (unsigned int)options[i+8]);
data/netmate-0.2.0/layer3.h:1582:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sfield, options+2, 2);
data/netmate-0.2.0/layer3.h:1583:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Reserved: 0x%04x", htons(sfield));
data/netmate-0.2.0/layer3.h:1586:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ifield, options+4, 4);
data/netmate-0.2.0/layer3.h:1587:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "MTU: %u", htonl(ifield));
data/netmate-0.2.0/layer4.h:75:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "%u", x);
data/netmate-0.2.0/layer4.h:84:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Source Port: %u", htons(tcp->source));
data/netmate-0.2.0/layer4.h:88:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Destination Port: %u", htons(tcp->dest));
data/netmate-0.2.0/layer4.h:92:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Sequence Number: %u", htonl(tcp->seq));
data/netmate-0.2.0/layer4.h:96:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Acknowledgement Number: %u", htonl(tcp->ack_seq));
data/netmate-0.2.0/layer4.h:100:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Data Offset: %u (%u bytes)", tcp->doff, tcp->doff*4);
data/netmate-0.2.0/layer4.h:184:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Window Size: %u", htons(tcp->window));
data/netmate-0.2.0/layer4.h:188:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Checksum: 0x%04x", htons(tcp->check));
data/netmate-0.2.0/layer4.h:192:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Urgent Pointer: %u", htons(tcp->urg_ptr));
data/netmate-0.2.0/layer4.h:216:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Option Length: %u", optlen);
data/netmate-0.2.0/layer4.h:226:36: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
for (i=0; i<optlen-2; ++i) sprintf(&optdata[i*2], "%02x", (unsigned int)options[i+2]);
data/netmate-0.2.0/layer4.h:271:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "%u", x);
data/netmate-0.2.0/layer4.h:280:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Source Port: %u", htons(udp->source));
data/netmate-0.2.0/layer4.h:284:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Destination Port: %u", htons(udp->dest));
data/netmate-0.2.0/layer4.h:288:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Length: %u", htons(udp->len));
data/netmate-0.2.0/layer4.h:292:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "Checksum: 0x%02x", htons(udp->check));
data/netmate-0.2.0/netmate.c:227:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[PCAP_ERRBUF_SIZE]; /* pcap error buffer */
data/netmate-0.2.0/netmate.c:451:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*source, "%02x:%02x:%02x:%02x:%02x:%02x", eth->ether_shost[0], eth->ether_shost[1], eth->ether_shost[2], eth->ether_shost[3], eth->ether_shost[4], eth->ether_shost[5]);
data/netmate-0.2.0/netmate.c:452:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*destination, "%02x:%02x:%02x:%02x:%02x:%02x", eth->ether_dhost[0], eth->ether_dhost[1], eth->ether_dhost[2], eth->ether_dhost[3], eth->ether_dhost[4], eth->ether_dhost[5]);
data/netmate-0.2.0/netmate.c:463:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*source, "%02x:%02x:%02x:%02x:%02x:%02x", sll->sll_addr[0], sll->sll_addr[1], sll->sll_addr[2], sll->sll_addr[3], sll->sll_addr[4], sll->sll_addr[5]);
data/netmate-0.2.0/netmate.c:494:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*source, "%u.%u.%u.%u", ipv4->saddr & 0xff, (ipv4->saddr >> 8) & 0xff, (ipv4->saddr >> 16) & 0xff, (ipv4->saddr >> 24) & 0xff);
data/netmate-0.2.0/netmate.c:495:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*destination, "%u.%u.%u.%u", ipv4->daddr & 0xff, (ipv4->daddr >> 8) & 0xff, (ipv4->daddr >> 16) & 0xff, (ipv4->daddr >> 24) & 0xff);
data/netmate-0.2.0/netmate.c:498:44: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (ipv4->frag_off & htons(IP_RF)) strcat(*flags, "RF ");
data/netmate-0.2.0/netmate.c:501:44: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (ipv4->frag_off & htons(IP_DF)) strcat(*flags, "DF ");
data/netmate-0.2.0/netmate.c:504:44: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (ipv4->frag_off & htons(IP_MF)) strcat(*flags, "MF ");
data/netmate-0.2.0/netmate.c:511:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*source, "%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x", htons(ipv6->ip6_src.__in6_u.__u6_addr16[0]), htons(ipv6->ip6_src.__in6_u.__u6_addr16[1]), htons(ipv6->ip6_src.__in6_u.__u6_addr16[2]), htons(ipv6->ip6_src.__in6_u.__u6_addr16[3]), htons(ipv6->ip6_src.__in6_u.__u6_addr16[4]), htons(ipv6->ip6_src.__in6_u.__u6_addr16[5]), htons(ipv6->ip6_src.__in6_u.__u6_addr16[6]), htons(ipv6->ip6_src.__in6_u.__u6_addr16[7]));
data/netmate-0.2.0/netmate.c:512:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*destination, "%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x", htons(ipv6->ip6_dst.__in6_u.__u6_addr16[0]), htons(ipv6->ip6_dst.__in6_u.__u6_addr16[1]), htons(ipv6->ip6_dst.__in6_u.__u6_addr16[2]), htons(ipv6->ip6_dst.__in6_u.__u6_addr16[3]), htons(ipv6->ip6_dst.__in6_u.__u6_addr16[4]), htons(ipv6->ip6_dst.__in6_u.__u6_addr16[5]), htons(ipv6->ip6_dst.__in6_u.__u6_addr16[6]), htons(ipv6->ip6_dst.__in6_u.__u6_addr16[7]));
data/netmate-0.2.0/netmate.c:544:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*sport, "%u", htons(tcp->source));
data/netmate-0.2.0/netmate.c:545:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*dport, "%u", htons(tcp->dest));
data/netmate-0.2.0/netmate.c:548:31: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (tcp->res1 & 0x01) strcat(*flags, "NS ");
data/netmate-0.2.0/netmate.c:551:31: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (tcp->res2 & 0x02) strcat(*flags, "CWR ");
data/netmate-0.2.0/netmate.c:554:31: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (tcp->res2 & 0x01) strcat(*flags, "ECE ");
data/netmate-0.2.0/netmate.c:557:23: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (tcp->urg) strcat(*flags, "URG ");
data/netmate-0.2.0/netmate.c:560:23: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (tcp->ack) strcat(*flags, "ACK ");
data/netmate-0.2.0/netmate.c:563:23: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (tcp->psh) strcat(*flags, "PSH ");
data/netmate-0.2.0/netmate.c:566:23: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (tcp->rst) strcat(*flags, "RST ");
data/netmate-0.2.0/netmate.c:569:23: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (tcp->syn) strcat(*flags, "SYN ");
data/netmate-0.2.0/netmate.c:572:23: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (tcp->fin) strcat(*flags, "FIN ");
data/netmate-0.2.0/netmate.c:578:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*sport, "%u", htons(udp->source));
data/netmate-0.2.0/netmate.c:579:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*dport, "%u", htons(udp->dest));
data/netmate-0.2.0/netmate.c:591:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[PCAP_ERRBUF_SIZE]; /* pcap error buffer */
data/netmate-0.2.0/netmate.c:651:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pcaptime, "%ld.%06ld", realtime, realutime);
data/netmate-0.2.0/win32.h:36:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char __ar_sha[ETH_ALEN]; /* Sender hardware address. */
data/netmate-0.2.0/win32.h:37:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char __ar_sip[4]; /* Sender IP address. */
data/netmate-0.2.0/win32.h:38:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char __ar_tha[ETH_ALEN]; /* Target hardware address. */
data/netmate-0.2.0/win32.h:39:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char __ar_tip[4]; /* Target IP address. */
ANALYSIS SUMMARY:
Hits = 175
Lines analyzed = 3466 in approximately 0.16 seconds (21029 lines/second)
Physical Source Lines of Code (SLOC) = 2524
Hits@level = [0] 0 [1] 0 [2] 138 [3] 0 [4] 37 [5] 0
Hits@level+ = [0+] 175 [1+] 175 [2+] 175 [3+] 37 [4+] 37 [5+] 0
Hits/KSLOC@level+ = [0+] 69.3344 [1+] 69.3344 [2+] 69.3344 [3+] 14.6593 [4+] 14.6593 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.