Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ofono-1.31/btio/btio.c
Examining data/ofono-1.31/btio/btio.h
Examining data/ofono-1.31/linux/gpio.h
Examining data/ofono-1.31/linux/gsmmux.h
Examining data/ofono-1.31/ell/queue.c
Examining data/ofono-1.31/ell/uintset.h
Examining data/ofono-1.31/ell/gpio.h
Examining data/ofono-1.31/ell/gpio.c
Examining data/ofono-1.31/ell/checksum.c
Examining data/ofono-1.31/ell/utf8.c
Examining data/ofono-1.31/ell/timeout.h
Examining data/ofono-1.31/ell/timeout.c
Examining data/ofono-1.31/ell/log.h
Examining data/ofono-1.31/ell/main.h
Examining data/ofono-1.31/ell/util.h
Examining data/ofono-1.31/ell/private.h
Examining data/ofono-1.31/ell/strv.c
Examining data/ofono-1.31/ell/idle.c
Examining data/ofono-1.31/ell/idle.h
Examining data/ofono-1.31/ell/file.c
Examining data/ofono-1.31/ell/test.c
Examining data/ofono-1.31/ell/checksum.h
Examining data/ofono-1.31/ell/file.h
Examining data/ofono-1.31/ell/io.c
Examining data/ofono-1.31/ell/uuid.c
Examining data/ofono-1.31/ell/test.h
Examining data/ofono-1.31/ell/string.c
Examining data/ofono-1.31/ell/main.c
Examining data/ofono-1.31/ell/util.c
Examining data/ofono-1.31/ell/uintset.c
Examining data/ofono-1.31/ell/random.c
Examining data/ofono-1.31/ell/utf8.h
Examining data/ofono-1.31/ell/strv.h
Examining data/ofono-1.31/ell/io.h
Examining data/ofono-1.31/ell/uuid.h
Examining data/ofono-1.31/ell/queue.h
Examining data/ofono-1.31/ell/signal.c
Examining data/ofono-1.31/ell/string.h
Examining data/ofono-1.31/ell/signal.h
Examining data/ofono-1.31/ell/random.h
Examining data/ofono-1.31/ell/missing.h
Examining data/ofono-1.31/ell/log.c
Examining data/ofono-1.31/src/cdma-netreg.c
Examining data/ofono-1.31/src/stkutil.c
Examining data/ofono-1.31/src/handsfree-audio.c
Examining data/ofono-1.31/src/dbus.c
Examining data/ofono-1.31/src/audio-settings.c
Examining data/ofono-1.31/src/location-reporting.c
Examining data/ofono-1.31/src/cdma-connman.c
Examining data/ofono-1.31/src/gnssagent.c
Examining data/ofono-1.31/src/radio-settings.c
Examining data/ofono-1.31/src/call-settings.c
Examining data/ofono-1.31/src/stkagent.h
Examining data/ofono-1.31/src/simutil.h
Examining data/ofono-1.31/src/stk.c
Examining data/ofono-1.31/src/cdma-provision.c
Examining data/ofono-1.31/src/phonebook.c
Examining data/ofono-1.31/src/history.c
Examining data/ofono-1.31/src/util.h
Examining data/ofono-1.31/src/stkutil.h
Examining data/ofono-1.31/src/stkagent.c
Examining data/ofono-1.31/src/message.c
Examining data/ofono-1.31/src/ctm.c
Examining data/ofono-1.31/src/call-meter.c
Examining data/ofono-1.31/src/call-forwarding.c
Examining data/ofono-1.31/src/private-network.c
Examining data/ofono-1.31/src/common.h
Examining data/ofono-1.31/src/cdma-smsutil.h
Examining data/ofono-1.31/src/message-waiting.c
Examining data/ofono-1.31/src/voicecall.c
Examining data/ofono-1.31/src/message.h
Examining data/ofono-1.31/src/storage.c
Examining data/ofono-1.31/src/call-volume.c
Examining data/ofono-1.31/src/lte.c
Examining data/ofono-1.31/src/simfs.h
Examining data/ofono-1.31/src/plugin.c
Examining data/ofono-1.31/src/siri.c
Examining data/ofono-1.31/src/simutil.c
Examining data/ofono-1.31/src/cbs.c
Examining data/ofono-1.31/src/simfs.c
Examining data/ofono-1.31/src/gnssagent.h
Examining data/ofono-1.31/src/ims.c
Examining data/ofono-1.31/src/sms.c
Examining data/ofono-1.31/src/storage.h
Examining data/ofono-1.31/src/netmonagent.h
Examining data/ofono-1.31/src/netmon.c
Examining data/ofono-1.31/src/sim-auth.c
Examining data/ofono-1.31/src/hfp.h
Examining data/ofono-1.31/src/main.c
Examining data/ofono-1.31/src/util.c
Examining data/ofono-1.31/src/handsfree.c
Examining data/ofono-1.31/src/sim.c
Examining data/ofono-1.31/src/nettime.c
Examining data/ofono-1.31/src/smsutil.c
Examining data/ofono-1.31/src/watch.c
Examining data/ofono-1.31/src/call-barring.c
Examining data/ofono-1.31/src/bluetooth.h
Examining data/ofono-1.31/src/emulator.c
Examining data/ofono-1.31/src/ofono.h
Examining data/ofono-1.31/src/netmonagent.c
Examining data/ofono-1.31/src/cdma-smsutil.c
Examining data/ofono-1.31/src/gprs.c
Examining data/ofono-1.31/src/common.c
Examining data/ofono-1.31/src/manager.c
Examining data/ofono-1.31/src/cdma-voicecall.c
Examining data/ofono-1.31/src/smsagent.c
Examining data/ofono-1.31/src/smsutil.h
Examining data/ofono-1.31/src/modem.c
Examining data/ofono-1.31/src/ussd.c
Examining data/ofono-1.31/src/cdma-sms.c
Examining data/ofono-1.31/src/gprs-provision.c
Examining data/ofono-1.31/src/smsagent.h
Examining data/ofono-1.31/src/log.c
Examining data/ofono-1.31/src/gnss.c
Examining data/ofono-1.31/src/network.c
Examining data/ofono-1.31/drivers/hsomodem/hsomodem.c
Examining data/ofono-1.31/drivers/hsomodem/radio-settings.c
Examining data/ofono-1.31/drivers/hsomodem/hsomodem.h
Examining data/ofono-1.31/drivers/hsomodem/gprs-context.c
Examining data/ofono-1.31/drivers/mbimmodem/mbimmodem.h
Examining data/ofono-1.31/drivers/mbimmodem/mbim.h
Examining data/ofono-1.31/drivers/mbimmodem/util.h
Examining data/ofono-1.31/drivers/mbimmodem/mbim-desc.h
Examining data/ofono-1.31/drivers/mbimmodem/mbimmodem.c
Examining data/ofono-1.31/drivers/mbimmodem/mbim-private.h
Examining data/ofono-1.31/drivers/mbimmodem/devinfo.c
Examining data/ofono-1.31/drivers/mbimmodem/mbim-message.c
Examining data/ofono-1.31/drivers/mbimmodem/sms.c
Examining data/ofono-1.31/drivers/mbimmodem/gprs-context.c
Examining data/ofono-1.31/drivers/mbimmodem/mbim-message.h
Examining data/ofono-1.31/drivers/mbimmodem/network-registration.c
Examining data/ofono-1.31/drivers/mbimmodem/util.c
Examining data/ofono-1.31/drivers/mbimmodem/sim.c
Examining data/ofono-1.31/drivers/mbimmodem/mbim-desc.c
Examining data/ofono-1.31/drivers/mbimmodem/gprs.c
Examining data/ofono-1.31/drivers/mbimmodem/mbim.c
Examining data/ofono-1.31/drivers/mbmmodem/location-reporting.c
Examining data/ofono-1.31/drivers/mbmmodem/mbmmodem.c
Examining data/ofono-1.31/drivers/mbmmodem/stk.c
Examining data/ofono-1.31/drivers/mbmmodem/mbmmodem.h
Examining data/ofono-1.31/drivers/mbmmodem/gprs-context.c
Examining data/ofono-1.31/drivers/speedupmodem/speedupmodem.c
Examining data/ofono-1.31/drivers/speedupmodem/speedupmodem.h
Examining data/ofono-1.31/drivers/speedupmodem/ussd.c
Examining data/ofono-1.31/drivers/iceramodem/radio-settings.c
Examining data/ofono-1.31/drivers/iceramodem/iceramodem.h
Examining data/ofono-1.31/drivers/iceramodem/gprs-context.c
Examining data/ofono-1.31/drivers/iceramodem/iceramodem.c
Examining data/ofono-1.31/drivers/infineonmodem/infineon_constants.h
Examining data/ofono-1.31/drivers/atmodem/vendor.h
Examining data/ofono-1.31/drivers/atmodem/atutil.c
Examining data/ofono-1.31/drivers/atmodem/call-settings.c
Examining data/ofono-1.31/drivers/atmodem/stk.c
Examining data/ofono-1.31/drivers/atmodem/phonebook.c
Examining data/ofono-1.31/drivers/atmodem/call-meter.c
Examining data/ofono-1.31/drivers/atmodem/call-forwarding.c
Examining data/ofono-1.31/drivers/atmodem/voicecall.c
Examining data/ofono-1.31/drivers/atmodem/call-volume.c
Examining data/ofono-1.31/drivers/atmodem/stk.h
Examining data/ofono-1.31/drivers/atmodem/lte.c
Examining data/ofono-1.31/drivers/atmodem/atmodem.c
Examining data/ofono-1.31/drivers/atmodem/devinfo.c
Examining data/ofono-1.31/drivers/atmodem/cbs.c
Examining data/ofono-1.31/drivers/atmodem/sms.c
Examining data/ofono-1.31/drivers/atmodem/gprs-context.c
Examining data/ofono-1.31/drivers/atmodem/atutil.h
Examining data/ofono-1.31/drivers/atmodem/network-registration.c
Examining data/ofono-1.31/drivers/atmodem/network-registration.h
Examining data/ofono-1.31/drivers/atmodem/sim.c
Examining data/ofono-1.31/drivers/atmodem/call-barring.c
Examining data/ofono-1.31/drivers/atmodem/gprs.c
Examining data/ofono-1.31/drivers/atmodem/ussd.c
Examining data/ofono-1.31/drivers/atmodem/atmodem.h
Examining data/ofono-1.31/drivers/atmodem/gnss.c
Examining data/ofono-1.31/drivers/ubloxmodem/ubloxmodem.h
Examining data/ofono-1.31/drivers/ubloxmodem/ubloxmodem.c
Examining data/ofono-1.31/drivers/ubloxmodem/lte.c
Examining data/ofono-1.31/drivers/ubloxmodem/gprs-context.c
Examining data/ofono-1.31/drivers/ubloxmodem/netmon.c
Examining data/ofono-1.31/drivers/ubloxmodem/network-registration.c
Examining data/ofono-1.31/drivers/stemodem/radio-settings.c
Examining data/ofono-1.31/drivers/stemodem/caif_rtnl.h
Examining data/ofono-1.31/drivers/stemodem/voicecall.c
Examining data/ofono-1.31/drivers/stemodem/gprs-context.c
Examining data/ofono-1.31/drivers/stemodem/stemodem.h
Examining data/ofono-1.31/drivers/stemodem/stemodem.c
Examining data/ofono-1.31/drivers/stemodem/caif_rtnl.c
Examining data/ofono-1.31/drivers/stemodem/if_caif.h
Examining data/ofono-1.31/drivers/stemodem/caif_socket.h
Examining data/ofono-1.31/drivers/telitmodem/telitmodem.c
Examining data/ofono-1.31/drivers/telitmodem/telitmodem.h
Examining data/ofono-1.31/drivers/telitmodem/location-reporting.c
Examining data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c
Examining data/ofono-1.31/drivers/calypsomodem/calypsomodem.c
Examining data/ofono-1.31/drivers/calypsomodem/stk.c
Examining data/ofono-1.31/drivers/calypsomodem/voicecall.c
Examining data/ofono-1.31/drivers/calypsomodem/calypsomodem.h
Examining data/ofono-1.31/drivers/rilmodem/vendor.h
Examining data/ofono-1.31/drivers/rilmodem/radio-settings.c
Examining data/ofono-1.31/drivers/rilmodem/call-settings.c
Examining data/ofono-1.31/drivers/rilmodem/rilmodem.c
Examining data/ofono-1.31/drivers/rilmodem/stk.c
Examining data/ofono-1.31/drivers/rilmodem/call-forwarding.c
Examining data/ofono-1.31/drivers/rilmodem/voicecall.c
Examining data/ofono-1.31/drivers/rilmodem/call-volume.c
Examining data/ofono-1.31/drivers/rilmodem/lte.c
Examining data/ofono-1.31/drivers/rilmodem/rilutil.h
Examining data/ofono-1.31/drivers/rilmodem/devinfo.c
Examining data/ofono-1.31/drivers/rilmodem/cbs.c
Examining data/ofono-1.31/drivers/rilmodem/rilutil.c
Examining data/ofono-1.31/drivers/rilmodem/sms.c
Examining data/ofono-1.31/drivers/rilmodem/gprs-context.c
Examining data/ofono-1.31/drivers/rilmodem/netmon.c
Examining data/ofono-1.31/drivers/rilmodem/network-registration.c
Examining data/ofono-1.31/drivers/rilmodem/sim.c
Examining data/ofono-1.31/drivers/rilmodem/call-barring.c
Examining data/ofono-1.31/drivers/rilmodem/voicecall.h
Examining data/ofono-1.31/drivers/rilmodem/rilmodem.h
Examining data/ofono-1.31/drivers/rilmodem/gprs.c
Examining data/ofono-1.31/drivers/rilmodem/ussd.c
Examining data/ofono-1.31/drivers/swmodem/gprs-context.c
Examining data/ofono-1.31/drivers/swmodem/swmodem.c
Examining data/ofono-1.31/drivers/swmodem/swmodem.h
Examining data/ofono-1.31/drivers/cdmamodem/connman.c
Examining data/ofono-1.31/drivers/cdmamodem/voicecall.c
Examining data/ofono-1.31/drivers/cdmamodem/cdmamodem.c
Examining data/ofono-1.31/drivers/cdmamodem/devinfo.c
Examining data/ofono-1.31/drivers/cdmamodem/cdmamodem.h
Examining data/ofono-1.31/drivers/nwmodem/radio-settings.c
Examining data/ofono-1.31/drivers/nwmodem/nwmodem.c
Examining data/ofono-1.31/drivers/nwmodem/nwmodem.h
Examining data/ofono-1.31/drivers/ztemodem/ztemodem.h
Examining data/ofono-1.31/drivers/ztemodem/radio-settings.c
Examining data/ofono-1.31/drivers/ztemodem/ztemodem.c
Examining data/ofono-1.31/drivers/qmimodem/qmi.h
Examining data/ofono-1.31/drivers/qmimodem/location-reporting.c
Examining data/ofono-1.31/drivers/qmimodem/radio-settings.c
Examining data/ofono-1.31/drivers/qmimodem/wda.h
Examining data/ofono-1.31/drivers/qmimodem/nas.c
Examining data/ofono-1.31/drivers/qmimodem/qmimodem.h
Examining data/ofono-1.31/drivers/qmimodem/util.h
Examining data/ofono-1.31/drivers/qmimodem/common.h
Examining data/ofono-1.31/drivers/qmimodem/dms.h
Examining data/ofono-1.31/drivers/qmimodem/voicecall.c
Examining data/ofono-1.31/drivers/qmimodem/lte.c
Examining data/ofono-1.31/drivers/qmimodem/qmi.c
Examining data/ofono-1.31/drivers/qmimodem/devinfo.c
Examining data/ofono-1.31/drivers/qmimodem/sms.c
Examining data/ofono-1.31/drivers/qmimodem/gprs-context.c
Examining data/ofono-1.31/drivers/qmimodem/voice.h
Examining data/ofono-1.31/drivers/qmimodem/netmon.c
Examining data/ofono-1.31/drivers/qmimodem/network-registration.c
Examining data/ofono-1.31/drivers/qmimodem/nas.h
Examining data/ofono-1.31/drivers/qmimodem/qmimodem.c
Examining data/ofono-1.31/drivers/qmimodem/sim.c
Examining data/ofono-1.31/drivers/qmimodem/uim.h
Examining data/ofono-1.31/drivers/qmimodem/wds.h
Examining data/ofono-1.31/drivers/qmimodem/gprs.c
Examining data/ofono-1.31/drivers/qmimodem/wms.h
Examining data/ofono-1.31/drivers/qmimodem/ussd.c
Examining data/ofono-1.31/drivers/qmimodem/ctl.h
Examining data/ofono-1.31/drivers/qmimodem/pds.h
Examining data/ofono-1.31/drivers/qmimodem/sim-legacy.c
Examining data/ofono-1.31/drivers/isimodem/mtc.h
Examining data/ofono-1.31/drivers/isimodem/audio-settings.c
Examining data/ofono-1.31/drivers/isimodem/radio-settings.c
Examining data/ofono-1.31/drivers/isimodem/info.h
Examining data/ofono-1.31/drivers/isimodem/network.h
Examining data/ofono-1.31/drivers/isimodem/debug.c
Examining data/ofono-1.31/drivers/isimodem/sim.h
Examining data/ofono-1.31/drivers/isimodem/call-settings.c
Examining data/ofono-1.31/drivers/isimodem/infoserver.c
Examining data/ofono-1.31/drivers/isimodem/uicc.h
Examining data/ofono-1.31/drivers/isimodem/phonebook.c
Examining data/ofono-1.31/drivers/isimodem/call.h
Examining data/ofono-1.31/drivers/isimodem/call-meter.c
Examining data/ofono-1.31/drivers/isimodem/call-forwarding.c
Examining data/ofono-1.31/drivers/isimodem/voicecall.c
Examining data/ofono-1.31/drivers/isimodem/devinfo.c
Examining data/ofono-1.31/drivers/isimodem/cbs.c
Examining data/ofono-1.31/drivers/isimodem/sms.c
Examining data/ofono-1.31/drivers/isimodem/gprs-context.c
Examining data/ofono-1.31/drivers/isimodem/isiutil.h
Examining data/ofono-1.31/drivers/isimodem/infoserver.h
Examining data/ofono-1.31/drivers/isimodem/uicc-util.c
Examining data/ofono-1.31/drivers/isimodem/network-registration.c
Examining data/ofono-1.31/drivers/isimodem/isimodem.c
Examining data/ofono-1.31/drivers/isimodem/isimodem.h
Examining data/ofono-1.31/drivers/isimodem/sms.h
Examining data/ofono-1.31/drivers/isimodem/sim.c
Examining data/ofono-1.31/drivers/isimodem/call-barring.c
Examining data/ofono-1.31/drivers/isimodem/uicc.c
Examining data/ofono-1.31/drivers/isimodem/gprs.c
Examining data/ofono-1.31/drivers/isimodem/uicc-util.h
Examining data/ofono-1.31/drivers/isimodem/ss.h
Examining data/ofono-1.31/drivers/isimodem/ussd.c
Examining data/ofono-1.31/drivers/isimodem/gpds.h
Examining data/ofono-1.31/drivers/isimodem/debug.h
Examining data/ofono-1.31/drivers/isimodem/gss.h
Examining data/ofono-1.31/drivers/xmm7modem/radio-settings.c
Examining data/ofono-1.31/drivers/xmm7modem/ims.c
Examining data/ofono-1.31/drivers/xmm7modem/netmon.c
Examining data/ofono-1.31/drivers/xmm7modem/xmm7modem.h
Examining data/ofono-1.31/drivers/xmm7modem/xmm7modem.c
Examining data/ofono-1.31/drivers/gemaltomodem/gemaltomodem.c
Examining data/ofono-1.31/drivers/gemaltomodem/location-reporting.c
Examining data/ofono-1.31/drivers/gemaltomodem/voicecall.c
Examining data/ofono-1.31/drivers/gemaltomodem/gemaltomodem.h
Examining data/ofono-1.31/drivers/hfpmodem/hfpmodem.c
Examining data/ofono-1.31/drivers/hfpmodem/slc.c
Examining data/ofono-1.31/drivers/hfpmodem/voicecall.c
Examining data/ofono-1.31/drivers/hfpmodem/call-volume.c
Examining data/ofono-1.31/drivers/hfpmodem/siri.c
Examining data/ofono-1.31/drivers/hfpmodem/devinfo.c
Examining data/ofono-1.31/drivers/hfpmodem/slc.h
Examining data/ofono-1.31/drivers/hfpmodem/network-registration.c
Examining data/ofono-1.31/drivers/hfpmodem/handsfree.c
Examining data/ofono-1.31/drivers/hfpmodem/hfpmodem.h
Examining data/ofono-1.31/drivers/huaweimodem/cdma-netreg.c
Examining data/ofono-1.31/drivers/huaweimodem/audio-settings.c
Examining data/ofono-1.31/drivers/huaweimodem/radio-settings.c
Examining data/ofono-1.31/drivers/huaweimodem/huaweimodem.c
Examining data/ofono-1.31/drivers/huaweimodem/huaweimodem.h
Examining data/ofono-1.31/drivers/huaweimodem/voicecall.c
Examining data/ofono-1.31/drivers/huaweimodem/gprs-context.c
Examining data/ofono-1.31/drivers/huaweimodem/ussd.c
Examining data/ofono-1.31/drivers/dunmodem/dunmodem.h
Examining data/ofono-1.31/drivers/dunmodem/dunmodem.c
Examining data/ofono-1.31/drivers/dunmodem/network-registration.c
Examining data/ofono-1.31/drivers/dunmodem/gprs.c
Examining data/ofono-1.31/drivers/ifxmodem/ifxmodem.c
Examining data/ofono-1.31/drivers/ifxmodem/audio-settings.c
Examining data/ofono-1.31/drivers/ifxmodem/radio-settings.c
Examining data/ofono-1.31/drivers/ifxmodem/stk.c
Examining data/ofono-1.31/drivers/ifxmodem/ctm.c
Examining data/ofono-1.31/drivers/ifxmodem/voicecall.c
Examining data/ofono-1.31/drivers/ifxmodem/ifxmodem.h
Examining data/ofono-1.31/drivers/ifxmodem/gprs-context.c
Examining data/ofono-1.31/gatchat/gatresult.h
Examining data/ofono-1.31/gatchat/gathdlc.c
Examining data/ofono-1.31/gatchat/gatsyntax.c
Examining data/ofono-1.31/gatchat/gatrawip.h
Examining data/ofono-1.31/gatchat/gatresult.c
Examining data/ofono-1.31/gatchat/test-qcdm.c
Examining data/ofono-1.31/gatchat/ppp_lcp.c
Examining data/ofono-1.31/gatchat/ppp_cp.h
Examining data/ofono-1.31/gatchat/gatio.c
Examining data/ofono-1.31/gatchat/gatmux.c
Examining data/ofono-1.31/gatchat/ringbuffer.c
Examining data/ofono-1.31/gatchat/gatchat.h
Examining data/ofono-1.31/gatchat/gatutil.h
Examining data/ofono-1.31/gatchat/gatsyntax.h
Examining data/ofono-1.31/gatchat/gsmdial.c
Examining data/ofono-1.31/gatchat/gatrawip.c
Examining data/ofono-1.31/gatchat/ppp_auth.c
Examining data/ofono-1.31/gatchat/gatmux.h
Examining data/ofono-1.31/gatchat/crc-ccitt.h
Examining data/ofono-1.31/gatchat/ppp.h
Examining data/ofono-1.31/gatchat/ppp_net.c
Examining data/ofono-1.31/gatchat/crc-ccitt.c
Examining data/ofono-1.31/gatchat/ppp_ipcp.c
Examining data/ofono-1.31/gatchat/gatppp.h
Examining data/ofono-1.31/gatchat/gat.h
Examining data/ofono-1.31/gatchat/gsm0710.c
Examining data/ofono-1.31/gatchat/gatserver.h
Examining data/ofono-1.31/gatchat/test-server.c
Examining data/ofono-1.31/gatchat/gsm0710.h
Examining data/ofono-1.31/gatchat/gattty.c
Examining data/ofono-1.31/gatchat/gattty.h
Examining data/ofono-1.31/gatchat/ppp_cp.c
Examining data/ofono-1.31/gatchat/gatchat.c
Examining data/ofono-1.31/gatchat/gatppp.c
Examining data/ofono-1.31/gatchat/gathdlc.h
Examining data/ofono-1.31/gatchat/gatserver.c
Examining data/ofono-1.31/gatchat/gatio.h
Examining data/ofono-1.31/gatchat/ringbuffer.h
Examining data/ofono-1.31/gatchat/gatutil.c
Examining data/ofono-1.31/gatchat/ppp_ipv6cp.c
Examining data/ofono-1.31/dundee/dbus.c
Examining data/ofono-1.31/dundee/bluez5.c
Examining data/ofono-1.31/dundee/device.c
Examining data/ofono-1.31/dundee/main.c
Examining data/ofono-1.31/dundee/bluez4.c
Examining data/ofono-1.31/dundee/manager.c
Examining data/ofono-1.31/dundee/dundee.h
Examining data/ofono-1.31/gdbus/polkit.c
Examining data/ofono-1.31/gdbus/gdbus.h
Examining data/ofono-1.31/gdbus/object.c
Examining data/ofono-1.31/gdbus/mainloop.c
Examining data/ofono-1.31/gdbus/watch.c
Examining data/ofono-1.31/gdbus/client.c
Examining data/ofono-1.31/gisi/pipe.c
Examining data/ofono-1.31/gisi/netlink.c
Examining data/ofono-1.31/gisi/pep.h
Examining data/ofono-1.31/gisi/phonet.h
Examining data/ofono-1.31/gisi/message.c
Examining data/ofono-1.31/gisi/pep.c
Examining data/ofono-1.31/gisi/server.c
Examining data/ofono-1.31/gisi/common.h
Examining data/ofono-1.31/gisi/pipe.h
Examining data/ofono-1.31/gisi/message.h
Examining data/ofono-1.31/gisi/modem.h
Examining data/ofono-1.31/gisi/netlink.h
Examining data/ofono-1.31/gisi/client.c
Examining data/ofono-1.31/gisi/socket.h
Examining data/ofono-1.31/gisi/server.h
Examining data/ofono-1.31/gisi/modem.c
Examining data/ofono-1.31/gisi/iter.h
Examining data/ofono-1.31/gisi/client.h
Examining data/ofono-1.31/gisi/socket.c
Examining data/ofono-1.31/gisi/iter.c
Examining data/ofono-1.31/plugins/gobi.c
Examining data/ofono-1.31/plugins/novatel.c
Examining data/ofono-1.31/plugins/zte.c
Examining data/ofono-1.31/plugins/push-notification.c
Examining data/ofono-1.31/plugins/connman.c
Examining data/ofono-1.31/plugins/stemgr.c
Examining data/ofono-1.31/plugins/bluez4.h
Examining data/ofono-1.31/plugins/udevng.c
Examining data/ofono-1.31/plugins/mbpi.h
Examining data/ofono-1.31/plugins/ublox.c
Examining data/ofono-1.31/plugins/hfp_ag_bluez4.c
Examining data/ofono-1.31/plugins/bluez5.c
Examining data/ofono-1.31/plugins/g1.c
Examining data/ofono-1.31/plugins/palmpre.c
Examining data/ofono-1.31/plugins/bluez5.h
Examining data/ofono-1.31/plugins/cdma-provision.c
Examining data/ofono-1.31/plugins/provision.c
Examining data/ofono-1.31/plugins/quectel.c
Examining data/ofono-1.31/plugins/mbpi.c
Examining data/ofono-1.31/plugins/nokia-gpio.h
Examining data/ofono-1.31/plugins/sim7100.c
Examining data/ofono-1.31/plugins/dun_gw_bluez5.c
Examining data/ofono-1.31/plugins/alcatel.c
Examining data/ofono-1.31/plugins/gemalto.c
Examining data/ofono-1.31/plugins/smart-messaging.c
Examining data/ofono-1.31/plugins/hso.c
Examining data/ofono-1.31/plugins/file-provision.c
Examining data/ofono-1.31/plugins/calypso.c
Examining data/ofono-1.31/plugins/upower.c
Examining data/ofono-1.31/plugins/speedup.c
Examining data/ofono-1.31/plugins/ril_intel.c
Examining data/ofono-1.31/plugins/sim900.c
Examining data/ofono-1.31/plugins/cinterion.c
Examining data/ofono-1.31/plugins/isiusb.c
Examining data/ofono-1.31/plugins/infineon.c
Examining data/ofono-1.31/plugins/ril.h
Examining data/ofono-1.31/plugins/sap.c
Examining data/ofono-1.31/plugins/speedupcdma.c
Examining data/ofono-1.31/plugins/ifx.c
Examining data/ofono-1.31/plugins/ste.c
Examining data/ofono-1.31/plugins/hfp_hf_bluez5.c
Examining data/ofono-1.31/plugins/hfp_hf_bluez4.c
Examining data/ofono-1.31/plugins/samsung.c
Examining data/ofono-1.31/plugins/caif.c
Examining data/ofono-1.31/plugins/dun_gw_bluez4.c
Examining data/ofono-1.31/plugins/ril.c
Examining data/ofono-1.31/plugins/telit.c
Examining data/ofono-1.31/plugins/emulator_fuzz.c
Examining data/ofono-1.31/plugins/n900.c
Examining data/ofono-1.31/plugins/nokiacdma.c
Examining data/ofono-1.31/plugins/u8500.c
Examining data/ofono-1.31/plugins/mbm.c
Examining data/ofono-1.31/plugins/sierra.c
Examining data/ofono-1.31/plugins/allowed-apns.c
Examining data/ofono-1.31/plugins/linktop.c
Examining data/ofono-1.31/plugins/icera.c
Examining data/ofono-1.31/plugins/nokia-gpio.c
Examining data/ofono-1.31/plugins/bluez4.c
Examining data/ofono-1.31/plugins/xmm7xxx.c
Examining data/ofono-1.31/plugins/wavecom.c
Examining data/ofono-1.31/plugins/stktest.c
Examining data/ofono-1.31/plugins/phonesim.c
Examining data/ofono-1.31/plugins/nokia.c
Examining data/ofono-1.31/plugins/hfp_ag_bluez5.c
Examining data/ofono-1.31/plugins/mbim.c
Examining data/ofono-1.31/plugins/rildev.c
Examining data/ofono-1.31/plugins/huawei.c
Examining data/ofono-1.31/gril/parcel.c
Examining data/ofono-1.31/gril/grilio.h
Examining data/ofono-1.31/gril/parcel.h
Examining data/ofono-1.31/gril/grilutil.h
Examining data/ofono-1.31/gril/ril_constants.h
Examining data/ofono-1.31/gril/grilio.c
Examining data/ofono-1.31/gril/gril.h
Examining data/ofono-1.31/gril/gfunc.h
Examining data/ofono-1.31/gril/gril.c
Examining data/ofono-1.31/gril/grilutil.c
Examining data/ofono-1.31/tools/lookup-apn.c
Examining data/ofono-1.31/tools/tty-redirector.c
Examining data/ofono-1.31/tools/lookup-provider-name.c
Examining data/ofono-1.31/tools/get-location.c
Examining data/ofono-1.31/tools/stktest.c
Examining data/ofono-1.31/tools/huawei-audio.c
Examining data/ofono-1.31/tools/auto-enable.c
Examining data/ofono-1.31/include/call-settings.h
Examining data/ofono-1.31/include/handsfree-audio.h
Examining data/ofono-1.31/include/dbus.h
Examining data/ofono-1.31/include/radio-settings.h
Examining data/ofono-1.31/include/siri.h
Examining data/ofono-1.31/include/gnss.h
Examining data/ofono-1.31/include/ims.h
Examining data/ofono-1.31/include/sim.h
Examining data/ofono-1.31/include/log.h
Examining data/ofono-1.31/include/plugin.h
Examining data/ofono-1.31/include/cdma-connman.h
Examining data/ofono-1.31/include/history.h
Examining data/ofono-1.31/include/sim-auth.h
Examining data/ofono-1.31/include/phonebook.h
Examining data/ofono-1.31/include/call-volume.h
Examining data/ofono-1.31/include/cdma-voicecall.h
Examining data/ofono-1.31/include/stk.h
Examining data/ofono-1.31/include/netreg.h
Examining data/ofono-1.31/include/modem.h
Examining data/ofono-1.31/include/ussd.h
Examining data/ofono-1.31/include/lte.h
Examining data/ofono-1.31/include/storage.h
Examining data/ofono-1.31/include/call-barring.h
Examining data/ofono-1.31/include/netmon.h
Examining data/ofono-1.31/include/cdma-netreg.h
Examining data/ofono-1.31/include/nettime.h
Examining data/ofono-1.31/include/cdma-sms.h
Examining data/ofono-1.31/include/location-reporting.h
Examining data/ofono-1.31/include/audio-settings.h
Examining data/ofono-1.31/include/call-meter.h
Examining data/ofono-1.31/include/sms.h
Examining data/ofono-1.31/include/cbs.h
Examining data/ofono-1.31/include/voicecall.h
Examining data/ofono-1.31/include/devinfo.h
Examining data/ofono-1.31/include/message-waiting.h
Examining data/ofono-1.31/include/handsfree.h
Examining data/ofono-1.31/include/call-forwarding.h
Examining data/ofono-1.31/include/cdma-provision.h
Examining data/ofono-1.31/include/gprs.h
Examining data/ofono-1.31/include/ctm.h
Examining data/ofono-1.31/include/gprs-context.h
Examining data/ofono-1.31/include/private-network.h
Examining data/ofono-1.31/include/types.h
Examining data/ofono-1.31/include/gprs-provision.h
Examining data/ofono-1.31/include/emulator.h
Examining data/ofono-1.31/examples/history.c
Examining data/ofono-1.31/examples/provision.c
Examining data/ofono-1.31/examples/private-network.c
Examining data/ofono-1.31/examples/nettime.c
Examining data/ofono-1.31/examples/emulator.c
Examining data/ofono-1.31/unit/test-common.c
Examining data/ofono-1.31/unit/test-mux.c
Examining data/ofono-1.31/unit/test-util.c
Examining data/ofono-1.31/unit/test-rilmodem-cs.c
Examining data/ofono-1.31/unit/rilmodem-test-engine.h
Examining data/ofono-1.31/unit/rilmodem-test-server.h
Examining data/ofono-1.31/unit/test-sms.c
Examining data/ofono-1.31/unit/rilmodem-test-engine.c
Examining data/ofono-1.31/unit/rilmodem-test-server.c
Examining data/ofono-1.31/unit/test-rilmodem-sms.c
Examining data/ofono-1.31/unit/test-sms-root.c
Examining data/ofono-1.31/unit/test-cdmasms.c
Examining data/ofono-1.31/unit/test-simutil.c
Examining data/ofono-1.31/unit/test-rilmodem-cb.c
Examining data/ofono-1.31/unit/stk-test-data.h
Examining data/ofono-1.31/unit/test-mbim.c
Examining data/ofono-1.31/unit/test-stkutil.c
Examining data/ofono-1.31/unit/test-rilmodem-gprs.c
Examining data/ofono-1.31/unit/test-caif.c
FINAL RESULTS:
data/ofono-1.31/drivers/qmimodem/qmi.c:1465:11: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
result = readlink(temp, file_name, size - 1);
data/ofono-1.31/drivers/atmodem/atutil.c:653:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(netmask, net);
data/ofono-1.31/drivers/atmodem/atutil.c:692:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(netmask, net);
data/ofono-1.31/drivers/atmodem/gnss.c:121:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len += sprintf(buf + len, "%s", xml);
data/ofono-1.31/drivers/atmodem/network-registration.c:944:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(time, "%02u/%02u/%02u,%02u:%02u:%02u%s", &year, &mon, &mday,
data/ofono-1.31/drivers/atmodem/network-registration.c:1169:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(time, "%u:%u:%u%s", &hour, &min, &sec, tz) != 4)
data/ofono-1.31/drivers/atmodem/network-registration.c:1827:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
len += sprintf(buf + len, i == nd->signal_index ? "1," : "0,");
data/ofono-1.31/drivers/atmodem/network-registration.c:1829:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
len += sprintf(buf + len, i == nd->signal_index ? "1" : "0");
data/ofono-1.31/drivers/atmodem/sim.c:108:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
unsigned char access[3];
data/ofono-1.31/drivers/atmodem/sim.c:142:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
&str, access, NULL);
data/ofono-1.31/drivers/atmodem/sim.c:147:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
&str, access, &file_status);
data/ofono-1.31/drivers/atmodem/sim.c:152:30: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
cb(&error, flen, str, rlen, access, file_status, cbd->data);
data/ofono-1.31/drivers/atmodem/sim.c:177:17: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
unsigned char access[3] = { 0x00, 0x00, 0x00 };
data/ofono-1.31/drivers/atmodem/sim.c:180:39: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CALLBACK_WITH_SUCCESS(cb, 4, 0, 0, access,
data/ofono-1.31/drivers/cdmamodem/connman.c:197:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cd->username, username);
data/ofono-1.31/drivers/cdmamodem/connman.c:198:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cd->password, password);
data/ofono-1.31/drivers/huaweimodem/radio-settings.c:323:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), atcmd, acqorder);
data/ofono-1.31/drivers/huaweimodem/radio-settings.c:388:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), atcmd, huawei_band);
data/ofono-1.31/drivers/iceramodem/gprs-context.c:278:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "AT%%IPDPCFG=%u,0,1,\"%s\",\"%s\"",
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:496:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "AT+XGAUTH=%u,1,\"%s\",\"%s\"",
data/ofono-1.31/drivers/isimodem/network-registration.c:426:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(op.name, nd->nitz_name);
data/ofono-1.31/drivers/isimodem/sim.c:78:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
uint8_t access[3];
data/ofono-1.31/drivers/isimodem/sim.c:125:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
fi->access, fi->file_status, cbd->data);
data/ofono-1.31/drivers/isimodem/sim.c:505:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) msg + 2, passwd);
data/ofono-1.31/drivers/isimodem/sim.c:540:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) &msg[2], puk);
data/ofono-1.31/drivers/isimodem/sim.c:541:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) &msg[2 + SEC_CODE_MAX_LENGTH + 1], passwd);
data/ofono-1.31/drivers/isimodem/sim.c:589:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) &req[3], passwd);
data/ofono-1.31/drivers/isimodem/sim.c:632:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) &msg[2], old);
data/ofono-1.31/drivers/isimodem/sim.c:633:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) &msg[2 + SEC_CODE_MAX_LENGTH + 1], new);
data/ofono-1.31/drivers/isimodem/uicc.c:77:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
uint8_t access[3];
data/ofono-1.31/drivers/isimodem/uicc.c:253:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
uint8_t access[3] = {0, 0, 0};
data/ofono-1.31/drivers/isimodem/uicc.c:284:3: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access[0] = info->access[0];
data/ofono-1.31/drivers/isimodem/uicc.c:284:21: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access[0] = info->access[0];
data/ofono-1.31/drivers/isimodem/uicc.c:285:3: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access[1] = info->access[1];
data/ofono-1.31/drivers/isimodem/uicc.c:285:21: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access[1] = info->access[1];
data/ofono-1.31/drivers/isimodem/uicc.c:286:3: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access[2] = info->access[2];
data/ofono-1.31/drivers/isimodem/uicc.c:286:21: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access[2] = info->access[2];
data/ofono-1.31/drivers/isimodem/uicc.c:324:40: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!g_isi_sb_iter_get_byte(&iter, &access[0], 16))
data/ofono-1.31/drivers/isimodem/uicc.c:327:40: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!g_isi_sb_iter_get_byte(&iter, &access[0], 17))
data/ofono-1.31/drivers/isimodem/uicc.c:330:40: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!g_isi_sb_iter_get_byte(&iter, &access[0], 18))
data/ofono-1.31/drivers/isimodem/uicc.c:358:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access, file_status, cbd->data);
data/ofono-1.31/drivers/isimodem/voicecall.c:1021:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
uint8_t access;
data/ofono-1.31/drivers/isimodem/voicecall.c:1027:37: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!g_isi_sb_iter_get_byte(iter, &access, 3))
data/ofono-1.31/drivers/isimodem/voicecall.c:1034:35: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
DBG("CUG output access: 0x%02X", access);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1236:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(container->signature, signature);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1314:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(container->signature, signature);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1371:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(container->signature, signature);
data/ofono-1.31/drivers/qmimodem/qmi.c:511:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
str += sprintf(str, "%c %s", dir, service);
data/ofono-1.31/drivers/qmimodem/qmi.c:539:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
str += sprintf(str, "%s msg=%d len=%d", type,
data/ofono-1.31/drivers/qmimodem/qmi.c:571:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
str += sprintf(str, "%s msg=%d len=%d", type,
data/ofono-1.31/drivers/qmimodem/qmi.c:602:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
str += sprintf(str, " {type=%d,error=%s}",
data/ofono-1.31/drivers/qmimodem/qmi.c:639:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(strbuf, sizeof(strbuf), format, ap);
data/ofono-1.31/drivers/qmimodem/sim-legacy.c:49:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
unsigned char access[3] = { 0x0f, 0xff, 0xff };
data/ofono-1.31/drivers/qmimodem/sim-legacy.c:55:39: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CALLBACK_WITH_SUCCESS(cb, 10, 0, 0, access, 1, user_data);
data/ofono-1.31/drivers/qmimodem/sim.c:122:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
unsigned char access[3];
data/ofono-1.31/drivers/qmimodem/sim.c:140:25: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
&flen, &rlen, &str, access, &file_status);
data/ofono-1.31/drivers/qmimodem/sim.c:144:27: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
&flen, &rlen, &str, access,
data/ofono-1.31/drivers/qmimodem/sim.c:154:46: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
CALLBACK_WITH_SUCCESS(cb, flen, str, rlen, access,
data/ofono-1.31/drivers/rilmodem/lte.c:81:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", info->apn);
data/ofono-1.31/drivers/rilmodem/sim.c:157:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
guchar access[3] = { 0x00, 0x00, 0x00 };
data/ofono-1.31/drivers/rilmodem/sim.c:224:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access, NULL);
data/ofono-1.31/drivers/rilmodem/sim.c:229:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access, &file_status);
data/ofono-1.31/drivers/rilmodem/sim.c:237:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access, file_status, cbd->data);
data/ofono-1.31/drivers/stemodem/voicecall.c:390:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "AT+VTS=%s", dtmf);
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:282:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "AT#PDPAUTH=%u,%u,\"%s\",\"%s\"",
data/ofono-1.31/drivers/ubloxmodem/lte.c:105:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "AT+UAUTHREQ=%d,%d,\"%s\",\"%s\"",
data/ofono-1.31/ell/checksum.c:139:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) salg.salg_name, alg);
data/ofono-1.31/ell/checksum.c:444:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) salg.salg_name, info->name);
data/ofono-1.31/ell/log.c:145:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/ofono-1.31/ell/log.h:50:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 5, 6)));
data/ofono-1.31/ell/string.c:252:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(dest->str + dest->len, have_space, format, args);
data/ofono-1.31/ell/string.c:256:9: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
len = vsprintf(dest->str + dest->len, format, args_copy);
data/ofono-1.31/ell/string.h:46:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 2, 3)));
data/ofono-1.31/ell/strv.h:41:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 2, 3)));
data/ofono-1.31/ell/util.h:279:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 1, 2)));
data/ofono-1.31/ell/util.h:303:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 3, 4)));
data/ofono-1.31/examples/private-network.c:77:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ip, "%s%d", PEER_ADDRESS_PREFIX, next_peer++);
data/ofono-1.31/gatchat/gatmux.c:114:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
if (vsnprintf(str, sizeof(str), format, ap) > 0)
data/ofono-1.31/gatchat/gatppp.c:597:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ppp->username, username);
data/ofono-1.31/gatchat/gatppp.c:600:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ppp->password, password);
data/ofono-1.31/gatchat/gatresult.c:76:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(iter->buf, line);
data/ofono-1.31/gatchat/gatserver.c:195:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(buf, "%c%c%s%c%c", t, r, result, t, r);
data/ofono-1.31/gatchat/gatserver.c:197:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(buf, "%s%c", result, t);
data/ofono-1.31/gatchat/gatserver.c:216:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", server_result_to_string(result));
data/ofono-1.31/gatchat/gatserver.c:272:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(buf, "%c%c%s%c%c", t, r, line, t, r);
data/ofono-1.31/gatchat/gatserver.c:274:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(buf, "%c%c%s", t, r, line);
data/ofono-1.31/gatchat/gatserver.c:350:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s: (%d-%d)", prefix, min, max);
data/ofono-1.31/gatchat/gatserver.c:419:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s: %d", prefix, tmp);
data/ofono-1.31/gatchat/gatserver.c:425:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s: (%d-%d)", prefix, min, max);
data/ofono-1.31/gatchat/gsmdial.c:281:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
status = system(cmd);
data/ofono-1.31/gatchat/test-server.c:100:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
status = system(cmd);
data/ofono-1.31/gatchat/test-server.c:221:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "oFono pre-1.0 version: %s", VERSION);
data/ofono-1.31/gdbus/gdbus.h:239:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 4, 5)));
data/ofono-1.31/gdbus/gdbus.h:246:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 3, 4)));
data/ofono-1.31/gdbus/gdbus.h:259:29: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 4, 5)));
data/ofono-1.31/gdbus/object.c:1416:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(str, sizeof(str), format, args);
data/ofono-1.31/gril/gril.h:98:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(print_buf, x); \
data/ofono-1.31/include/log.h:36:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 1, 2)));
data/ofono-1.31/include/log.h:38:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 1, 2)));
data/ofono-1.31/include/log.h:40:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 1, 2)));
data/ofono-1.31/include/log.h:42:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 1, 2)));
data/ofono-1.31/include/sim.h:87:26: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
const unsigned char access[3],
data/ofono-1.31/plugins/file-provision.c:65:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(setting_group, "operator:%s,%s", mcc, mnc);
data/ofono-1.31/plugins/ste.c:257:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ifreq.ifr_name, interface);
data/ofono-1.31/plugins/udevng.c:997:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(descriptors, "%s/descriptors", modem->syspath);
data/ofono-1.31/src/cdma-connman.c:411:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cm->username, username);
data/ofono-1.31/src/cdma-connman.c:435:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cm->password, password);
data/ofono-1.31/src/common.c:445:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ph->number, str+1);
data/ofono-1.31/src/common.c:448:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ph->number, str);
data/ofono-1.31/src/common.c:467:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ph->number, str);
data/ofono-1.31/src/emulator.c:411:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "+CCWA: \"%s\",%d", phone, c->phone_number.type);
data/ofono-1.31/src/emulator.c:450:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "+CLIP: \"%s\",%d", phone, c->phone_number.type);
data/ofono-1.31/src/emulator.c:522:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(tmp, "%s%d",
data/ofono-1.31/src/emulator.c:554:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(tmp, "%s(\"%s\",(%d%c%d))",
data/ofono-1.31/src/emulator.c:1332:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "+CME ERROR: %s",
data/ofono-1.31/src/gprs.c:958:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctx->context.apn, apn);
data/ofono-1.31/src/gprs.c:989:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctx->context.username, username);
data/ofono-1.31/src/gprs.c:1019:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctx->context.password, password);
data/ofono-1.31/src/gprs.c:1105:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctx->name, name);
data/ofono-1.31/src/gprs.c:1133:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctx->message_proxy, proxy);
data/ofono-1.31/src/gprs.c:1162:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctx->message_center, center);
data/ofono-1.31/src/gprs.c:1385:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(context->name, name);
data/ofono-1.31/src/gprs.c:1442:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, ctx->path);
data/ofono-1.31/src/gprs.c:2055:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pri_ctx->context.apn, apn);
data/ofono-1.31/src/gprs.c:2409:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(context->context.username, ap->username);
data/ofono-1.31/src/gprs.c:2412:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(context->context.password, ap->password);
data/ofono-1.31/src/gprs.c:2416:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(context->context.apn, ap->apn);
data/ofono-1.31/src/gprs.c:2421:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(context->message_proxy, ap->message_proxy);
data/ofono-1.31/src/gprs.c:2424:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(context->message_center, ap->message_center);
data/ofono-1.31/src/gprs.c:3282:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(context->context.username, username);
data/ofono-1.31/src/gprs.c:3283:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(context->context.password, password);
data/ofono-1.31/src/gprs.c:3284:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(context->context.apn, apn);
data/ofono-1.31/src/gprs.c:3289:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(context->message_proxy, msgproxy);
data/ofono-1.31/src/gprs.c:3292:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(context->message_center, msgcenter);
data/ofono-1.31/src/log.c:162:3: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp("addr2line", "-C", "-f", "-e", program_exec, NULL);
data/ofono-1.31/src/lte.c:92:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lte->info.apn, apn);
data/ofono-1.31/src/lte.c:110:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lte->info.username, username);
data/ofono-1.31/src/lte.c:113:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lte->info.password, password);
data/ofono-1.31/src/network.c:2030:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "+COPS: %d,0,\"%s\"", netreg->mode, name);
data/ofono-1.31/src/phonebook.c:92:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), fmt, ap);
data/ofono-1.31/src/sim-auth.c:700:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
ret = sprintf(new->path, "%s/", path);
data/ofono-1.31/src/sim-auth.c:715:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
ret = sprintf(new->path, "%s/", path);
data/ofono-1.31/src/sim.c:3428:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "+CNUM: ,\"%s\",%d,,4", phone, ph->type);
data/ofono-1.31/src/simfs.c:623:26: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
const unsigned char access[3],
data/ofono-1.31/src/simfs.c:637:40: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
update = file_access_condition_decode(access[0] & 0xf);
data/ofono-1.31/src/simfs.c:638:47: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
rehabilitate = file_access_condition_decode((access[2] >> 4) & 0xf);
data/ofono-1.31/src/simfs.c:639:44: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
invalidate = file_access_condition_decode(access[2] & 0xf);
data/ofono-1.31/src/simfs.c:680:25: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
const unsigned char access[3],
data/ofono-1.31/src/simfs.c:693:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access, file_status);
data/ofono-1.31/src/simfs.c:856:26: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
const unsigned char access[3],
data/ofono-1.31/src/simfs.c:869:4: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access, file_status);
data/ofono-1.31/src/simutil.c:1367:37: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int *structure, unsigned char *access,
data/ofono-1.31/src/simutil.c:1473:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access)
data/ofono-1.31/src/simutil.c:1474:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
memcpy(access, acc, 3);
data/ofono-1.31/src/simutil.c:1481:37: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int *structure, unsigned char *access,
data/ofono-1.31/src/simutil.c:1493:2: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access[0] = response[8];
data/ofono-1.31/src/simutil.c:1494:2: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access[1] = response[9];
data/ofono-1.31/src/simutil.c:1495:2: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access[2] = response[10];
data/ofono-1.31/src/simutil.h:501:37: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int *structure, unsigned char *access,
data/ofono-1.31/src/simutil.h:506:37: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int *structure, unsigned char *access,
data/ofono-1.31/src/smsutil.c:694:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out->address, utf8);
data/ofono-1.31/src/smsutil.c:1879:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(addr->address, str + 1);
data/ofono-1.31/src/smsutil.c:1882:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(addr->address, str);
data/ofono-1.31/src/smsutil.c:1894:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer + 1, addr->address);
data/ofono-1.31/src/smsutil.c:1896:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, addr->address);
data/ofono-1.31/src/smsutil.c:2428:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(dir->d_name, SMS_ADDR_FMT "-%hi-%hhi",
data/ofono-1.31/src/smsutil.c:2777:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(addr_dir->d_name, SMS_ADDR_FMT "-" SMS_MSGID_FMT "%c",
data/ofono-1.31/src/stkutil.c:2763:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(obj->gsm_sms.sc_addr.address, sc_address.number);
data/ofono-1.31/src/storage.h:29:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 3, 4)));
data/ofono-1.31/src/storage.h:33:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 4, 5)));
data/ofono-1.31/src/voicecall.c:970:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(call->phone_number.number, ph->number);
data/ofono-1.31/src/voicecall.c:1009:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(call->called_number.number, ph->number);
data/ofono-1.31/src/voicecall.c:3272:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "+CLCC: %d,%d,%d,0,%d,\"%s\",%d",
data/ofono-1.31/tools/stktest.c:171:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "+CUSATP: %s", to_hex(pdu, len));
data/ofono-1.31/tools/stktest.c:460:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "oFono pre-1.0 version: %s", VERSION);
data/ofono-1.31/unit/test-simutil.c:199:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
unsigned char access[3];
data/ofono-1.31/unit/test-simutil.c:262:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access, &efid);
data/ofono-1.31/unit/test-simutil.c:267:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
g_assert(access[0] == 0x01);
data/ofono-1.31/unit/test-simutil.c:268:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
g_assert(access[1] == 0xff);
data/ofono-1.31/unit/test-simutil.c:269:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
g_assert(access[2] == 0x44);
data/ofono-1.31/unit/test-simutil.c:333:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access, &efid);
data/ofono-1.31/unit/test-simutil.c:338:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
g_assert(access[0] == 0x11);
data/ofono-1.31/unit/test-simutil.c:339:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
g_assert(access[1] == 0xff);
data/ofono-1.31/unit/test-simutil.c:340:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
g_assert(access[2] == 0x44);
data/ofono-1.31/unit/test-simutil.c:413:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
unsigned char access[3];
data/ofono-1.31/unit/test-simutil.c:419:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access, &efid);
data/ofono-1.31/unit/test-simutil.c:424:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
g_assert(access[0] == 0x01);
data/ofono-1.31/unit/test-simutil.c:425:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
g_assert(access[1] == 0xff);
data/ofono-1.31/unit/test-simutil.c:426:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
g_assert(access[2] == 0x44);
data/ofono-1.31/unit/test-simutil.c:434:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access, &efid);
data/ofono-1.31/unit/test-simutil.c:439:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
g_assert(access[0] == 0x11);
data/ofono-1.31/unit/test-simutil.c:440:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
g_assert(access[1] == 0xff);
data/ofono-1.31/unit/test-simutil.c:441:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
g_assert(access[2] == 0x44);
data/ofono-1.31/unit/test-sms.c:1123:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sms->sc_addr.address, sc_addr+1);
data/ofono-1.31/unit/test-sms.c:1132:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sms->submit.daddr.address, da_addr+1);
data/ofono-1.31/drivers/atmodem/atutil.c:787:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/drivers/atmodem/gprs-context.c:156:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_PPP_DEBUG"))
data/ofono-1.31/drivers/cdmamodem/connman.c:147:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_PPP_DEBUG"))
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:103:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_IP_DEBUG"))
data/ofono-1.31/ell/main.c:368:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sock = getenv("NOTIFY_SOCKET");
data/ofono-1.31/ell/main.c:395:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
watchdog_usec = getenv("WATCHDOG_USEC");
data/ofono-1.31/ell/random.c:104:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return random() * RAND_MAX + random();
data/ofono-1.31/ell/random.c:104:38: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return random() * RAND_MAX + random();
data/ofono-1.31/gatchat/test-server.c:1137:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "ht:")) != EOF) {
data/ofono-1.31/plugins/calypso.c:266:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/calypso.c:279:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/calypso.c:330:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG") != NULL)
data/ofono-1.31/plugins/cinterion.c:123:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/g1.c:116:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/gemalto.c:420:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG")) {
data/ofono-1.31/plugins/gobi.c:338:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_QMI_DEBUG"))
data/ofono-1.31/plugins/hfp_hf_bluez4.c:153:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/hfp_hf_bluez5.c:168:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/ifx.c:283:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/ifx.c:438:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_MUX_DEBUG"))
data/ofono-1.31/plugins/ifx.c:570:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/isiusb.c:267:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_ISI_DEBUG"))
data/ofono-1.31/plugins/isiusb.c:270:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_ISI_TRACE"))
data/ofono-1.31/plugins/n900.c:355:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_ISI_DEBUG"))
data/ofono-1.31/plugins/n900.c:358:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_ISI_TRACE"))
data/ofono-1.31/plugins/nokiacdma.c:121:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/palmpre.c:130:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/phonesim.c:617:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/phonesim.c:632:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/phonesim.c:729:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/phonesim.c:999:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/phonesim.c:1144:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *conf_override = getenv("OFONO_PHONESIM_CONFIG");
data/ofono-1.31/plugins/quectel.c:859:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/quectel.c:878:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_MUX_DEBUG"))
data/ofono-1.31/plugins/ril.c:170:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
lte_cap = getenv("OFONO_RIL_RAT_LTE") ? TRUE : FALSE;
data/ofono-1.31/plugins/ril.c:366:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_RIL_TRACE"))
data/ofono-1.31/plugins/ril.c:369:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_RIL_HEX_TRACE"))
data/ofono-1.31/plugins/ril_intel.c:139:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
lte_cap = getenv("OFONO_RIL_RAT_LTE") ? TRUE : FALSE;
data/ofono-1.31/plugins/ril_intel.c:545:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_RIL_TRACE"))
data/ofono-1.31/plugins/ril_intel.c:548:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_RIL_HEX_TRACE"))
data/ofono-1.31/plugins/rildev.c:94:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ril_type = getenv("OFONO_RIL_DEVICE");
data/ofono-1.31/plugins/rildev.c:99:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
multi_sim = getenv("OFONO_RIL_NUM_SIM_SLOTS");
data/ofono-1.31/plugins/sim7100.c:144:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/sim900.c:204:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/sim900.c:227:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/sim900.c:271:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_MUX_DEBUG"))
data/ofono-1.31/plugins/ste.c:344:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/stktest.c:152:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/plugins/u8500.c:298:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_ISI_DEBUG"))
data/ofono-1.31/plugins/u8500.c:301:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_ISI_TRACE"))
data/ofono-1.31/src/stk.c:2362:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
l = getenv("LANG");
data/ofono-1.31/tools/stktest.c:603:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("OFONO_AT_DEBUG"))
data/ofono-1.31/btio/btio.c:806:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dev_class, info.dev_class, 3);
data/ofono-1.31/btio/btio.c:933:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(va_arg(args, uint8_t *), dev_class, 3);
data/ofono-1.31/btio/btio.c:977:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dev_class, info.dev_class, 3);
data/ofono-1.31/btio/btio.c:1057:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(va_arg(args, uint8_t *), dev_class, 3);
data/ofono-1.31/btio/btio.c:1084:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dev_class, info.dev_class, 3);
data/ofono-1.31/btio/btio.c:1140:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(va_arg(args, uint8_t *), dev_class, 3);
data/ofono-1.31/drivers/atmodem/atutil.c:651:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(address, addrnetmask, net - addrnetmask);
data/ofono-1.31/drivers/atmodem/atutil.c:690:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(address, addrnetmask, net - addrnetmask);
data/ofono-1.31/drivers/atmodem/call-barring.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/call-barring.c:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/call-barring.c:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/call-forwarding.c:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/call-forwarding.c:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/call-forwarding.c:192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/call-forwarding.c:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/call-forwarding.c:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/call-meter.c:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/call-meter.c:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/call-meter.c:219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currency_buf[64];
data/ofono-1.31/drivers/atmodem/call-meter.c:273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/call-settings.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/call-settings.c:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/call-settings.c:311:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/call-volume.c:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/call-volume.c:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/cbs.c:56:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[88];
data/ofono-1.31/drivers/atmodem/cbs.c:101:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[88];
data/ofono-1.31/drivers/atmodem/gnss.c:120:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buf, "AT+CPOS\r");
data/ofono-1.31/drivers/atmodem/gprs-context.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[OFONO_GPRS_MAX_USERNAME_LENGTH + 1];
data/ofono-1.31/drivers/atmodem/gprs-context.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[OFONO_GPRS_MAX_PASSWORD_LENGTH + 1];
data/ofono-1.31/drivers/atmodem/gprs-context.c:85:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[3];
data/ofono-1.31/drivers/atmodem/gprs-context.c:202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/gprs-context.c:218:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "ATD*99***%u#", gcd->active_context);
data/ofono-1.31/drivers/atmodem/gprs-context.c:220:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CGDATA=\"PPP\",%u", gcd->active_context);
data/ofono-1.31/drivers/atmodem/gprs-context.c:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[OFONO_GPRS_MAX_APN_LENGTH + 128];
data/ofono-1.31/drivers/atmodem/gprs-context.c:249:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gcd->username, ctx->username, sizeof(ctx->username));
data/ofono-1.31/drivers/atmodem/gprs-context.c:250:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gcd->password, ctx->password, sizeof(ctx->password));
data/ofono-1.31/drivers/atmodem/gprs.c:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/lte.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32 + OFONO_GPRS_MAX_USERNAME_LENGTH +
data/ofono-1.31/drivers/atmodem/network-registration.c:627:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/network-registration.c:920:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nd->time.utcoff = atoi(tz) * 15 * 60;
data/ofono-1.31/drivers/atmodem/network-registration.c:930:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tz[4];
data/ofono-1.31/drivers/atmodem/network-registration.c:955:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nd->time.utcoff = atoi(tz) * 15 * 60;
data/ofono-1.31/drivers/atmodem/network-registration.c:1146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tz[4];
data/ofono-1.31/drivers/atmodem/network-registration.c:1172:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nd->time.utcoff = atoi(tz) * 15 * 60;
data/ofono-1.31/drivers/atmodem/network-registration.c:1173:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nd->time.dst = atoi(dst);
data/ofono-1.31/drivers/atmodem/network-registration.c:1283:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nd->time.utcoff = atoi(tz) * 15 * 60;
data/ofono-1.31/drivers/atmodem/network-registration.c:1640:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(buf, "AT+CMER=");
data/ofono-1.31/drivers/atmodem/network-registration.c:1712:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/network-registration.c:1763:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/atmodem/network-registration.c:1824:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buf, "AT+CIND=");
data/ofono-1.31/drivers/atmodem/network-registration.h:4:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[OFONO_MAX_MCC_LENGTH + 1];
data/ofono-1.31/drivers/atmodem/network-registration.h:5:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnc[OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/drivers/atmodem/phonebook.c:221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/atmodem/phonebook.c:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/atmodem/phonebook.c:278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/atmodem/phonebook.c:367:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/atmodem/sim.c:90:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buf += sprintf(buf, "%02hhX", *path++);
data/ofono-1.31/drivers/atmodem/sim.c:108:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char access[3];
data/ofono-1.31/drivers/atmodem/sim.c:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/sim.c:177:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char access[3] = { 0x00, 0x00, 0x00 };
data/ofono-1.31/drivers/atmodem/sim.c:203:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(buf + len, ",0,0,255");
data/ofono-1.31/drivers/atmodem/sim.c:275:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/sim.c:300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/sim.c:375:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buf, "AT+CRSM=%i,%i,%i,%i,%i,\"", cmd, fileid,p1, p2, p3);
data/ofono-1.31/drivers/atmodem/sim.c:378:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(buf + len, "%02hhX", *value++);
data/ofono-1.31/drivers/atmodem/sim.c:1382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/sim.c:1408:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/sim.c:1458:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/sim.c:1488:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/sim.c:1547:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/sim.c:1687:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[43];
data/ofono-1.31/drivers/atmodem/sim.c:1690:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmd, "AT+CCHO=\"");
data/ofono-1.31/drivers/atmodem/sim.c:1725:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[15];
data/ofono-1.31/drivers/atmodem/sim.c:1727:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "AT+CCHC=%d", session_id);
data/ofono-1.31/drivers/atmodem/sim.c:1788:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/sim.c:1813:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/sim.c:1842:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/sim.c:1906:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[(len * 2) + 19];
data/ofono-1.31/drivers/atmodem/sim.c:1908:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
ret = sprintf(cmd, "AT+CGLA=%d,%d,\"", session_id, len * 2);
data/ofono-1.31/drivers/atmodem/sim.c:2060:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[43];
data/ofono-1.31/drivers/atmodem/sms.c:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/sms.c:219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/ofono-1.31/drivers/atmodem/sms.c:263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/atmodem/sms.c:332:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/atmodem/sms.c:366:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[176];
data/ofono-1.31/drivers/atmodem/sms.c:414:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[176];
data/ofono-1.31/drivers/atmodem/sms.c:480:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[176];
data/ofono-1.31/drivers/atmodem/sms.c:536:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/sms.c:569:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/sms.c:662:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[176];
data/ofono-1.31/drivers/atmodem/sms.c:667:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/ofono-1.31/drivers/atmodem/sms.c:752:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/sms.c:836:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int len = sprintf(buf, "AT+CNMI=");
data/ofono-1.31/drivers/atmodem/sms.c:912:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[164];
data/ofono-1.31/drivers/atmodem/sms.c:949:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/sms.c:1036:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/sms.c:1278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/stk.c:90:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buf, "AT+CUSATE=");
data/ofono-1.31/drivers/atmodem/stk.c:93:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(buf + len, "%02hhX", *command++);
data/ofono-1.31/drivers/atmodem/stk.c:123:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buf, "AT+CUSATT=");
data/ofono-1.31/drivers/atmodem/stk.c:126:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(buf + len, "%02hhX", *value++);
data/ofono-1.31/drivers/atmodem/ussd.c:75:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[182 * 2]; /* 182 USSD chars * 2 (UCS2) */
data/ofono-1.31/drivers/atmodem/ussd.c:109:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[160];
data/ofono-1.31/drivers/atmodem/ussd.c:191:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/ofono-1.31/drivers/atmodem/ussd.c:201:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char unpacked_buf[182];
data/ofono-1.31/drivers/atmodem/ussd.c:213:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char coded_buf[321];
data/ofono-1.31/drivers/atmodem/voicecall.c:233:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&nc->called_number, &oc->called_number,
data/ofono-1.31/drivers/atmodem/voicecall.c:401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/atmodem/voicecall.c:519:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/atmodem/voicecall.c:544:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/atmodem/voicecall.c:575:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/atmodem/voicecall.c:633:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s = sprintf(buf, "AT+VTS=%c", dtmf[0]);
data/ofono-1.31/drivers/atmodem/voicecall.c:636:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(buf + s, ";+VTS=%c", dtmf[i]);
data/ofono-1.31/drivers/calypsomodem/stk.c:106:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buf, "AT%%SATE=\"");
data/ofono-1.31/drivers/calypsomodem/stk.c:108:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(buf + len, "%02hhX", *command++);
data/ofono-1.31/drivers/calypsomodem/stk.c:153:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buf, "AT%%SATR=\"");
data/ofono-1.31/drivers/calypsomodem/stk.c:155:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(buf + len, "%02hhX", *command++);
data/ofono-1.31/drivers/calypsomodem/voicecall.c:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/calypsomodem/voicecall.c:148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/calypsomodem/voicecall.c:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/calypsomodem/voicecall.c:182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/calypsomodem/voicecall.c:204:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s = sprintf(buf, "AT+VTS=%c", dtmf[0]);
data/ofono-1.31/drivers/calypsomodem/voicecall.c:207:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(buf + s, ";+VTS=%c", dtmf[i]);
data/ofono-1.31/drivers/cdmamodem/connman.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[OFONO_CDMA_CONNMAN_MAX_USERNAME_LENGTH + 1];
data/ofono-1.31/drivers/cdmamodem/connman.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[OFONO_CDMA_CONNMAN_MAX_PASSWORD_LENGTH + 1];
data/ofono-1.31/drivers/cdmamodem/connman.c:84:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[3];
data/ofono-1.31/drivers/cdmamodem/voicecall.c:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[OFONO_CDMA_MAX_PHONE_NUMBER_LENGTH + 8];
data/ofono-1.31/drivers/gemaltomodem/voicecall.c:194:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/gemaltomodem/voicecall.c:214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/gemaltomodem/voicecall.c:257:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s = sprintf(buf, "AT+VTS=\"%c\"", dtmf[0]);
data/ofono-1.31/drivers/gemaltomodem/voicecall.c:259:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s = sprintf(buf, "AT+VTS=%c", dtmf[0]);
data/ofono-1.31/drivers/gemaltomodem/voicecall.c:263:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(buf + s, ";+VTS=\"%c\"", dtmf[i]);
data/ofono-1.31/drivers/gemaltomodem/voicecall.c:265:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(buf + s, ";+VTS=%c", dtmf[i]);
data/ofono-1.31/drivers/gemaltomodem/voicecall.c:277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/hfpmodem/call-volume.c:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/hfpmodem/call-volume.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/hfpmodem/handsfree.c:363:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/hfpmodem/handsfree.c:400:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/hfpmodem/network-registration.c:52:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cind_pos[HFP_INDICATOR_LAST];
data/ofono-1.31/drivers/hfpmodem/network-registration.c:322:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nd->cind_pos, info->cind_pos, HFP_INDICATOR_LAST);
data/ofono-1.31/drivers/hfpmodem/network-registration.c:323:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nd->cind_val, info->cind_val, HFP_INDICATOR_LAST);
data/ofono-1.31/drivers/hfpmodem/siri.c:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char at_command[64];
data/ofono-1.31/drivers/hfpmodem/siri.c:184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char at_command[16];
data/ofono-1.31/drivers/hfpmodem/slc.c:426:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[32];
data/ofono-1.31/drivers/hfpmodem/slc.c:431:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "AT+BAC=%d,%d", HFP_CODEC_CVSD,
data/ofono-1.31/drivers/hfpmodem/slc.c:434:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "AT+BAC=%d", HFP_CODEC_CVSD);
data/ofono-1.31/drivers/hfpmodem/slc.c:454:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/hfpmodem/slc.h:40:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cind_pos[HFP_INDICATOR_LAST];
data/ofono-1.31/drivers/hfpmodem/voicecall.c:58:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cind_pos[HFP_INDICATOR_LAST];
data/ofono-1.31/drivers/hfpmodem/voicecall.c:388:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/hfpmodem/voicecall.c:431:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/hfpmodem/voicecall.c:617:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/hfpmodem/voicecall.c:648:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/hfpmodem/voicecall.c:717:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s = sprintf(buf, "AT+VTS=%c", dtmf[0]);
data/ofono-1.31/drivers/hfpmodem/voicecall.c:720:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(buf + s, ";+VTS=%c", dtmf[i]);
data/ofono-1.31/drivers/hfpmodem/voicecall.c:1273:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vd->cind_pos, info->cind_pos, HFP_INDICATOR_LAST);
data/ofono-1.31/drivers/hfpmodem/voicecall.c:1274:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vd->cind_val, info->cind_val, HFP_INDICATOR_LAST);
data/ofono-1.31/drivers/hsomodem/gprs-context.c:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/hsomodem/gprs-context.c:152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[AUTH_BUF_LENGTH];
data/ofono-1.31/drivers/hsomodem/gprs-context.c:194:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/hsomodem/gprs-context.c:219:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[3];
data/ofono-1.31/drivers/hsomodem/gprs-context.c:319:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/hsomodem/radio-settings.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/drivers/huaweimodem/gprs-context.c:106:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[3];
data/ofono-1.31/drivers/huaweimodem/gprs-context.c:223:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/huaweimodem/gprs-context.c:258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[136];
data/ofono-1.31/drivers/huaweimodem/gprs-context.c:288:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/huaweimodem/radio-settings.c:266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/ofono-1.31/drivers/huaweimodem/radio-settings.c:304:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/ofono-1.31/drivers/huaweimodem/radio-settings.c:364:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/ofono-1.31/drivers/huaweimodem/radio-settings.c:406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/ofono-1.31/drivers/huaweimodem/ussd.c:53:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[160];
data/ofono-1.31/drivers/huaweimodem/ussd.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512], coded_buf[321];
data/ofono-1.31/drivers/huaweimodem/voicecall.c:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/huaweimodem/voicecall.c:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/iceramodem/gprs-context.c:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[OFONO_GPRS_MAX_USERNAME_LENGTH + 1];
data/ofono-1.31/drivers/iceramodem/gprs-context.c:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[OFONO_GPRS_MAX_PASSWORD_LENGTH + 1];
data/ofono-1.31/drivers/iceramodem/gprs-context.c:84:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[3];
data/ofono-1.31/drivers/iceramodem/gprs-context.c:180:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/iceramodem/gprs-context.c:263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[AUTH_BUF_LENGTH];
data/ofono-1.31/drivers/iceramodem/gprs-context.c:281:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT%%IPDPCFG=%u,0,0,\"\",\"\"",
data/ofono-1.31/drivers/iceramodem/gprs-context.c:309:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[OFONO_GPRS_MAX_APN_LENGTH + 128];
data/ofono-1.31/drivers/iceramodem/gprs-context.c:315:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gcd->username, ctx->username, sizeof(ctx->username));
data/ofono-1.31/drivers/iceramodem/gprs-context.c:316:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gcd->password, ctx->password, sizeof(ctx->password));
data/ofono-1.31/drivers/iceramodem/gprs-context.c:352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/iceramodem/radio-settings.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/drivers/ifxmodem/audio-settings.c:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/ifxmodem/audio-settings.c:152:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+XDRV=40,2,%i", src);
data/ofono-1.31/drivers/ifxmodem/audio-settings.c:158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/ifxmodem/audio-settings.c:160:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+XDRV=40,3,%i", src);
data/ofono-1.31/drivers/ifxmodem/audio-settings.c:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/ifxmodem/audio-settings.c:178:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+XDRV=40,4,%i,%i,%i,%i,%i,%i,%i,%i,%i,%i,%i",
data/ofono-1.31/drivers/ifxmodem/audio-settings.c:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/ifxmodem/audio-settings.c:199:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+XDRV=40,5,%i,%i,%i,%i,%i,%i,%i,%i,%i,%i,%i",
data/ofono-1.31/drivers/ifxmodem/audio-settings.c:209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/ifxmodem/audio-settings.c:211:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+XDRV=40,6,%i,%i", src, dest);
data/ofono-1.31/drivers/ifxmodem/audio-settings.c:219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/ifxmodem/audio-settings.c:221:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+XDRV=40,8,%i,%i", dest, volume);
data/ofono-1.31/drivers/ifxmodem/ctm.c:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[OFONO_GPRS_MAX_USERNAME_LENGTH + 1];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[OFONO_GPRS_MAX_PASSWORD_LENGTH + 1];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[64];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gateway[64];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netmask[64];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dns1[64];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dns2[64];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:121:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CGACT=0,%u", gcd->active_context);
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:142:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[3];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:216:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CGDATA=\"M-RAW_IP\",%d", gcd->active_context);
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:284:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char datapath[256];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:313:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[3];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:425:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:442:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CGPADDR=%u", gcd->active_context);
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:485:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[384];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:499:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+XGAUTH=%u,0,\"\",\"\"", gcd->active_context);
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:508:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+XDNS=%u,1", gcd->active_context);
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:511:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+XDNS=%u,2", gcd->active_context);
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:514:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+XDNS=%u,3", gcd->active_context);
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:521:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CGACT=1,%u", gcd->active_context);
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:536:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[OFONO_GPRS_MAX_APN_LENGTH + 128];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:549:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gcd->username, ctx->username, sizeof(ctx->username));
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:550:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gcd->password, ctx->password, sizeof(ctx->password));
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:608:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/ifxmodem/gprs-context.c:618:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CGACT=0,%u", gcd->active_context);
data/ofono-1.31/drivers/ifxmodem/radio-settings.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/drivers/ifxmodem/stk.c:109:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buf, "AT+SATE=\"");
data/ofono-1.31/drivers/ifxmodem/stk.c:111:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(buf + len, "%02hhX", *command++);
data/ofono-1.31/drivers/ifxmodem/stk.c:155:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buf, "AT+SATR=\"");
data/ofono-1.31/drivers/ifxmodem/stk.c:157:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(buf + len, "%02hhX", *command++);
data/ofono-1.31/drivers/ifxmodem/stk.c:178:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/drivers/ifxmodem/voicecall.c:305:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/ifxmodem/voicecall.c:415:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/ifxmodem/voicecall.c:440:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/ifxmodem/voicecall.c:471:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/ifxmodem/voicecall.c:510:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s = sprintf(buf, "AT+VTS=%c", dtmf[0]);
data/ofono-1.31/drivers/ifxmodem/voicecall.c:513:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(buf + s, ";+VTS=%c", dtmf[i]);
data/ofono-1.31/drivers/isimodem/call-forwarding.c:243:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg + 13, ucs2, numlen * 2);
data/ofono-1.31/drivers/isimodem/debug.c:1428:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[3 * 16 + 1];
data/ofono-1.31/drivers/isimodem/debug.c:1429:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii[16 + 1];
data/ofono-1.31/drivers/isimodem/debug.c:1439:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hex + j, " %02X", m[i]), j += 3;
data/ofono-1.31/drivers/isimodem/gprs-context.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apn[GPDS_MAX_APN_STRING_LENGTH + 1];
data/ofono-1.31/drivers/isimodem/gprs-context.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[GPDS_MAX_USERNAME_LENGTH + 1];
data/ofono-1.31/drivers/isimodem/gprs-context.c:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[GPDS_MAX_PASSWORD_LENGTH + 1];
data/ofono-1.31/drivers/isimodem/gprs-context.c:204:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[5];
data/ofono-1.31/drivers/isimodem/gprs-context.c:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IF_NAMESIZE];
data/ofono-1.31/drivers/isimodem/network-registration.c:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nitz_name[OFONO_MAX_OPERATOR_NAME_LENGTH + 1];
data/ofono-1.31/drivers/isimodem/sim.c:344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[SIM_MAX_IMSI_LENGTH + 1];
data/ofono-1.31/drivers/isimodem/sim.c:494:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[2 + SEC_CODE_MAX_LENGTH + 1] = {
data/ofono-1.31/drivers/isimodem/sim.c:523:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[2 + 2 * (SEC_CODE_MAX_LENGTH + 1)] = {
data/ofono-1.31/drivers/isimodem/sim.c:568:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[3 + SEC_CODE_MAX_LENGTH + 1] = {
data/ofono-1.31/drivers/isimodem/sim.c:616:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[2 + 2 * (SEC_CODE_MAX_LENGTH + 1)] = {
data/ofono-1.31/drivers/isimodem/sms.c:504:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sca_sb + 6, pdu, pdu_len - tpdu_len);
data/ofono-1.31/drivers/isimodem/sms.c:555:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sca_sb + 4, pdu, pdu_len - tpdu_len);
data/ofono-1.31/drivers/isimodem/sms.c:859:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu, addr.data, addr.len);
data/ofono-1.31/drivers/isimodem/sms.c:860:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu + addr.len, tpdu.data, tpdu.len);
data/ofono-1.31/drivers/isimodem/sms.c:918:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu, addr.data, addr.len);
data/ofono-1.31/drivers/isimodem/sms.c:919:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu + addr.len, tpdu.data, tpdu.len);
data/ofono-1.31/drivers/isimodem/uicc.c:772:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[MAX_IMSI_LENGTH + 1] = { 0 };
data/ofono-1.31/drivers/isimodem/voicecall.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[20];
data/ofono-1.31/drivers/isimodem/voicecall.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/ofono-1.31/drivers/isimodem/voicecall.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_pad[4];
data/ofono-1.31/drivers/isimodem/voicecall.c:642:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const address[21],
data/ofono-1.31/drivers/isimodem/voicecall.c:676:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const address[21],
data/ofono-1.31/drivers/isimodem/voicecall.c:1342:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char address[21],
data/ofono-1.31/drivers/mbimmodem/gprs-context.c:157:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[INET6_ADDRSTRLEN];
data/ofono-1.31/drivers/mbimmodem/gprs-context.c:202:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[3];
data/ofono-1.31/drivers/mbimmodem/gprs-context.c:203:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dns1[INET_ADDRSTRLEN];
data/ofono-1.31/drivers/mbimmodem/gprs-context.c:204:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dns2[INET_ADDRSTRLEN];
data/ofono-1.31/drivers/mbimmodem/gprs-context.c:257:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[3];
data/ofono-1.31/drivers/mbimmodem/gprs-context.c:258:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dns1[INET6_ADDRSTRLEN];
data/ofono-1.31/drivers/mbimmodem/gprs-context.c:259:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dns2[INET6_ADDRSTRLEN];
data/ofono-1.31/drivers/mbimmodem/gprs-context.c:403:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuidstr[37];
data/ofono-1.31/drivers/mbimmodem/gprs.c:201:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuidstr[37];
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:181:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, iter->iov[i].iov_base + offset - iov_start, tocopy);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:192:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, iter->iov[i].iov_base, tocopy);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:491:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arg + i, src, 4);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:495:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arg + i, src, n_elem - i);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:604:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->uuid, uuid, 16);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:647:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(binary, message->header, HEADER_SIZE);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:651:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(binary + pos, message->frags[i].iov_base,
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:715:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->header, header, HEADER_SIZE);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:858:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest + i, src, 4);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:862:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest + i, src, len - i);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:885:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->s_addr, buf + 4, 4);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:908:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->s6_addr, buf + 4, 16);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:924:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[64];
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1108:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(container->dbuf + start, value, len);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1113:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(container->sbuf + start, value, len);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1147:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(container->dbuf + start, utf16, len - 2);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1187:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(container->dbuf + start, bytes, len);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1213:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(container->sbuf + start, bytes, len);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1272:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent->dbuf + start, container->sbuf, container->sbuf_pos);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1273:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent->dbuf + start + container->sbuf_pos,
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1401:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent->sbuf + start, container->sbuf, container->sbuf_pos);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1402:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent->sbuf + start + container->sbuf_pos,
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1430:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(root->sbuf, builder->message->uuid, 16);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1470:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subsig[64];
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1632:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subsig, s + 1, sigend - s - 1);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1654:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subsig, s + 1, sigend - s - 1);
data/ofono-1.31/drivers/mbimmodem/mbim.c:208:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&node->msg_hdr, msg_hdr, sizeof(*msg_hdr));
data/ofono-1.31/drivers/mbimmodem/mbim.c:209:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&node->frag_hdr, frag_hdr, sizeof(*frag_hdr));
data/ofono-1.31/drivers/mbimmodem/mbim.c:480:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, header, header_size);
data/ofono-1.31/drivers/mbimmodem/mbim.c:484:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + pos, body[i].iov_base, body[i].iov_len);
data/ofono-1.31/drivers/mbimmodem/mbim.c:576:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuidstr[37];
data/ofono-1.31/drivers/mbmmodem/gprs-context.c:87:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[MAX_DNS + 1];
data/ofono-1.31/drivers/mbmmodem/gprs-context.c:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/mbmmodem/gprs-context.c:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/mbmmodem/gprs-context.c:369:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[AUTH_BUF_LENGTH];
data/ofono-1.31/drivers/mbmmodem/stk.c:93:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buf, "AT*STKE=\"");
data/ofono-1.31/drivers/mbmmodem/stk.c:95:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(buf + len, "%02hhX", *command++);
data/ofono-1.31/drivers/mbmmodem/stk.c:139:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buf, "AT*STKR=\"");
data/ofono-1.31/drivers/mbmmodem/stk.c:141:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(buf + len, "%02hhX", *command++);
data/ofono-1.31/drivers/nwmodem/radio-settings.c:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/drivers/qmimodem/gprs-context.c:90:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[3] = { NULL, NULL, NULL };
data/ofono-1.31/drivers/qmimodem/gprs-context.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dns_buf[2][INET_ADDRSTRLEN];
data/ofono-1.31/drivers/qmimodem/nas.h:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[0];
data/ofono-1.31/drivers/qmimodem/nas.h:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[0];
data/ofono-1.31/drivers/qmimodem/nas.h:178:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[0];
data/ofono-1.31/drivers/qmimodem/network-registration.c:443:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
info.mcc = atoi(mcc);
data/ofono-1.31/drivers/qmimodem/network-registration.c:444:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
info.mnc = atoi(mnc);
data/ofono-1.31/drivers/qmimodem/qmi.c:206:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req->buf + QMI_MUX_HDR_SIZE + headroom +
data/ofono-1.31/drivers/qmimodem/qmi.c:273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[68];
data/ofono-1.31/drivers/qmimodem/qmi.c:500:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[72 + 16], *str;
data/ofono-1.31/drivers/qmimodem/qmi.c:513:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
str += sprintf(str, "%c %d", dir, hdr->service);
data/ofono-1.31/drivers/qmimodem/qmi.c:543:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
str += sprintf(str, " [client=%d,type=%d,tid=%d,len=%d]",
data/ofono-1.31/drivers/qmimodem/qmi.c:575:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
str += sprintf(str, " [client=%d,type=%d,tid=%d,len=%d]",
data/ofono-1.31/drivers/qmimodem/qmi.c:587:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
str += sprintf(str, " ");
data/ofono-1.31/drivers/qmimodem/qmi.c:605:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
str += sprintf(str, " {type=%d,error=%d}",
data/ofono-1.31/drivers/qmimodem/qmi.c:608:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
str += sprintf(str, " {type=%d,len=%d}", tlv->type,
data/ofono-1.31/drivers/qmimodem/qmi.c:616:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
str += sprintf(str, " ");
data/ofono-1.31/drivers/qmimodem/qmi.c:632:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[72 + 16];
data/ofono-1.31/drivers/qmimodem/qmi.c:863:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2048];
data/ofono-1.31/drivers/qmimodem/qmi.c:1454:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/ofono-1.31/drivers/qmimodem/qmi.c:1509:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_path[PATH_MAX];
data/ofono-1.31/drivers/qmimodem/qmi.c:1553:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(sysfs_path, O_RDONLY);
data/ofono-1.31/drivers/qmimodem/qmi.c:1619:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(sysfs_path, O_WRONLY);
data/ofono-1.31/drivers/qmimodem/qmi.c:1694:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tlv->value, data, length);
data/ofono-1.31/drivers/qmimodem/qmi.c:1705:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1] = { value };
data/ofono-1.31/drivers/qmimodem/qmi.c:1713:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2] = { value & 0xff, (value & 0xff00) >> 8 };
data/ofono-1.31/drivers/qmimodem/qmi.c:1721:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4] = { value & 0xff, (value & 0xff00) >> 8,
data/ofono-1.31/drivers/qmimodem/qmi.c:1860:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp, ptr, 2);
data/ofono-1.31/drivers/qmimodem/qmi.c:1881:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp, ptr, 2);
data/ofono-1.31/drivers/qmimodem/qmi.c:1903:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp, ptr, 4);
data/ofono-1.31/drivers/qmimodem/qmi.c:1925:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp, ptr, 8);
data/ofono-1.31/drivers/qmimodem/sim-legacy.c:49:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char access[3] = { 0x0f, 0xff, 0xff };
data/ofono-1.31/drivers/qmimodem/sim-legacy.c:67:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iccid[10];
data/ofono-1.31/drivers/qmimodem/sim.c:77:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char db_path[6];
data/ofono-1.31/drivers/qmimodem/sim.c:81:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(db_path, path, path_len);
data/ofono-1.31/drivers/qmimodem/sim.c:122:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char access[3];
data/ofono-1.31/drivers/qmimodem/sim.c:171:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aid_data[2] = { 0x00, 0x00 };
data/ofono-1.31/drivers/qmimodem/sim.c:172:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fileid_data[9];
data/ofono-1.31/drivers/qmimodem/sim.c:236:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aid_data[2] = { 0x00, 0x00 };
data/ofono-1.31/drivers/qmimodem/sim.c:237:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char read_data[4];
data/ofono-1.31/drivers/qmimodem/sim.c:238:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fileid_data[9];
data/ofono-1.31/drivers/qmimodem/sim.c:282:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aid_data[2] = { 0x00, 0x00 };
data/ofono-1.31/drivers/qmimodem/sim.c:283:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char read_data[4];
data/ofono-1.31/drivers/qmimodem/sim.c:284:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fileid_data[9];
data/ofono-1.31/drivers/qmimodem/sim.c:365:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aid_data[2] = { 0x00, 0x00 };
data/ofono-1.31/drivers/qmimodem/sim.c:366:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char write_data[4 + length];
data/ofono-1.31/drivers/qmimodem/sim.c:367:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fileid_data[9];
data/ofono-1.31/drivers/qmimodem/sim.c:383:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&write_data[4], value, length);
data/ofono-1.31/drivers/qmimodem/sim.c:735:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char session_info_data[2];
data/ofono-1.31/drivers/qmimodem/sim.c:755:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info_data->pin_value, passwd, passwd_len);
data/ofono-1.31/drivers/qmimodem/sms.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4], number[OFONO_MAX_PHONE_NUMBER_LENGTH + 2];
data/ofono-1.31/drivers/qmimodem/sms.c:205:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(message->msg_data, pdu, pdu_len);
data/ofono-1.31/drivers/qmimodem/sms.c:526:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data->msg_list->msg, list->msg, msg_size);
data/ofono-1.31/drivers/qmimodem/ussd.c:252:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(qmi_ussd->data, utf8, utf8_len);
data/ofono-1.31/drivers/qmimodem/wms.h:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[3];
data/ofono-1.31/drivers/qmimodem/wms.h:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[0];
data/ofono-1.31/drivers/rilmodem/call-barring.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char svcs_str[4];
data/ofono-1.31/drivers/rilmodem/call-barring.c:161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char svcs_str[4];
data/ofono-1.31/drivers/rilmodem/cbs.c:85:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
from = atoi(p);
data/ofono-1.31/drivers/rilmodem/cbs.c:90:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
to = atoi(pto + 1);
data/ofono-1.31/drivers/rilmodem/gprs-context.c:553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/rilmodem/gprs-context.c:581:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", tech);
data/ofono-1.31/drivers/rilmodem/gprs-context.c:610:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", auth_type);
data/ofono-1.31/drivers/rilmodem/gprs-context.c:616:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%u", ctx->cid);
data/ofono-1.31/drivers/rilmodem/lte.c:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[OFONO_GPRS_MAX_APN_LENGTH + 1];
data/ofono-1.31/drivers/rilmodem/netmon.c:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_mcc[OFONO_MAX_MCC_LENGTH + 1];
data/ofono-1.31/drivers/rilmodem/netmon.c:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_mnc[OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/drivers/rilmodem/network-registration.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[OFONO_MAX_MCC_LENGTH + 1];
data/ofono-1.31/drivers/rilmodem/network-registration.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnc[OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/drivers/rilmodem/network-registration.c:658:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[OFONO_MAX_MCC_LENGTH + OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/drivers/rilmodem/network-registration.c:735:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tzs, tz[4];
data/ofono-1.31/drivers/rilmodem/network-registration.c:760:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tz, "%c%d", tzs, tzi);
data/ofono-1.31/drivers/rilmodem/network-registration.c:762:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time.utcoff = atoi(tz) * 15 * 60;
data/ofono-1.31/drivers/rilmodem/radio-settings.c:333:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_buf[9], gsm_band[4], umts_band[4];
data/ofono-1.31/drivers/rilmodem/radio-settings.c:336:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd_buf, "%d", cmd_id);
data/ofono-1.31/drivers/rilmodem/radio-settings.c:340:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(gsm_band, "%d", PREF_NET_BAND_GSM_AUTOMATIC);
data/ofono-1.31/drivers/rilmodem/radio-settings.c:343:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(gsm_band, "%d", PREF_NET_BAND_GSM850);
data/ofono-1.31/drivers/rilmodem/radio-settings.c:346:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(gsm_band, "%d", PREF_NET_BAND_GSM900_P);
data/ofono-1.31/drivers/rilmodem/radio-settings.c:349:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(gsm_band, "%d", PREF_NET_BAND_GSM900_E);
data/ofono-1.31/drivers/rilmodem/radio-settings.c:352:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(gsm_band, "%d", PREF_NET_BAND_GSM1800);
data/ofono-1.31/drivers/rilmodem/radio-settings.c:355:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(gsm_band, "%d", PREF_NET_BAND_GSM1900);
data/ofono-1.31/drivers/rilmodem/radio-settings.c:364:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(umts_band, "%d", PREF_NET_BAND_UMTS_AUTOMATIC);
data/ofono-1.31/drivers/rilmodem/radio-settings.c:367:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(umts_band, "%d", PREF_NET_BAND_UMTS_V);
data/ofono-1.31/drivers/rilmodem/radio-settings.c:370:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(umts_band, "%d", PREF_NET_BAND_UMTS_VIII);
data/ofono-1.31/drivers/rilmodem/radio-settings.c:373:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(umts_band, "%d", PREF_NET_BAND_UMTS_IV);
data/ofono-1.31/drivers/rilmodem/radio-settings.c:376:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(umts_band, "%d", PREF_NET_BAND_UMTS_II);
data/ofono-1.31/drivers/rilmodem/radio-settings.c:379:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(umts_band, "%d", PREF_NET_BAND_UMTS_I);
data/ofono-1.31/drivers/rilmodem/sim.c:252:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char db_path[6] = { 0x00 };
data/ofono-1.31/drivers/rilmodem/sim.c:257:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(db_path, path, path_len);
data/ofono-1.31/drivers/rilmodem/sms.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[OFONO_MAX_PHONE_NUMBER_LENGTH + 4];
data/ofono-1.31/drivers/rilmodem/sms.c:243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4];
data/ofono-1.31/drivers/rilmodem/sms.c:257:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", cmd_id);
data/ofono-1.31/drivers/rilmodem/sms.c:296:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[4];
data/ofono-1.31/drivers/rilmodem/sms.c:297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[4];
data/ofono-1.31/drivers/rilmodem/sms.c:312:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%d", cmd_id);
data/ofono-1.31/drivers/rilmodem/sms.c:314:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2, "%d", bearer);
data/ofono-1.31/drivers/rilmodem/sms.c:335:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexbuf[tpdu_len * 2 + 1];
data/ofono-1.31/drivers/rilmodem/sms.c:414:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[176];
data/ofono-1.31/drivers/rilmodem/stk.c:78:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size += sprintf(buf + size, "%02hhX", *data++);
data/ofono-1.31/drivers/rilmodem/stk.c:132:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
size += sprintf(buf + size, "%02hhX", *cmd++);
data/ofono-1.31/drivers/rilmodem/voicecall.c:282:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&nc->called_number, &oc->called_number,
data/ofono-1.31/drivers/rilmodem/voicecall.c:661:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vd->tone_queue, tmp_tone_queue, remaining);
data/ofono-1.31/drivers/rilmodem/voicecall.c:678:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ril_dtmf[2];
data/ofono-1.31/drivers/speedupmodem/ussd.c:52:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[160];
data/ofono-1.31/drivers/speedupmodem/ussd.c:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512], coded_buf[182];
data/ofono-1.31/drivers/stemodem/caif_rtnl.c:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[RTNL_MSG_SIZE];
data/ofono-1.31/drivers/stemodem/caif_rtnl.c:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IF_NAMESIZE];
data/ofono-1.31/drivers/stemodem/caif_rtnl.c:166:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(rta), data, datalen);
data/ofono-1.31/drivers/stemodem/caif_rtnl.c:184:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[RTNL_MSG_SIZE];
data/ofono-1.31/drivers/stemodem/caif_socket.h:164:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char service[16];
data/ofono-1.31/drivers/stemodem/caif_socket.h:172:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume[16];
data/ofono-1.31/drivers/stemodem/gprs-context.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char interface[IF_NAMESIZE];
data/ofono-1.31/drivers/stemodem/gprs-context.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_address[IP_ADDR_LEN];
data/ofono-1.31/drivers/stemodem/gprs-context.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subnet_mask[IP_ADDR_LEN];
data/ofono-1.31/drivers/stemodem/gprs-context.c:77:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mtu[IP_ADDR_LEN];
data/ofono-1.31/drivers/stemodem/gprs-context.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dns_server1[IP_ADDR_LEN];
data/ofono-1.31/drivers/stemodem/gprs-context.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dns_server2[IP_ADDR_LEN];
data/ofono-1.31/drivers/stemodem/gprs-context.c:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_cscf_server[IP_ADDR_LEN];
data/ofono-1.31/drivers/stemodem/gprs-context.c:186:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[MAX_DNS + 1];
data/ofono-1.31/drivers/stemodem/gprs-context.c:249:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/stemodem/gprs-context.c:280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[AUTH_BUF_LENGTH];
data/ofono-1.31/drivers/stemodem/gprs-context.c:326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/stemodem/radio-settings.c:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/drivers/stemodem/voicecall.c:191:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/drivers/stemodem/voicecall.c:303:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/stemodem/voicecall.c:328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/drivers/stemodem/voicecall.c:359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/swmodem/gprs-context.c:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/swmodem/gprs-context.c:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/swmodem/gprs-context.c:156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[OFONO_GPRS_MAX_APN_LENGTH + 128];
data/ofono-1.31/drivers/swmodem/gprs-context.c:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[OFONO_GPRS_MAX_USERNAME_LENGTH + 1];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[OFONO_GPRS_MAX_PASSWORD_LENGTH + 1];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[64];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netmask[64];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gateway[64];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dns1[64];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dns2[64];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:84:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CGACT=0,%u", gcd->active_context);
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:106:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[3];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:193:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CGDATA=\"M-RAW_IP\",%d", gcd->active_context);
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:235:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CGCONTRDP=%d", gcd->active_context);
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:248:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:258:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CGPADDR=%u", gcd->active_context);
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[384];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:286:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT#PDPAUTH=%u,0", gcd->active_context);
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:291:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT#NCM=1,%u", gcd->active_context);
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:296:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CGACT=1,%u", gcd->active_context);
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:311:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[OFONO_GPRS_MAX_APN_LENGTH + 128];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:319:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gcd->username, ctx->username, sizeof(ctx->username));
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:320:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gcd->password, ctx->password, sizeof(ctx->password));
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:384:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:392:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CGACT=0,%u", gcd->active_context);
data/ofono-1.31/drivers/ubloxmodem/gprs-context.c:164:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[3] = { NULL, NULL, NULL };
data/ofono-1.31/drivers/ubloxmodem/gprs-context.c:165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/ubloxmodem/gprs-context.c:229:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/ubloxmodem/gprs-context.c:293:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/ubloxmodem/gprs-context.c:326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[UBLOX_MAX_USER_LEN + UBLOX_MAX_PASS_LEN + 32];
data/ofono-1.31/drivers/ubloxmodem/gprs-context.c:354:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[OFONO_GPRS_MAX_APN_LENGTH + 128];
data/ofono-1.31/drivers/ubloxmodem/gprs-context.c:449:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/drivers/ubloxmodem/lte.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32 + OFONO_GPRS_MAX_USERNAME_LENGTH +
data/ofono-1.31/drivers/ubloxmodem/lte.c:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32 + OFONO_GPRS_MAX_APN_LENGTH + 1];
data/ofono-1.31/drivers/ubloxmodem/network-registration.c:168:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nd->time.utcoff = atoi(tz) * 15 * 60;
data/ofono-1.31/drivers/ubloxmodem/network-registration.c:213:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nd->time.utcoff = atoi(tz) * 15 * 60;
data/ofono-1.31/drivers/xmm7modem/netmon.c:104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[3];
data/ofono-1.31/drivers/xmm7modem/netmon.c:105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnc[3];
data/ofono-1.31/drivers/xmm7modem/radio-settings.c:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/drivers/ztemodem/radio-settings.c:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/dundee/bluez4.c:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/dundee/bluez4.c:157:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "dun/");
data/ofono-1.31/dundee/device.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typesig[5];
data/ofono-1.31/dundee/device.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arraysig[6];
data/ofono-1.31/dundee/device.c:218:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dns[3] = { dns1, dns2, 0 };
data/ofono-1.31/ell/checksum.c:138:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) salg.salg_type, "hash");
data/ofono-1.31/ell/checksum.c:406:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[64];
data/ofono-1.31/ell/checksum.c:434:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) salg.salg_type, "hash");
data/ofono-1.31/ell/file.c:55:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, O_RDONLY);
data/ofono-1.31/ell/gpio.c:112:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, O_RDONLY | O_CLOEXEC);
data/ofono-1.31/ell/log.c:165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdr[64], *str;
data/ofono-1.31/ell/log.c:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prio[16], *str;
data/ofono-1.31/ell/main.c:399:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
msec = atoi(watchdog_usec) / 1000;
data/ofono-1.31/ell/string.c:160:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->str + dest->len, src, size);
data/ofono-1.31/ell/string.c:218:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->str + dest->len, src, max);
data/ofono-1.31/ell/string.c:354:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arg->chars + arg->cur_len, mem, len);
data/ofono-1.31/ell/utf8.c:42:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
LIB_EXPORT unsigned char l_ascii_table[256] = {
data/ofono-1.31/ell/utf8.c:88:15: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t mins[3] = { 1 << 7, 1 << 11, 1 << 16 };
data/ofono-1.31/ell/util.c:123:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, mem, size);
data/ofono-1.31/ell/util.c:276:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, len);
data/ofono-1.31/ell/util.c:345:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *hexstring_common(const unsigned char *buf, size_t len,
data/ofono-1.31/ell/util.c:345:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *hexstring_common(const unsigned char *buf, size_t len,
data/ofono-1.31/ell/util.c:346:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char hexdigits[static 16])
data/ofono-1.31/ell/util.c:461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[68];
data/ofono-1.31/ell/util.c:525:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[68];
data/ofono-1.31/ell/util.c:610:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[PATH_MAX + 1];
data/ofono-1.31/ell/util.c:612:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[100];
data/ofono-1.31/ell/util.c:618:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("/proc/mounts", "r");
data/ofono-1.31/ell/uuid.c:228:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
LIB_EXPORT bool l_uuid_from_string(const char *src, uint8_t uuid[16])
data/ofono-1.31/ell/uuid.c:258:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uuid, buf, sizeof(buf));
data/ofono-1.31/ell/uuid.h:56:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bool l_uuid_from_string(const char *src, uint8_t uuid[16]);
data/ofono-1.31/examples/history.c:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/examples/history.c:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/examples/history.c:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/examples/history.c:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/examples/history.c:158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/examples/private-network.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[16];
data/ofono-1.31/examples/private-network.c:65:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/net/tun", O_RDWR);
data/ofono-1.31/examples/private-network.c:71:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ifr.ifr_name, "ppp%d");
data/ofono-1.31/gatchat/gatchat.c:271:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c->cmd, cmd, len);
data/ofono-1.31/gatchat/gathdlc.c:142:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
hdlc->record_fd = open(filename, O_WRONLY | O_CREAT | O_APPEND,
data/ofono-1.31/gatchat/gathdlc.c:540:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tail[2];
data/ofono-1.31/gatchat/gatmux.c:90:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MUX_BUFFER_SIZE]; /* Buffer on the main mux */
data/ofono-1.31/gatchat/gatmux.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/ofono-1.31/gatchat/gatmux.c:830:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/gatchat/gatmux.c:915:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CMUX=%u,0,,%u", msd->mode, msd->frame_size);
data/ofono-1.31/gatchat/gatmux.c:917:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CMUX=%u,0,%u,%u", msd->mode, speed,
data/ofono-1.31/gatchat/gatmux.c:988:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp, data, len);
data/ofono-1.31/gatchat/gatmux.c:994:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char resp[33];
data/ofono-1.31/gatchat/gatmux.c:1011:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resp + 2, data, len);
data/ofono-1.31/gatchat/gatppp.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[256];
data/ofono-1.31/gatchat/gatppp.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[256];
data/ofono-1.31/gatchat/gatrawip.c:184:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/net/tun", O_RDWR);
data/ofono-1.31/gatchat/gatrawip.c:190:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ifr.ifr_name, "gprs%d");
data/ofono-1.31/gatchat/gatresult.h:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[G_AT_RESULT_LINE_LENGTH_MAX + 1];
data/ofono-1.31/gatchat/gatserver.c:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_TEXT_SIZE + 1];
data/ofono-1.31/gatchat/gatserver.c:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ofono-1.31/gatchat/gatserver.c:218:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%u", (unsigned int)result);
data/ofono-1.31/gatchat/gatserver.c:263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_TEXT_SIZE + 1];
data/ofono-1.31/gatchat/gatserver.c:327:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/gatchat/gatserver.c:344:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%03d", tmp);
data/ofono-1.31/gatchat/gatserver.c:402:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/gatchat/gatserver.c:617:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[18]; /* According to V250, 5.4.1 */
data/ofono-1.31/gatchat/gatserver.c:736:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[4], tmp;
data/ofono-1.31/gatchat/gatserver.c:795:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prefix + 1, buf + 1, prefix_size - 1);
data/ofono-1.31/gatchat/gattty.c:233:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(tty, O_RDWR | O_NOCTTY | O_NONBLOCK);
data/ofono-1.31/gatchat/gattty.c:269:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(tty, O_RDWR | O_NOCTTY | O_NONBLOCK);
data/ofono-1.31/gatchat/gatutil.c:89:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(escaped_str + escaped, ctrlz, ctrlz_size);
data/ofono-1.31/gatchat/gatutil.c:93:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(escaped_str + escaped, esc, esc_size);
data/ofono-1.31/gatchat/gatutil.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[68];
data/ofono-1.31/gatchat/gsm0710.c:33:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char crc_table[256] = {
data/ofono-1.31/gatchat/gsm0710.c:349:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(frame + header_size, data, len);
data/ofono-1.31/gatchat/gsmdial.c:149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/gatchat/gsmdial.c:150:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CFUN=%u", option_offmode);
data/ofono-1.31/gatchat/gsmdial.c:294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/ofono-1.31/gatchat/gsmdial.c:318:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/gatchat/gsmdial.c:325:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CFUN=%u", option_offmode);
data/ofono-1.31/gatchat/gsmdial.c:390:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/gatchat/gsmdial.c:398:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "ATD*99***%u#", option_cid);
data/ofono-1.31/gatchat/gsmdial.c:400:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CGDATA=\"PPP\",%u", option_cid);
data/ofono-1.31/gatchat/gsmdial.c:407:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ofono-1.31/gatchat/gsmdial.c:415:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buf, "AT+CGDCONT=%u,\"IP\"", option_cid);
data/ofono-1.31/gatchat/ppp_auth.c:139:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(response->data + digest_len + 1, username,
data/ofono-1.31/gatchat/ppp_auth.c:275:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(authreq->data + 1, username, strlen(username));
data/ofono-1.31/gatchat/ppp_auth.c:277:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(authreq->data + 1 + strlen(username) + 1, password,
data/ofono-1.31/gatchat/ppp_cp.c:387:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packet->data, pppcp->local_options, pppcp->local_options_len);
data/ofono-1.31/gatchat/ppp_cp.c:427:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packet->data, cr_req->data, len);
data/ofono-1.31/gatchat/ppp_cp.c:454:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packet->data, cr_req->data, len);
data/ofono-1.31/gatchat/ppp_cp.c:464:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packet->data, pppcp->peer_options,
data/ofono-1.31/gatchat/ppp_cp.c:563:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packet->data, rejected_packet,
data/ofono-1.31/gatchat/ppp_cp.c:937:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packet->data, rejected_packet + 2, len - 2);
data/ofono-1.31/gatchat/ppp_ipcp.c:85:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(options + len + 2, var, 4); \
data/ofono-1.31/gatchat/ppp_ipcp.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local[INET_ADDRSTRLEN];
data/ofono-1.31/gatchat/ppp_ipcp.c:148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer[INET_ADDRSTRLEN];
data/ofono-1.31/gatchat/ppp_ipcp.c:149:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dns1[INET_ADDRSTRLEN];
data/ofono-1.31/gatchat/ppp_ipcp.c:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dns2[INET_ADDRSTRLEN];
data/ofono-1.31/gatchat/ppp_ipcp.c:209:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipcp->local_addr, data, 4);
data/ofono-1.31/gatchat/ppp_ipcp.c:212:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipcp->dns1, data, 4);
data/ofono-1.31/gatchat/ppp_ipcp.c:215:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipcp->nbns1, data, 4);
data/ofono-1.31/gatchat/ppp_ipcp.c:218:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipcp->dns2, data, 4);
data/ofono-1.31/gatchat/ppp_ipcp.c:221:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipcp->nbns2, data, 4);
data/ofono-1.31/gatchat/ppp_ipcp.c:246:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipcp->local_addr, data, 4);
data/ofono-1.31/gatchat/ppp_ipcp.c:250:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipcp->dns1, data, 4);
data/ofono-1.31/gatchat/ppp_ipcp.c:254:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipcp->nbns1, data, 4);
data/ofono-1.31/gatchat/ppp_ipcp.c:258:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipcp->dns2, data, 4);
data/ofono-1.31/gatchat/ppp_ipcp.c:262:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipcp->nbns2, data, 4);
data/ofono-1.31/gatchat/ppp_ipcp.c:326:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr, data, 4);
data/ofono-1.31/gatchat/ppp_ipcp.c:333:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr, data, 4);
data/ofono-1.31/gatchat/ppp_ipcp.c:339:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr, data, 4);
data/ofono-1.31/gatchat/ppp_ipcp.c:357:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rej_options + rej_len + 2,
data/ofono-1.31/gatchat/ppp_ipcp.c:398:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipcp->peer_addr, data, 4);
data/ofono-1.31/gatchat/ppp_ipcp.c:421:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(options + len + 2, data, opt_len);
data/ofono-1.31/gatchat/ppp_ipv6cp.c:50:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_options + _len + 2, _var, _opt_len); \
data/ofono-1.31/gatchat/ppp_lcp.c:88:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lcp->options + len + 2, &accm, sizeof(accm));
data/ofono-1.31/gatchat/ppp_lcp.c:100:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lcp->options + len + 2, &mru, sizeof(mru));
data/ofono-1.31/gatchat/ppp_net.c:157:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/net/tun", O_RDWR);
data/ofono-1.31/gatchat/ppp_net.c:166:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ifr.ifr_name, "ppp%d");
data/ofono-1.31/gatchat/ringbuffer.c:85:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->buffer+offset, d, end);
data/ofono-1.31/gatchat/ringbuffer.c:88:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->buffer, d + end, len - end);
data/ofono-1.31/gatchat/ringbuffer.c:128:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, buf->buffer + offset, end);
data/ofono-1.31/gatchat/ringbuffer.c:131:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d + end, buf->buffer, len - end);
data/ofono-1.31/gatchat/test-qcdm.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comp_date[11];
data/ofono-1.31/gatchat/test-qcdm.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comp_time[8];
data/ofono-1.31/gatchat/test-qcdm.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rel_date[11];
data/ofono-1.31/gatchat/test-qcdm.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rel_time[8];
data/ofono-1.31/gatchat/test-qcdm.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[8];
data/ofono-1.31/gatchat/test-qcdm.c:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[12];
data/ofono-1.31/gatchat/test-qcdm.c:102:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmdbuf[1];
data/ofono-1.31/gatchat/test-qcdm.c:111:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmdbuf[4];
data/ofono-1.31/gatchat/test-server.c:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/ofono-1.31/gatchat/test-server.c:217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/gatchat/test-server.c:261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/ofono-1.31/gatchat/test-server.c:335:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/gatchat/test-server.c:399:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/gatchat/test-server.c:448:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/gatchat/test-server.c:497:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/ofono-1.31/gatchat/test-server.c:661:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/ofono-1.31/gatchat/test-server.c:671:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+CPMS: (\"SM\",\"ME\"),(\"SM\",\"ME\"),(\"SM\")");
data/ofono-1.31/gatchat/test-server.c:684:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/ofono-1.31/gatchat/test-server.c:694:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+CNMI: (0,1,2,3),(0,1),(0,1,2),(0),(0,1)");
data/ofono-1.31/gatchat/test-server.c:707:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/ofono-1.31/gatchat/test-server.c:717:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+CSCS: \"GSM\",\"IRA\",\"UCS2\"");
data/ofono-1.31/gatchat/test-server.c:746:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/ofono-1.31/gatchat/test-server.c:756:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+CPBS: (\"FD\",\"SM\",\"SN\")");
data/ofono-1.31/gatchat/test-server.c:851:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pty_name[256];
data/ofono-1.31/gatchat/test-server.c:1140:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi(optarg);
data/ofono-1.31/gdbus/client.c:677:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_as_str[2];
data/ofono-1.31/gdbus/client.c:742:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array_sig[3];
data/ofono-1.31/gdbus/client.c:743:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_sig[2];
data/ofono-1.31/gdbus/object.c:1413:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024];
data/ofono-1.31/gdbus/watch.c:168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rule[DBUS_MAXIMUM_MATCH_RULE_LENGTH];
data/ofono-1.31/gdbus/watch.c:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rule[DBUS_MAXIMUM_MATCH_RULE_LENGTH];
data/ofono-1.31/gisi/iter.c:177:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&val, iter->start + pos, sizeof(uint16_t));
data/ofono-1.31/gisi/iter.c:190:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&val, iter->start + pos, sizeof(uint32_t));
data/ofono-1.31/gisi/message.c:139:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&val, buf + offset, sizeof(uint16_t));
data/ofono-1.31/gisi/modem.c:720:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, iov[i].iov_base, iov[i].iov_len);
data/ofono-1.31/gisi/netlink.c:162:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SIZE_NLMSG];
data/ofono-1.31/gisi/netlink.c:316:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SIZE_NLMSG];
data/ofono-1.31/gisi/netlink.c:353:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/ofono-1.31/gisi/pep.c:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[IF_NAMESIZE];
data/ofono-1.31/gisi/server.c:68:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&server->version, version, sizeof(GIsiVersion));
data/ofono-1.31/gisi/socket.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[IF_NAMESIZE];
data/ofono-1.31/gril/gril.c:117:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char print_buf[RIL_PRINT_BUF_SIZE] __attribute__((used));
data/ofono-1.31/gril/gril.c:281:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r->data, &header, sizeof(header));
data/ofono-1.31/gril/gril.c:284:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r->data + sizeof(header), rilp->data, data_len);
data/ofono-1.31/gril/gril.c:510:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datap, bufp, data_len);
data/ofono-1.31/gril/grilutil.c:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char temp_str[32];
data/ofono-1.31/gril/grilutil.c:492:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[68];
data/ofono-1.31/gril/parcel.c:133:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->data + p->offset, gs16, gs16_size);
data/ofono-1.31/gril/parcel.c:236:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->data + p->offset, data, len);
data/ofono-1.31/gril/parcel.c:269:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, p->data + p->offset, *len);
data/ofono-1.31/include/gprs-context.h:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apn[OFONO_GPRS_MAX_APN_LENGTH + 1];
data/ofono-1.31/include/gprs-context.h:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[OFONO_GPRS_MAX_USERNAME_LENGTH + 1];
data/ofono-1.31/include/gprs-context.h:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[OFONO_GPRS_MAX_PASSWORD_LENGTH + 1];
data/ofono-1.31/include/lte.h:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char apn[OFONO_GPRS_MAX_APN_LENGTH + 1];
data/ofono-1.31/include/lte.h:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[OFONO_GPRS_MAX_USERNAME_LENGTH + 1];
data/ofono-1.31/include/lte.h:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[OFONO_GPRS_MAX_PASSWORD_LENGTH + 1];
data/ofono-1.31/include/netreg.h:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[OFONO_MAX_OPERATOR_NAME_LENGTH + 1];
data/ofono-1.31/include/netreg.h:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[OFONO_MAX_MCC_LENGTH + 1];
data/ofono-1.31/include/netreg.h:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnc[OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/include/sim.h:87:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char access[3],
data/ofono-1.31/include/types.h:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[OFONO_MAX_PHONE_NUMBER_LENGTH + 1];
data/ofono-1.31/include/types.h:93:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[OFONO_CDMA_MAX_PHONE_NUMBER_LENGTH];
data/ofono-1.31/include/types.h:103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[OFONO_MAX_CALLER_NAME_LENGTH + 1];
data/ofono-1.31/include/types.h:122:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char uuid[OFONO_SHA1_UUID_LEN];
data/ofono-1.31/linux/gpio.h:25:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/ofono-1.31/linux/gpio.h:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[32];
data/ofono-1.31/linux/gpio.h:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/ofono-1.31/linux/gpio.h:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char consumer[32];
data/ofono-1.31/linux/gpio.h:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char consumer_label[32];
data/ofono-1.31/linux/gpio.h:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char consumer_label[32];
data/ofono-1.31/linux/gsmmux.h:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char if_name[IFNAMSIZ]; /* interface name format string */
data/ofono-1.31/plugins/bluez4.c:568:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char laddress[18], raddress[18];
data/ofono-1.31/plugins/calypso.c:80:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *debug_prefixes[NUM_DLC] = { "Voice: ", "Net: ", "SMS: ", "Aux: " };
data/ofono-1.31/plugins/calypso.c:351:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file, O_WRONLY);
data/ofono-1.31/plugins/gobi.c:328:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(device, O_RDWR | O_NONBLOCK | O_CLOEXEC);
data/ofono-1.31/plugins/hfp_ag_bluez5.c:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local[BT_ADDR_SIZE], remote[BT_ADDR_SIZE];
data/ofono-1.31/plugins/hfp_hf_bluez4.c:215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/plugins/hfp_hf_bluez4.c:224:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "hfp/");
data/ofono-1.31/plugins/hfp_hf_bluez5.c:360:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[32];
data/ofono-1.31/plugins/hfp_hf_bluez5.c:374:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "AT+BAC=%d,%d", HFP_CODEC_CVSD,
data/ofono-1.31/plugins/hfp_hf_bluez5.c:377:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "AT+BAC=%d", HFP_CODEC_CVSD);
data/ofono-1.31/plugins/hfp_hf_bluez5.c:383:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "AT+BCS=%d", value);
data/ofono-1.31/plugins/hfp_hf_bluez5.c:610:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local[18], remote[18];
data/ofono-1.31/plugins/ifx.c:75:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *dlc_prefixes[NUM_DLC] = { "Voice: ", "Net: ", "GPRS1: ",
data/ofono-1.31/plugins/ifx.c:78:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *dlc_nodes[NUM_DLC] = { "/dev/ttyGSM1", "/dev/ttyGSM2",
data/ofono-1.31/plugins/ifx.c:552:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->mux_ldisc = atoi(ldisc);
data/ofono-1.31/plugins/mbim.c:290:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(device, O_EXCL | O_NONBLOCK | O_RDWR);
data/ofono-1.31/plugins/mbpi.c:572:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(MBPI_DATABASE, O_RDONLY);
data/ofono-1.31/plugins/nokia-gpio.c:150:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "r+");
data/ofono-1.31/plugins/nokia-gpio.c:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/ofono-1.31/plugins/nokia-gpio.c:183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/ofono-1.31/plugins/phonesim.c:141:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[OFONO_GPRS_MAX_APN_LENGTH + 128];
data/ofono-1.31/plugins/phonesim.c:170:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+CGACT=1,%u", ctx->cid);
data/ofono-1.31/plugins/phonesim.c:187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/plugins/phonesim.c:339:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/plugins/phonesim.c:794:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/plugins/phonesim.c:1073:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ofono_modem_set_integer(modem, "Port", atoi(value));
data/ofono-1.31/plugins/provision.c:90:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*settings + i, ap,
data/ofono-1.31/plugins/ril_intel.c:205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4];
data/ofono-1.31/plugins/ril_intel.c:216:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", cmd_id);
data/ofono-1.31/plugins/ril_intel.c:220:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", enable ? 1 : 0);
data/ofono-1.31/plugins/ril_intel.c:406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4];
data/ofono-1.31/plugins/ril_intel.c:414:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", cmd_id);
data/ofono-1.31/plugins/ril_intel.c:577:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4];
data/ofono-1.31/plugins/ril_intel.c:588:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", cmd_id);
data/ofono-1.31/plugins/rildev.c:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev_name[64];
data/ofono-1.31/plugins/sap.c:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/plugins/sap.c:254:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "sap/");
data/ofono-1.31/plugins/sim900.c:59:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *dlc_prefixes[NUM_DLC] = { "Voice: ", "Net: ", "SMS: ",
data/ofono-1.31/plugins/ste.c:78:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *chat_prefixes[NUM_CHAT] = { "Default: ", "Net: ", "Voice: ",
data/ofono-1.31/plugins/ste.c:280:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(device, O_RDWR);
data/ofono-1.31/plugins/stktest.c:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/plugins/telit.c:262:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[32];
data/ofono-1.31/plugins/telit.c:263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char variant[32];
data/ofono-1.31/plugins/u8500.c:592:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imei[16]; /* IMEI 15 digits + 1 null*/
data/ofono-1.31/plugins/u8500.c:594:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen("/etc/imei", "r");
data/ofono-1.31/plugins/udevng.c:971:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char descriptors[PATH_MAX];
data/ofono-1.31/plugins/udevng.c:1093:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ofono_modem_set_integer(modem->modem, "Address", atoi(value));
data/ofono-1.31/plugins/xmm7xxx.c:385:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(band, "BAND_LTE_%d", band_lte);
data/ofono-1.31/plugins/xmm7xxx.c:387:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(band, "INVALID");
data/ofono-1.31/plugins/xmm7xxx.c:479:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/plugins/xmm7xxx.c:483:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AT+XNRTCWS=65535,%u,%u,%u", (int)wlan_active,
data/ofono-1.31/plugins/xmm7xxx.c:854:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char band[BAND_LEN];
data/ofono-1.31/src/bluetooth.h:68:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(bdaddr_t));
data/ofono-1.31/src/bluetooth.h:73:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(str, "%2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X",
data/ofono-1.31/src/call-barring.c:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char property_name[64];
data/ofono-1.31/src/call-barring.c:155:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char property_name[64];
data/ofono-1.31/src/call-barring.c:591:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char property_name[64];
data/ofono-1.31/src/call-forwarding.c:158:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cond, &list[i],
data/ofono-1.31/src/call-forwarding.c:214:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[16];
data/ofono-1.31/src/call-forwarding.c:269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr[64];
data/ofono-1.31/src/call-forwarding.c:270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tattr[72];
data/ofono-1.31/src/call-forwarding.c:432:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr[64];
data/ofono-1.31/src/call-forwarding.c:433:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tattr[64];
data/ofono-1.31/src/call-forwarding.c:1300:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr[64];
data/ofono-1.31/src/call-meter.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currency[4];
data/ofono-1.31/src/call-settings.c:365:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/src/call-settings.c:396:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prop[128];
data/ofono-1.31/src/cbs.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnc[OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/src/cbs.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[OFONO_MAX_MCC_LENGTH + 1];
data/ofono-1.31/src/cbs.c:184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iso639_lang[3];
data/ofono-1.31/src/cdma-connman.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[OFONO_CDMA_CONNMAN_MAX_USERNAME_LENGTH + 1];
data/ofono-1.31/src/cdma-connman.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[OFONO_CDMA_CONNMAN_MAX_PASSWORD_LENGTH + 1];
data/ofono-1.31/src/cdma-connman.c:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typesig[5];
data/ofono-1.31/src/cdma-connman.c:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arraysig[6];
data/ofono-1.31/src/cdma-smsutil.c:146:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char dtmf_digits[13] = {0, '1', '2', '3', '4', '5', '6',
data/ofono-1.31/src/cdma-smsutil.c:166:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[CDMA_SMS_MAX_ADDR_FIELDS + 1];
data/ofono-1.31/src/cdma-smsutil.c:275:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, ud->chari, ud->num_fields);
data/ofono-1.31/src/cdma-voicecall.c:85:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/ofono-1.31/src/common.c:427:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[OFONO_MAX_PHONE_NUMBER_LENGTH + 2];
data/ofono-1.31/src/common.c:456:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[OFONO_CDMA_MAX_PHONE_NUMBER_LENGTH + 1];
data/ofono-1.31/src/common.c:743:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[OFONO_SHA1_UUID_LEN * 2 + 1];
data/ofono-1.31/src/dbus.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sig[2];
data/ofono-1.31/src/dbus.c:103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typesig[2];
data/ofono-1.31/src/dbus.c:104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arraysig[3];
data/ofono-1.31/src/dbus.c:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typesig[5];
data/ofono-1.31/src/dbus.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arraysig[6];
data/ofono-1.31/src/emulator.c:372:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/src/emulator.c:384:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+CIEV: %d,%d", i, ind->value);
data/ofono-1.31/src/emulator.c:401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[OFONO_MAX_PHONE_NUMBER_LENGTH + 14 + 1];
data/ofono-1.31/src/emulator.c:432:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[OFONO_MAX_PHONE_NUMBER_LENGTH + 14 + 1];
data/ofono-1.31/src/emulator.c:468:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/ofono-1.31/src/emulator.c:483:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+BRSF: %d", em->l_features);
data/ofono-1.31/src/emulator.c:517:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buf, "+CIND: ");
data/ofono-1.31/src/emulator.c:549:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buf, "+CIND: ");
data/ofono-1.31/src/emulator.c:578:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/src/emulator.c:582:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+CMER: %d,0,0,%d,0", em->events_mode,
data/ofono-1.31/src/emulator.c:589:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+CMER: (0,3),(0),(0),(0,1),(0)");
data/ofono-1.31/src/emulator.c:762:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/ofono-1.31/src/emulator.c:781:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+CMEE: %d", em->cmee_mode);
data/ofono-1.31/src/emulator.c:788:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+CMEE: (0,1)");
data/ofono-1.31/src/emulator.c:856:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/src/emulator.c:868:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+BIND: (1)");
data/ofono-1.31/src/emulator.c:1313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/src/emulator.c:1321:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+CMS ERROR: %d", final->error);
data/ofono-1.31/src/emulator.c:1328:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+CME ERROR: %d", final->error);
data/ofono-1.31/src/emulator.c:1515:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/src/emulator.c:1549:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+CIEV: %d,%d", i, ind->value);
data/ofono-1.31/src/emulator.c:1595:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ofono-1.31/src/emulator.c:1606:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+CIEV: %d,%d", i, ind->value);
data/ofono-1.31/src/emulator.c:1647:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/src/emulator.c:1660:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "+BIND: %d,%d", HFP_HF_INDICATOR_ENHANCED_SAFETY, active);
data/ofono-1.31/src/emulator.c:1686:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/src/gprs.c:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_CONTEXT_NAME_LENGTH + 1];
data/ofono-1.31/src/gprs.c:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message_proxy[MAX_MESSAGE_PROXY_LENGTH + 1];
data/ofono-1.31/src/gprs.c:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message_center[MAX_MESSAGE_CENTER_LENGTH + 1];
data/ofono-1.31/src/gprs.c:336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typesig[5];
data/ofono-1.31/src/gprs.c:337:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arraysig[6];
data/ofono-1.31/src/gprs.c:418:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typesig[5];
data/ofono-1.31/src/gprs.c:419:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arraysig[6];
data/ofono-1.31/src/gprs.c:1403:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256];
data/ofono-1.31/src/gprs.c:1430:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256];
data/ofono-1.31/src/gprs.c:2921:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[INET_ADDRSTRLEN];
data/ofono-1.31/src/handsfree-audio.c:154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local[18], remote[18];
data/ofono-1.31/src/handsfree-audio.c:571:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[64];
data/ofono-1.31/src/handsfree.c:78:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *list[32];
data/ofono-1.31/src/handsfree.c:204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arraysig[3];
data/ofono-1.31/src/log.c:174:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[20], buf[PATH_MAX * 2];
data/ofono-1.31/src/log.c:301:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[PATH_MAX];
data/ofono-1.31/src/lte.c:259:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(<e->pending_info, <e->info, sizeof(lte->info));
data/ofono-1.31/src/message-waiting.c:51:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char efmbdn_record_id[5];
data/ofono-1.31/src/message-waiting.c:72:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *mw_message_waiting_property_name[5] = {
data/ofono-1.31/src/message-waiting.c:82:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *mw_message_count_property_name[5] = {
data/ofono-1.31/src/message-waiting.c:92:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *mw_mailbox_property_name[5] = {
data/ofono-1.31/src/message-waiting.c:181:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char efmbdn[255];
data/ofono-1.31/src/message-waiting.c:244:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(old, &req->number, sizeof(struct ofono_phone_number));
data/ofono-1.31/src/message-waiting.c:280:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char efmbdn[255];
data/ofono-1.31/src/message-waiting.c:400:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&mw->messages[mailbox], info, sizeof(struct mailbox_state));
data/ofono-1.31/src/message-waiting.c:681:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char efmwis[255]; /* Max record size */
data/ofono-1.31/src/message.c:129:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&v->uuid, uuid, sizeof(*uuid));
data/ofono-1.31/src/message.c:244:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[256];
data/ofono-1.31/src/modem.c:1792:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, property->value, sizeof(int));
data/ofono-1.31/src/modem.c:1795:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, property->value, sizeof(ofono_bool_t));
data/ofono-1.31/src/modem.c:1893:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[128];
data/ofono-1.31/src/network.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[OFONO_MAX_OPERATOR_NAME_LENGTH + 1];
data/ofono-1.31/src/network.c:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[OFONO_MAX_MCC_LENGTH + 1];
data/ofono-1.31/src/network.c:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnc[OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/src/network.c:295:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[256];
data/ofono-1.31/src/network.c:357:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[1024];
data/ofono-1.31/src/network.c:358:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mccmnc[OFONO_MAX_MCC_LENGTH + OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/src/network.c:524:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mccmnc[OFONO_MAX_MCC_LENGTH + OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/src/network.c:903:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256];
data/ofono-1.31/src/network.c:925:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnc[OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/src/network.c:926:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[OFONO_MAX_MCC_LENGTH + 1];
data/ofono-1.31/src/network.c:2008:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[17];
data/ofono-1.31/src/network.c:2009:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ofono-1.31/src/phonebook.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ofono-1.31/src/phonebook.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field[LEN_MAX];
data/ofono-1.31/src/phonebook.c:156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/src/phonebook.c:195:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field[LEN_MAX];
data/ofono-1.31/src/phonebook.c:209:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field[LEN_MAX];
data/ofono-1.31/src/phonebook.c:224:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field[LEN_MAX];
data/ofono-1.31/src/radio-settings.c:245:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *rats[sizeof(uint32_t) * CHAR_BIT + 1];
data/ofono-1.31/src/sim-auth.c:655:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[3];
data/ofono-1.31/src/sim-auth.c:656:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnc[3];
data/ofono-1.31/src/sim-auth.c:659:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mcc, imsi, 3);
data/ofono-1.31/src/sim-auth.c:662:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mnc, imsi + 3, 3);
data/ofono-1.31/src/sim-auth.c:665:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mnc + 1, imsi + 3, 2);
data/ofono-1.31/src/sim-auth.c:709:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->aid, r->aid, 16);
data/ofono-1.31/src/sim-auth.c:724:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->aid, r->aid, 16);
data/ofono-1.31/src/sim.c:87:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cphs_service_table[2];
data/ofono-1.31/src/sim.c:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[OFONO_MAX_MCC_LENGTH + 1];
data/ofono-1.31/src/sim.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnc[OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/src/sim.c:633:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char efmsisdn[255];
data/ofono-1.31/src/sim.c:1156:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char path[6];
data/ofono-1.31/src/sim.c:1227:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char path[6];
data/ofono-1.31/src/sim.c:1396:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(own, &ph, sizeof(struct ofono_phone_number));
data/ofono-1.31/src/sim.c:1483:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sdn->ph, &ph, sizeof(struct ofono_phone_number));
data/ofono-1.31/src/sim.c:1583:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(efimg, &data[1], 9);
data/ofono-1.31/src/sim.c:1756:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[17]; /* IMSI max length is 15 + 1 for NULL + 1 waste */
data/ofono-1.31/src/sim.c:2054:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sim->cphs_service_table, data + 1, 2);
data/ofono-1.31/src/sim.c:2210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char code[3];
data/ofono-1.31/src/sim.c:2339:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iccid[21]; /* ICCID max length is 20 + 1 for NULL */
data/ofono-1.31/src/sim.c:3418:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[OFONO_MAX_PHONE_NUMBER_LENGTH + 18 + 1];
data/ofono-1.31/src/simfs.c:68:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char path[6];
data/ofono-1.31/src/simfs.c:84:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bitmap[32];
data/ofono-1.31/src/simfs.c:402:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(op->buffer + bufoff, data + dataoff, tocopy);
data/ofono-1.31/src/simfs.c:551:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256];
data/ofono-1.31/src/simfs.c:623:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char access[3],
data/ofono-1.31/src/simfs.c:632:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fileinfo[SIM_CACHE_HEADER_SIZE];
data/ofono-1.31/src/simfs.c:663:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fs->fd = L_TFR(open(path, O_WRONLY | O_CREAT | O_TRUNC, SIM_CACHE_MODE));
data/ofono-1.31/src/simfs.c:680:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char access[3],
data/ofono-1.31/src/simfs.c:749:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fileinfo[SIM_CACHE_HEADER_SIZE];
data/ofono-1.31/src/simfs.c:764:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = L_TFR(open(path, O_RDWR));
data/ofono-1.31/src/simfs.c:795:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fs->bitmap, fileinfo + SIM_FILE_INFO_SIZE,
data/ofono-1.31/src/simfs.c:856:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char access[3],
data/ofono-1.31/src/simfs.c:1077:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(op->path, path, path_len);
data/ofono-1.31/src/simfs.c:1191:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = L_TFR(open(path, O_RDONLY));
data/ofono-1.31/src/simutil.c:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[OFONO_MAX_MCC_LENGTH + 1];
data/ofono-1.31/src/simutil.c:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnc[OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/src/simutil.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[OFONO_MAX_MCC_LENGTH + 1];
data/ofono-1.31/src/simutil.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnc[OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/src/simutil.c:1257:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, alpha, alpha_written);
data/ofono-1.31/src/simutil.c:1303:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char path[6];
data/ofono-1.31/src/simutil.c:1336:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char path[6];
data/ofono-1.31/src/simutil.c:1377:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char acc[3];
data/ofono-1.31/src/simutil.c:1474:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(access, acc, 3);
data/ofono-1.31/src/simutil.c:1576:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(app.aid, aid, app.aid_len);
data/ofono-1.31/src/simutil.c:1629:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + pos, rand, 16);
data/ofono-1.31/src/simutil.c:1634:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + pos, autn, 16);
data/ofono-1.31/src/simutil.h:318:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aid[16];
data/ofono-1.31/src/sms.c:93:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[176];
data/ofono-1.31/src/sms.c:1188:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[176];
data/ofono-1.31/src/sms.c:1265:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/src/sms.c:1967:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&txq_entry->uuid.uuid, &backup_entry->uuid,
data/ofono-1.31/src/sms.c:2128:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uuid, &entry->uuid, sizeof(*uuid));
data/ofono-1.31/src/smsagent.c:264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/src/smsutil.c:487:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vp->enhanced, pdu + *offset, 7);
data/ofono-1.31/src/smsutil.c:513:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu + *offset, vp->enhanced, 7);
data/ofono-1.31/src/smsutil.c:531:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char p[10];
data/ofono-1.31/src/smsutil.c:611:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu + 2, p, (sc ? addr_len - 1 : (addr_len + 1) / 2));
data/ofono-1.31/src/smsutil.c:736:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu + *offset, in->ud, ud_oct_len);
data/ofono-1.31/src/smsutil.c:781:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out->deliver.ud, pdu + offset, expected);
data/ofono-1.31/src/smsutil.c:813:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu + *offset, in->ud, ud_oct_len);
data/ofono-1.31/src/smsutil.c:849:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu + *offset, in->ud, ud_oct_len);
data/ofono-1.31/src/smsutil.c:941:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out->submit_err_report.ud,
data/ofono-1.31/src/smsutil.c:945:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out->submit_ack_report.ud,
data/ofono-1.31/src/smsutil.c:1000:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu + *offset, in->ud, ud_oct_len);
data/ofono-1.31/src/smsutil.c:1076:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out->status_report.ud, pdu + offset, expected);
data/ofono-1.31/src/smsutil.c:1107:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu + *offset, in->ud, ud_oct_len);
data/ofono-1.31/src/smsutil.c:1141:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu + *offset, in->ud, ud_oct_len);
data/ofono-1.31/src/smsutil.c:1226:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out->deliver_err_report.ud,
data/ofono-1.31/src/smsutil.c:1230:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out->deliver_ack_report.ud,
data/ofono-1.31/src/smsutil.c:1279:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu + *offset, in->ud, ud_oct_len);
data/ofono-1.31/src/smsutil.c:1384:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out->submit.ud, pdu + offset, expected);
data/ofono-1.31/src/smsutil.c:1418:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu + *offset, in->cd, in->cdl);
data/ofono-1.31/src/smsutil.c:1463:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out->command.cd, pdu + offset, out->command.cdl);
data/ofono-1.31/src/smsutil.c:1809:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, &iter->data[iter->offset + 2], ie_len);
data/ofono-1.31/src/smsutil.c:1869:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(remote, &t, sizeof(struct tm));
data/ofono-1.31/src/smsutil.c:1888:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[64];
data/ofono-1.31/src/smsutil.c:2190:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + len, ud + taken, udl - taken);
data/ofono-1.31/src/smsutil.c:2260:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[160];
data/ofono-1.31/src/smsutil.c:2317:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(utf16 + utf16_size, from, num_ucs2_chars);
data/ofono-1.31/src/smsutil.c:2380:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[12];
data/ofono-1.31/src/smsutil.c:2392:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[12];
data/ofono-1.31/src/smsutil.c:2421:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[177];
data/ofono-1.31/src/smsutil.c:2485:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[177];
data/ofono-1.31/src/smsutil.c:2657:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&node->addr, addr, sizeof(struct sms_address));
data/ofono-1.31/src/smsutil.c:2672:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newsms, sms, sizeof(struct sms));
data/ofono-1.31/src/smsutil.c:2763:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgid_str[SMS_MSGID_LEN * 2 + 1];
data/ofono-1.31/src/smsutil.c:2764:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msgid[SMS_MSGID_LEN];
data/ofono-1.31/src/smsutil.c:2869:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgid_str[SMS_MSGID_LEN * 2 + 1];
data/ofono-1.31/src/smsutil.c:2895:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgid_str[SMS_MSGID_LEN * 2 + 1];
data/ofono-1.31/src/smsutil.c:3091:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_msgid, msgid, SMS_MSGID_LEN);
data/ofono-1.31/src/smsutil.c:3220:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[177];
data/ofono-1.31/src/smsutil.c:3290:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[SMS_MSGID_LEN * 2 + 1];
data/ofono-1.31/src/smsutil.c:3349:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[177];
data/ofono-1.31/src/smsutil.c:3355:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 1, pdu, pdu_len);
data/ofono-1.31/src/smsutil.c:3423:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sms, in, sizeof(struct sms));
data/ofono-1.31/src/smsutil.c:3487:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(template.submit.ud + offset, data, len);
data/ofono-1.31/src/smsutil.c:3523:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(template.submit.ud + offset, data + written, chunk);
data/ofono-1.31/src/smsutil.c:3647:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(template.submit.ud + offset, ucs2_encoded, written);
data/ofono-1.31/src/smsutil.c:3705:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(template.submit.ud + offset,
data/ofono-1.31/src/smsutil.c:3888:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out->ud, pdu + 6, 82);
data/ofono-1.31/src/smsutil.c:3902:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdu + 6, cbs->ud, 82);
data/ofono-1.31/src/smsutil.c:4123:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char unpacked[CBS_MAX_GSM_CHARS];
data/ofono-1.31/src/smsutil.c:4417:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newcbs, cbs, sizeof(struct cbs));
data/ofono-1.31/src/smsutil.c:4455:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newcbs, cbs, sizeof(struct cbs));
data/ofono-1.31/src/smsutil.c:4545:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bitmap[125];
data/ofono-1.31/src/smsutil.c:4687:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(ret + len, "%hu-%hu",
data/ofono-1.31/src/smsutil.c:4690:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(ret + len, "%hu", range->min);
data/ofono-1.31/src/smsutil.h:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[23];
data/ofono-1.31/src/smsutil.h:434:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char uuid[SMS_MSGID_LEN];
data/ofono-1.31/src/smsutil.h:467:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define DECLARE_SMS_ADDR_STR(a) char a[25]
data/ofono-1.31/src/stk.c:247:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(op->tlv, tlv, tlv_len);
data/ofono-1.31/src/stk.c:284:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&e.cbs_pp_download.page, msg, sizeof(*msg));
data/ofono-1.31/src/stk.c:319:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&e.sms_pp_download.message, &msg->deliver, sizeof(msg->deliver));
data/ofono-1.31/src/stk.c:391:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(attr.attributes, &item_attrs->list[i * 4], 4);
data/ofono-1.31/src/stk.c:1776:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[256];
data/ofono-1.31/src/stk.c:1874:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[256];
data/ofono-1.31/src/stk.c:2214:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[17];
data/ofono-1.31/src/stk.c:2359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[3];
data/ofono-1.31/src/stk.c:2369:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lang, l, 2);
data/ofono-1.31/src/stk.c:2485:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dtmf[256];
data/ofono-1.31/src/stkutil.c:161:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*text, data, len);
data/ofono-1.31/src/stkutil.c:181:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(array->array, data, len);
data/ofono-1.31/src/stkutil.c:332:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subaddr->subaddr, data, len);
data/ofono-1.31/src/stkutil.c:355:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ccp->ccp, data, len);
data/ofono-1.31/src/stkutil.c:377:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp->page, data, len);
data/ofono-1.31/src/stkutil.c:498:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result->additional, data + 1, len - 1);
data/ofono-1.31/src/stkutil.c:518:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tpdu->tpdu, data, len);
data/ofono-1.31/src/stkutil.c:588:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(us->string, data + 1, us->len);
data/ofono-1.31/src/stkutil.c:615:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sf->file, sf_iter.file, sf_iter.len);
data/ofono-1.31/src/stkutil.c:721:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nmr, data, len);
data/ofono-1.31/src/stkutil.c:761:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inai->list, data, len);
data/ofono-1.31/src/stkutil.c:782:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(el->list, data, len);
data/ofono-1.31/src/stkutil.c:805:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cause->cause, data, len);
data/ofono-1.31/src/stkutil.c:832:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ti->list, data, len);
data/ofono-1.31/src/stkutil.c:907:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iiil->list, data + 1, iiil->len);
data/ofono-1.31/src/stkutil.c:934:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ca->atr, data, len);
data/ofono-1.31/src/stkutil.c:974:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ca->data, data+5, ca->lc);
data/ofono-1.31/src/stkutil.c:1002:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ra->data, data, ra->len);
data/ofono-1.31/src/stkutil.c:1129:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lang, data, len);
data/ofono-1.31/src/stkutil.c:1210:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(f->file, data, len);
data/ofono-1.31/src/stkutil.c:1299:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(status, data, 2);
data/ofono-1.31/src/stkutil.c:1317:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cr_id->id, data, len);
data/ofono-1.31/src/stkutil.c:1346:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&oa->addr.ipv4, data + 1, 4);
data/ofono-1.31/src/stkutil.c:1348:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&oa->addr.ipv6, data + 1, 16);
data/ofono-1.31/src/stkutil.c:1383:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aid->aid, data, len);
data/ofono-1.31/src/stkutil.c:1436:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sr->serv_rec, data + 2, sr->len);
data/ofono-1.31/src/stkutil.c:1463:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(df->dev_filter, data + 1, df->len);
data/ofono-1.31/src/stkutil.c:1490:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ss->ser_search, data + 1, ss->len);
data/ofono-1.31/src/stkutil.c:1517:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ai->attr_info, data + 1, ai->len);
data/ofono-1.31/src/stkutil.c:1555:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rea->addr, data + 1, len - 1);
data/ofono-1.31/src/stkutil.c:1573:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(esn, data, len);
data/ofono-1.31/src/stkutil.c:1588:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decoded_apn[100];
data/ofono-1.31/src/stkutil.c:1607:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(decoded_apn + offset, data + 1, label_size);
data/ofono-1.31/src/stkutil.c:1646:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(attr->attributes, data, len);
data/ofono-1.31/src/stkutil.c:1667:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pcap->par, data, len);
data/ofono-1.31/src/stkutil.c:1686:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ital->list, data, len);
data/ofono-1.31/src/stkutil.c:1786:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fl->size, data + 1, fl->len);
data/ofono-1.31/src/stkutil.c:1861:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(meid, data, 8);
data/ofono-1.31/src/stkutil.c:1879:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mr->ref, data, len);
data/ofono-1.31/src/stkutil.c:1897:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mi->id, data, len);
data/ofono-1.31/src/stkutil.c:1915:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mts->status, data, len);
data/ofono-1.31/src/stkutil.c:1933:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mci->id, data, len);
data/ofono-1.31/src/stkutil.c:2018:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bni->loc_info, data + 1, bni->len);
data/ofono-1.31/src/stkutil.c:4027:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iter->value + iter->len, gsm, written);
data/ofono-1.31/src/stkutil.c:4053:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iter->value + iter->len, ucs2, ucs2_len);
data/ofono-1.31/src/stkutil.c:4090:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iter->value + iter->len, data, length);
data/ofono-1.31/src/stkutil.c:4454:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char byte0[3];
data/ofono-1.31/src/stkutil.c:5067:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char byte0[3];
data/ofono-1.31/src/stkutil.c:6413:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[3];
data/ofono-1.31/src/stkutil.h:759:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnc[OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/src/stkutil.h:760:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[OFONO_MAX_MCC_LENGTH + 1];
data/ofono-1.31/src/stkutil.h:1128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnc[OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/src/stkutil.h:1129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[OFONO_MAX_MCC_LENGTH + 1];
data/ofono-1.31/src/stkutil.h:1136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnc[OFONO_MAX_MNC_LENGTH + 1];
data/ofono-1.31/src/stkutil.h:1137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[OFONO_MAX_MCC_LENGTH + 1];
data/ofono-1.31/src/stkutil.h:1287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char language[3];
data/ofono-1.31/src/stkutil.h:1690:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char language_selection[3];
data/ofono-1.31/src/storage.c:99:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = L_TFR(open(path, O_RDONLY));
data/ofono-1.31/src/ussd.c:579:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[160];
data/ofono-1.31/src/ussd.c:649:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[160];
data/ofono-1.31/src/util.c:3652:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&result[1], ucs2, converted);
data/ofono-1.31/src/voicecall.c:202:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/ofono-1.31/src/voicecall.c:698:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[256];
data/ofono-1.31/src/voicecall.c:2679:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char en[7];
data/ofono-1.31/src/voicecall.c:2714:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char en[7];
data/ofono-1.31/src/voicecall.c:3248:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20 + OFONO_MAX_PHONE_NUMBER_LENGTH + 3 + 1];
data/ofono-1.31/src/voicecall.c:3305:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ofono-1.31/src/voicecall.c:3423:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, "+CHLD: (", 8);
data/ofono-1.31/src/voicecall.c:3575:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[OFONO_MAX_PHONE_NUMBER_LENGTH + 1];
data/ofono-1.31/src/voicecall.c:3610:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(number, str, len - 1);
data/ofono-1.31/tools/get-location.c:103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/tools/huawei-audio.c:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/ofono-1.31/tools/huawei-audio.c:118:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
modem->dsp_out = open("/dev/dsp", O_WRONLY, 0);
data/ofono-1.31/tools/huawei-audio.c:133:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/ttyUSB1", O_RDWR | O_NOCTTY);
data/ofono-1.31/tools/stktest.c:156:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[512+1];
data/ofono-1.31/tools/stktest.c:160:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf + i * 2, "%02hhX", data[i]);
data/ofono-1.31/tools/stktest.c:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ofono-1.31/tools/stktest.c:456:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/ofono-1.31/tools/stktest.c:500:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/ofono-1.31/tools/tty-redirector.c:146:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, O_RDWR | O_NOCTTY | O_CLOEXEC);
data/ofono-1.31/tools/tty-redirector.c:170:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, O_RDWR | O_NOCTTY | O_CLOEXEC);
data/ofono-1.31/tools/tty-redirector.c:184:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/ofono-1.31/unit/rilmodem-test-server.c:101:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &rsp, sizeof(rsp));
data/ofono-1.31/unit/rilmodem-test-server.c:106:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bufp, sd->rtd->rsp_data, sd->rtd->rsp_size);
data/ofono-1.31/unit/test-caif.c:48:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/chnlat11", O_RDWR);
data/ofono-1.31/unit/test-simutil.c:93:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[512], *pdu;
data/ofono-1.31/unit/test-simutil.c:119:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ber_tlv_builder_get_data(&nested_builder),
data/ofono-1.31/unit/test-simutil.c:135:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char efpnn0[64], efpnn1[64];
data/ofono-1.31/unit/test-simutil.c:194:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[512];
data/ofono-1.31/unit/test-simutil.c:199:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char access[3];
data/ofono-1.31/unit/test-simutil.c:413:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char access[3];
data/ofono-1.31/unit/test-simutil.c:481:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char path[6];
data/ofono-1.31/unit/test-simutil.c:492:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char path[6];
data/ofono-1.31/unit/test-simutil.c:503:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char auth_cmd[40];
data/ofono-1.31/unit/test-simutil.c:504:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char rand[16] = { 0x00, 0x01, 0x02, 0x03, 0x04,0x05,
data/ofono-1.31/unit/test-simutil.c:507:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char sres[4] = { 0x00, 0x11, 0x22, 0x33 };
data/ofono-1.31/unit/test-simutil.c:509:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char kc[8] = { 0xab, 0xcd, 0xef, 0x12, 0x34, 0x56,
data/ofono-1.31/unit/test-simutil.c:514:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char autn[16] = { 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a,
data/ofono-1.31/unit/test-simutil.c:517:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char res[8] = { 0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa,
data/ofono-1.31/unit/test-simutil.c:520:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char ck[16] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66,
data/ofono-1.31/unit/test-simutil.c:523:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char ik[16] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd,
data/ofono-1.31/unit/test-simutil.c:526:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char auts[16] = { 0xde, 0xea, 0xbe, 0xef, 0xde, 0xea,
data/ofono-1.31/unit/test-sms-root.c:69:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[176];
data/ofono-1.31/unit/test-sms.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ofono-1.31/unit/test-sms.c:293:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[176];
data/ofono-1.31/unit/test-sms.c:444:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[176];
data/ofono-1.31/unit/test-sms.c:534:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char evm_iei[140];
data/ofono-1.31/unit/test-sms.c:545:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char special_iei[4];
data/ofono-1.31/unit/test-sms.c:941:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ie_data[4];
data/ofono-1.31/unit/test-sms.c:1018:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[176];
data/ofono-1.31/unit/test-sms.c:1109:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[176];
data/ofono-1.31/unit/test-sms.c:1182:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[176];
data/ofono-1.31/unit/test-sms.c:1258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8_char[6];
data/ofono-1.31/unit/test-sms.c:1266:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(utf8 + i, utf8_char, stride);
data/ofono-1.31/unit/test-sms.c:1281:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(utf8 + i, utf8_char, stride);
data/ofono-1.31/unit/test-sms.c:1331:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[88];
data/ofono-1.31/unit/test-sms.c:1335:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iso639_lang[3];
data/ofono-1.31/unit/test-sms.c:1394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iso639_lang[3];
data/ofono-1.31/unit/test-sms.c:1479:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iso639_lang[3];
data/ofono-1.31/unit/test-sms.c:1569:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pdu[176];
data/ofono-1.31/unit/test-sms.c:1574:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sha1[SMS_MSGID_LEN] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
data/ofono-1.31/unit/test-sms.c:1577:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char id[SMS_MSGID_LEN];
data/ofono-1.31/unit/test-sms.c:1738:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char long_string[152*33 + 1];
data/ofono-1.31/unit/test-stkutil.c:14862:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char language[3];
data/ofono-1.31/unit/test-util.c:414:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2];
data/ofono-1.31/unit/test-util.c:470:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2];
data/ofono-1.31/unit/test-util.c:951:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2];
data/ofono-1.31/btio/btio.c:1196:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(sock, &c, 1) < 0) {
data/ofono-1.31/drivers/atmodem/atutil.c:171:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->phone_number.number, str,
data/ofono-1.31/drivers/atmodem/atutil.c:175:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(call->phone_number.number) > 0)
data/ofono-1.31/drivers/atmodem/atutil.c:286:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (r == FALSE || strlen(str) != 1)
data/ofono-1.31/drivers/atmodem/atutil.c:488:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line += strlen(prefix);
data/ofono-1.31/drivers/atmodem/call-barring.c:88:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(lock) != 2)
data/ofono-1.31/drivers/atmodem/call-barring.c:126:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(lock) != 2 || (cls && passwd == NULL))
data/ofono-1.31/drivers/atmodem/call-barring.c:169:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(lock) != 2)
data/ofono-1.31/drivers/atmodem/call-forwarding.c:97:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(list[num].phone_number.number, str, maxlen);
data/ofono-1.31/drivers/atmodem/gnss.c:112:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = g_try_new(char, strlen(xml) + 10);
data/ofono-1.31/drivers/atmodem/network-registration.c:66:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mcc, str, OFONO_MAX_MCC_LENGTH);
data/ofono-1.31/drivers/atmodem/network-registration.c:70:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mnc, str + OFONO_MAX_MCC_LENGTH, OFONO_MAX_MNC_LENGTH);
data/ofono-1.31/drivers/atmodem/network-registration.c:360:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(op.name, name, OFONO_MAX_OPERATOR_NAME_LENGTH);
data/ofono-1.31/drivers/atmodem/network-registration.c:363:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(op.mcc, nd->mcc, OFONO_MAX_MCC_LENGTH);
data/ofono-1.31/drivers/atmodem/network-registration.c:366:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(op.mnc, nd->mnc, OFONO_MAX_MNC_LENGTH);
data/ofono-1.31/drivers/atmodem/network-registration.c:528:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(l) > 0) {
data/ofono-1.31/drivers/atmodem/network-registration.c:530:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(list[num].name, l,
data/ofono-1.31/drivers/atmodem/network-registration.c:537:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > 0 && !have_long)
data/ofono-1.31/drivers/atmodem/network-registration.c:538:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(list[num].name, s,
data/ofono-1.31/drivers/atmodem/sim.c:748:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(entries[num]) < 5)
data/ofono-1.31/drivers/atmodem/sim.c:1266:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (needs_wavecom_sim_quirk(sd->vendor) && ok && strlen(final) > 7)
data/ofono-1.31/drivers/atmodem/sim.c:1696:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cmd + ret, "\"");
data/ofono-1.31/drivers/atmodem/sim.c:1913:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cmd + ret, "\"");
data/ofono-1.31/drivers/atmodem/sms.c:151:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sca.number, number, OFONO_MAX_PHONE_NUMBER_LENGTH);
data/ofono-1.31/drivers/atmodem/sms.c:388:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hexpdu) > sizeof(pdu) * 2) {
data/ofono-1.31/drivers/atmodem/sms.c:456:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hexpdu) > sizeof(pdu) * 2) {
data/ofono-1.31/drivers/atmodem/sms.c:502:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hexpdu) > sizeof(pdu) * 2)
data/ofono-1.31/drivers/atmodem/sms.c:695:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hexpdu) > sizeof(pdu) * 2)
data/ofono-1.31/drivers/atmodem/ussd.c:77:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(content) > sizeof(buf) * 2) /* Hex, 2 chars / byte */
data/ofono-1.31/drivers/atmodem/voicecall.c:126:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->phone_number.number, num,
data/ofono-1.31/drivers/atmodem/voicecall.c:224:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nc->name, oc->name,
data/ofono-1.31/drivers/atmodem/voicecall.c:363:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(num) > 0)
data/ofono-1.31/drivers/atmodem/voicecall.c:412:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "I");
data/ofono-1.31/drivers/atmodem/voicecall.c:415:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "i");
data/ofono-1.31/drivers/atmodem/voicecall.c:421:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ";");
data/ofono-1.31/drivers/atmodem/voicecall.c:621:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(dtmf);
data/ofono-1.31/drivers/atmodem/voicecall.c:772:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(num) > 0)
data/ofono-1.31/drivers/atmodem/voicecall.c:789:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->phone_number.number, num,
data/ofono-1.31/drivers/atmodem/voicecall.c:838:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->called_number.number, num,
data/ofono-1.31/drivers/atmodem/voicecall.c:880:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > 0)
data/ofono-1.31/drivers/atmodem/voicecall.c:892:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->name, name,
data/ofono-1.31/drivers/atmodem/voicecall.c:936:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(num) > 0)
data/ofono-1.31/drivers/atmodem/voicecall.c:1035:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ph.number, num, OFONO_MAX_PHONE_NUMBER_LENGTH);
data/ofono-1.31/drivers/calypsomodem/stk.c:109:9: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
len += sprintf(buf + len, "\"");
data/ofono-1.31/drivers/calypsomodem/stk.c:156:9: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
len += sprintf(buf + len, "\"");
data/ofono-1.31/drivers/calypsomodem/voicecall.c:89:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "I");
data/ofono-1.31/drivers/calypsomodem/voicecall.c:92:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "i");
data/ofono-1.31/drivers/calypsomodem/voicecall.c:98:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ";");
data/ofono-1.31/drivers/calypsomodem/voicecall.c:191:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(dtmf);
data/ofono-1.31/drivers/calypsomodem/voicecall.c:273:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(num) > 0) {
data/ofono-1.31/drivers/calypsomodem/voicecall.c:352:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call.phone_number.number, num,
data/ofono-1.31/drivers/gemaltomodem/voicecall.c:248:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(dtmf);
data/ofono-1.31/drivers/gemaltomodem/voicecall.c:357:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->phone_number.number, str,
data/ofono-1.31/drivers/gemaltomodem/voicecall.c:361:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > 0)
data/ofono-1.31/drivers/gemaltomodem/voicecall.c:496:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ph.number, num, OFONO_MAX_PHONE_NUMBER_LENGTH);
data/ofono-1.31/drivers/hfpmodem/handsfree.c:178:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(list[num].number, number,
data/ofono-1.31/drivers/hfpmodem/handsfree.c:328:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(phone_number.number, num,
data/ofono-1.31/drivers/hfpmodem/network-registration.c:89:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(op.name, name, HFP_MAX_OPERATOR_NAME_LENGTH);
data/ofono-1.31/drivers/hfpmodem/voicecall.c:125:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->phone_number.number, num,
data/ofono-1.31/drivers/hfpmodem/voicecall.c:396:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ";");
data/ofono-1.31/drivers/hfpmodem/voicecall.c:699:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(dtmf);
data/ofono-1.31/drivers/hfpmodem/voicecall.c:786:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(num) > 0)
data/ofono-1.31/drivers/hfpmodem/voicecall.c:911:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(num) > 0)
data/ofono-1.31/drivers/hfpmodem/voicecall.c:926:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->phone_number.number, num,
data/ofono-1.31/drivers/huaweimodem/voicecall.c:71:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->phone_number.number, num,
data/ofono-1.31/drivers/huaweimodem/voicecall.c:125:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "I");
data/ofono-1.31/drivers/huaweimodem/voicecall.c:128:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "i");
data/ofono-1.31/drivers/huaweimodem/voicecall.c:134:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ";");
data/ofono-1.31/drivers/huaweimodem/voicecall.c:237:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(num) > 0)
data/ofono-1.31/drivers/huaweimodem/voicecall.c:254:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->phone_number.number, num,
data/ofono-1.31/drivers/huaweimodem/voicecall.c:287:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(num) > 0)
data/ofono-1.31/drivers/ifxmodem/stk.c:112:9: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
len += sprintf(buf + len, "\"");
data/ofono-1.31/drivers/ifxmodem/stk.c:158:9: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
len += sprintf(buf + len, "\"");
data/ofono-1.31/drivers/ifxmodem/voicecall.c:102:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->phone_number.number, num,
data/ofono-1.31/drivers/ifxmodem/voicecall.c:316:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "I");
data/ofono-1.31/drivers/ifxmodem/voicecall.c:319:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "i");
data/ofono-1.31/drivers/ifxmodem/voicecall.c:325:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ";");
data/ofono-1.31/drivers/ifxmodem/voicecall.c:500:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(dtmf);
data/ofono-1.31/drivers/ifxmodem/voicecall.c:608:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(num) > 0)
data/ofono-1.31/drivers/ifxmodem/voicecall.c:625:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->phone_number.number, num,
data/ofono-1.31/drivers/ifxmodem/voicecall.c:665:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > 0)
data/ofono-1.31/drivers/ifxmodem/voicecall.c:677:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->name, name, OFONO_MAX_CALLER_NAME_LENGTH);
data/ofono-1.31/drivers/ifxmodem/voicecall.c:720:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(num) > 0)
data/ofono-1.31/drivers/ifxmodem/voicecall.c:733:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->phone_number.number, num, OFONO_MAX_PHONE_NUMBER_LENGTH);
data/ofono-1.31/drivers/ifxmodem/voicecall.c:766:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(num) == 0) {
data/ofono-1.31/drivers/ifxmodem/voicecall.c:783:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->phone_number.number, num, OFONO_MAX_PHONE_NUMBER_LENGTH);
data/ofono-1.31/drivers/ifxmodem/voicecall.c:943:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ph.number, num, OFONO_MAX_PHONE_NUMBER_LENGTH);
data/ofono-1.31/drivers/isimodem/call-forwarding.c:206:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t numlen = strlen(number->number);
data/ofono-1.31/drivers/isimodem/call-forwarding.c:360:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(list.phone_number.number, number,
data/ofono-1.31/drivers/isimodem/debug.c:1435:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hex, ""), j = 0;
data/ofono-1.31/drivers/isimodem/debug.c:1436:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(ascii, "."), k = 1;
data/ofono-1.31/drivers/isimodem/gprs-context.c:359:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t username_len = strlen(cd->username);
data/ofono-1.31/drivers/isimodem/gprs-context.c:360:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t password_len = strlen(cd->password);
data/ofono-1.31/drivers/isimodem/gprs-context.c:419:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t apn_len = strlen(cd->apn);
data/ofono-1.31/drivers/isimodem/gprs-context.c:532:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ctx->apn) >= GPDS_MAX_APN_STRING_LENGTH
data/ofono-1.31/drivers/isimodem/gprs-context.c:533:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(ctx->username) >= GPDS_MAX_USERNAME_LENGTH
data/ofono-1.31/drivers/isimodem/gprs-context.c:534:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(ctx->password) >= GPDS_MAX_PASSWORD_LENGTH)
data/ofono-1.31/drivers/isimodem/gprs-context.c:537:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cd->apn, ctx->apn, GPDS_MAX_APN_STRING_LENGTH);
data/ofono-1.31/drivers/isimodem/gprs-context.c:544:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cd->username, ctx->username, GPDS_MAX_USERNAME_LENGTH);
data/ofono-1.31/drivers/isimodem/gprs-context.c:546:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cd->password, ctx->password, GPDS_MAX_PASSWORD_LENGTH);
data/ofono-1.31/drivers/isimodem/network-registration.c:497:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(op.name, tag, OFONO_MAX_OPERATOR_NAME_LENGTH);
data/ofono-1.31/drivers/isimodem/network-registration.c:621:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(op->name, tag, OFONO_MAX_OPERATOR_NAME_LENGTH);
data/ofono-1.31/drivers/isimodem/network-registration.c:883:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nd->nitz_name, tag, OFONO_MAX_OPERATOR_NAME_LENGTH);
data/ofono-1.31/drivers/isimodem/sim.c:498:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = 2 + strlen(passwd) + 1;
data/ofono-1.31/drivers/isimodem/sms.c:363:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bcd[0] = 1 + (strlen(sca->number) + 1) / 2;
data/ofono-1.31/drivers/isimodem/uicc.c:159:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (read = 0; read < fcp_len; read += item_len + 2) {
data/ofono-1.31/drivers/isimodem/uicc.c:1034:77: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
static gboolean decode_fcp_pin_status(const GIsiSubBlockIter *iter, uint8_t read,
data/ofono-1.31/drivers/isimodem/uicc.c:1045:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!g_isi_sb_iter_get_byte(iter, &do_len, read))
data/ofono-1.31/drivers/isimodem/uicc.c:1098:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (read = 0; read < fcp_len; read += item_len + 2) {
data/ofono-1.31/drivers/isimodem/voicecall.c:230:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->address, addr, sizeof(call->address) - 1);
data/ofono-1.31/drivers/isimodem/voicecall.c:274:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->name, name, sizeof(call->name));
data/ofono-1.31/drivers/isimodem/voicecall.c:371:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->address, addr, sizeof call->address);
data/ofono-1.31/drivers/isimodem/voicecall.c:447:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ocall.clip_validity == 0 && strlen(number->number) == 0)
data/ofono-1.31/drivers/isimodem/voicecall.c:450:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ocall.cnap_validity == 0 && strlen(call->name) == 0)
data/ofono-1.31/drivers/isimodem/voicecall.c:646:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t addr_len = strlen(address);
data/ofono-1.31/drivers/isimodem/voicecall.c:680:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t addr_len = strlen(address);
data/ofono-1.31/drivers/isimodem/voicecall.c:1009:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(number->number, addr, len);
data/ofono-1.31/drivers/isimodem/voicecall.c:1346:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t addr_len = strlen(address);
data/ofono-1.31/drivers/isimodem/voicecall.c:1445:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t str_len = strlen(string);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:222:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sig_len = strlen(sig_start);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1226:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(signature) > sizeof(((struct container *) 0)->signature) - 1)
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1299:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(signature) > sizeof(((struct container *) 0)->signature) - 1)
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1361:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(signature) > sizeof(((struct container *) 0)->signature) - 1)
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1480:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(signature) > sizeof(subsig) - 1)
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1487:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stack[stack_index].sig_end = signature + strlen(signature);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1601:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stack[stack_index].sig_end = str + strlen(str);
data/ofono-1.31/drivers/mbimmodem/mbim-message.c:1621:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stack[stack_index].sig_end = str + strlen(str);
data/ofono-1.31/drivers/mbimmodem/mbim.c:424:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t len = L_TFR(read(fd,
data/ofono-1.31/drivers/mbimmodem/mbim.c:761:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = L_TFR(read(fd, buf,
data/ofono-1.31/drivers/mbimmodem/mbim.c:868:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = L_TFR(read(fd, buf,
data/ofono-1.31/drivers/mbimmodem/network-registration.c:180:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(op.name, provider_name, OFONO_MAX_OPERATOR_NAME_LENGTH);
data/ofono-1.31/drivers/mbimmodem/network-registration.c:183:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(op.mcc, provider_id, OFONO_MAX_MCC_LENGTH);
data/ofono-1.31/drivers/mbimmodem/network-registration.c:186:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(op.mnc, provider_id + OFONO_MAX_MCC_LENGTH,
data/ofono-1.31/drivers/mbimmodem/sms.c:106:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sca.number, p, OFONO_MAX_PHONE_NUMBER_LENGTH);
data/ofono-1.31/drivers/mbmmodem/stk.c:96:9: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
len += sprintf(buf + len, "\"");
data/ofono-1.31/drivers/mbmmodem/stk.c:142:9: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
len += sprintf(buf + len, "\"");
data/ofono-1.31/drivers/qmimodem/gprs-context.c:280:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ctx->apn), ctx->apn);
data/ofono-1.31/drivers/qmimodem/gprs-context.c:291:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ctx->username), ctx->username);
data/ofono-1.31/drivers/qmimodem/gprs-context.c:295:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ctx->password), ctx->password);
data/ofono-1.31/drivers/qmimodem/lte.c:93:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(info->apn), info->apn);
data/ofono-1.31/drivers/qmimodem/network-registration.c:145:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(operator->name, plmn->desc, opname_len);
data/ofono-1.31/drivers/qmimodem/network-registration.c:319:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(list[i].name, netinfo->desc, netinfo->desc_len);
data/ofono-1.31/drivers/qmimodem/qmi.c:870:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = read(device->fd, buf, sizeof(buf));
data/ofono-1.31/drivers/qmimodem/qmi.c:1560:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &value, 1) != 1) {
data/ofono-1.31/drivers/qmimodem/sim-legacy.c:84:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/ofono-1.31/drivers/qmimodem/sim.c:742:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
passwd_len = strlen(passwd);
data/ofono-1.31/drivers/qmimodem/sms.c:80:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sca.number, smsc->addr + 1, smsc->addr_len - 1);
data/ofono-1.31/drivers/qmimodem/sms.c:84:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sca.number, smsc->addr, smsc->addr_len);
data/ofono-1.31/drivers/qmimodem/sms.c:153:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(number), number);
data/ofono-1.31/drivers/qmimodem/sms.c:155:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(type), type);
data/ofono-1.31/drivers/qmimodem/ussd.c:236:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
utf8_len = strlen(utf8);
data/ofono-1.31/drivers/rilmodem/call-forwarding.c:101:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(list[i].phone_number.number, str,
data/ofono-1.31/drivers/rilmodem/gprs-context.c:424:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ifname == NULL || strlen(ifname) == 0) {
data/ofono-1.31/drivers/rilmodem/lte.c:80:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(info->apn) > 0) {
data/ofono-1.31/drivers/rilmodem/netmon.c:162:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_mcc, "");
data/ofono-1.31/drivers/rilmodem/netmon.c:167:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_mnc, "");
data/ofono-1.31/drivers/rilmodem/netmon.c:195:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_mcc, "");
data/ofono-1.31/drivers/rilmodem/netmon.c:200:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s_mnc, "");
data/ofono-1.31/drivers/rilmodem/network-registration.c:235:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mcc, str, OFONO_MAX_MCC_LENGTH);
data/ofono-1.31/drivers/rilmodem/network-registration.c:239:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mnc, str + OFONO_MAX_MCC_LENGTH, OFONO_MAX_MNC_LENGTH);
data/ofono-1.31/drivers/rilmodem/network-registration.c:393:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(op->name, lalpha, OFONO_MAX_OPERATOR_NAME_LENGTH);
data/ofono-1.31/drivers/rilmodem/network-registration.c:395:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(op->name, salpha, OFONO_MAX_OPERATOR_NAME_LENGTH);
data/ofono-1.31/drivers/rilmodem/sms.c:124:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sca.number, number, OFONO_MAX_PHONE_NUMBER_LENGTH);
data/ofono-1.31/drivers/rilmodem/sms.c:427:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ril_pdu_len = strlen(ril_pdu);
data/ofono-1.31/drivers/rilmodem/voicecall.c:186:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->phone_number.number, number,
data/ofono-1.31/drivers/rilmodem/voicecall.c:194:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->name, name,
data/ofono-1.31/drivers/rilmodem/voicecall.c:202:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(call->phone_number.number) > 0)
data/ofono-1.31/drivers/rilmodem/voicecall.c:629:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(number.number, tmp_number,
data/ofono-1.31/drivers/rilmodem/voicecall.c:659:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int remaining = strlen(tmp_tone_queue);
data/ofono-1.31/drivers/rilmodem/voicecall.c:683:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(vd->tone_queue) == 0)
data/ofono-1.31/drivers/stemodem/caif_rtnl.c:88:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifname, RTA_DATA(attr), IF_NAMESIZE - 1);
data/ofono-1.31/drivers/stemodem/gprs-context.c:121:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rsp->current, text, IP_ADDR_LEN);
data/ofono-1.31/drivers/stemodem/gprs-context.c:208:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(res_string);
data/ofono-1.31/drivers/stemodem/voicecall.c:123:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->phone_number.number, num,
data/ofono-1.31/drivers/stemodem/voicecall.c:204:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "I");
data/ofono-1.31/drivers/stemodem/voicecall.c:207:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "i");
data/ofono-1.31/drivers/stemodem/voicecall.c:211:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ";");
data/ofono-1.31/drivers/stemodem/voicecall.c:386:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = g_try_new(char, strlen(dtmf) + 8);
data/ofono-1.31/drivers/stemodem/voicecall.c:508:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(num) > 0)
data/ofono-1.31/drivers/telitmodem/gprs-context-ncm.c:176:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&ip_mask[strlen(gcd->address) + 1],
data/ofono-1.31/drivers/ubloxmodem/gprs-context.c:368:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
u_len = strlen(username);
data/ofono-1.31/drivers/ubloxmodem/gprs-context.c:369:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p_len = strlen(password);
data/ofono-1.31/drivers/ubloxmodem/lte.c:135:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(info->apn) > 0)
data/ofono-1.31/drivers/ubloxmodem/lte.c:143:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(info->apn) > 0)
data/ofono-1.31/dundee/main.c:67:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = read(fd, &si, sizeof(si));
data/ofono-1.31/ell/file.c:67:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(fd, contents + bytes_read, 4096);
data/ofono-1.31/ell/log.c:89:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(addr.sun_path, path, sizeof(addr.sun_path) - 1);
data/ofono-1.31/ell/log.c:231:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iov[4].iov_len = strlen(file);
data/ofono-1.31/ell/log.c:237:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iov[7].iov_len = strlen(line);
data/ofono-1.31/ell/log.c:243:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iov[10].iov_len = strlen(func);
data/ofono-1.31/ell/main.c:344:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = send(notify_fd, state, strlen(state), MSG_NOSIGNAL);
data/ofono-1.31/ell/main.c:384:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(addr.sun_path, sock, sizeof(addr.sun_path) - 1);
data/ofono-1.31/ell/signal.c:97:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = read(fd, &si, sizeof(si));
data/ofono-1.31/ell/string.c:156:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(src);
data/ofono-1.31/ell/strv.c:189:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(str_array[i]);
data/ofono-1.31/ell/timeout.c:76:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = read(timeout->fd, &expired, sizeof(expired));
data/ofono-1.31/ell/util.c:263:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t src_len = src ? strlen(src) : 0;
data/ofono-1.31/ell/util.c:304:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_len = strlen(str);
data/ofono-1.31/ell/util.c:305:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix_len = strlen(prefix);
data/ofono-1.31/ell/util.c:334:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_len = strlen(str);
data/ofono-1.31/ell/util.c:335:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
suffix_len = strlen(suffix);
data/ofono-1.31/ell/util.c:622:9: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
while (fscanf(fp, "%*s %" L_STRINGIFY(PATH_MAX) "s %99s %*s %*d %*d\n",
data/ofono-1.31/ell/uuid.c:236:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(src) < 16 * 2 + 4)
data/ofono-1.31/gatchat/gatchat.c:264:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(cmd);
data/ofono-1.31/gatchat/gatchat.c:848:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(cmd->cmd);
data/ofono-1.31/gatchat/gatchat.c:875:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(chat->wakeup);
data/ofono-1.31/gatchat/gatchat.c:1062:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (chat->cmd_bytes_written != strlen(cmd->cmd))
data/ofono-1.31/gatchat/gatchat.c:1195:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (prefix == NULL || strlen(prefix) == 0)
data/ofono-1.31/gatchat/gatppp.c:587:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (username && strlen(username) > 255)
data/ofono-1.31/gatchat/gatppp.c:590:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (password && strlen(password) > 255)
data/ofono-1.31/gatchat/gatresult.c:45:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int prefix_len = prefix ? strlen(prefix) : 0;
data/ofono-1.31/gatchat/gatresult.c:50:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
linelen = strlen(line);
data/ofono-1.31/gatchat/gatresult.c:65:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (iter->line_pos < strlen(line) &&
data/ofono-1.31/gatchat/gatresult.c:124:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/ofono-1.31/gatchat/gatresult.c:173:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/ofono-1.31/gatchat/gatresult.c:225:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/ofono-1.31/gatchat/gatresult.c:280:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/ofono-1.31/gatchat/gatresult.c:315:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/ofono-1.31/gatchat/gatresult.c:347:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/ofono-1.31/gatchat/gatresult.c:393:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(line);
data/ofono-1.31/gatchat/gatresult.c:443:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iter->line_pos = skip_to_next_field(line, skipped_to, strlen(line));
data/ofono-1.31/gatchat/gatresult.c:460:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/ofono-1.31/gatchat/gatresult.c:470:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (iter->line_pos < strlen(line) &&
data/ofono-1.31/gatchat/gatresult.c:489:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/ofono-1.31/gatchat/gatserver.c:191:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(result) > 2048)
data/ofono-1.31/gatchat/gatserver.c:268:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) > 2048)
data/ofono-1.31/gatchat/gatserver.c:812:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(buf);
data/ofono-1.31/gatchat/gatserver.c:825:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int len = strlen(line);
data/ofono-1.31/gatchat/gatserver.c:1442:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (prefix == NULL || strlen(prefix) == 0)
data/ofono-1.31/gatchat/gatserver.c:1465:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (prefix == NULL || strlen(prefix) == 0)
data/ofono-1.31/gatchat/gatutil.c:41:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gsize esc_size = strlen(esc);
data/ofono-1.31/gatchat/gatutil.c:43:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gsize ctrlz_size = strlen(ctrlz);
data/ofono-1.31/gatchat/gsmdial.c:138:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(signal_fd, &si, sizeof(si));
data/ofono-1.31/gatchat/ppp_auth.c:108:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_checksum_update(checksum, (guchar *) secret, strlen(secret));
data/ofono-1.31/gatchat/ppp_auth.c:121:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
response_length += strlen(username);
data/ofono-1.31/gatchat/ppp_auth.c:140:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(username));
data/ofono-1.31/gatchat/ppp_auth.c:260:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = sizeof(*authreq) + strlen(username) + strlen(password) + 2;
data/ofono-1.31/gatchat/ppp_auth.c:260:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = sizeof(*authreq) + strlen(username) + strlen(password) + 2;
data/ofono-1.31/gatchat/ppp_auth.c:274:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
authreq->data[0] = (unsigned char) strlen(username);
data/ofono-1.31/gatchat/ppp_auth.c:275:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(authreq->data + 1, username, strlen(username));
data/ofono-1.31/gatchat/ppp_auth.c:276:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
authreq->data[strlen(username) + 1] = (unsigned char)strlen(password);
data/ofono-1.31/gatchat/ppp_auth.c:276:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
authreq->data[strlen(username) + 1] = (unsigned char)strlen(password);
data/ofono-1.31/gatchat/ppp_auth.c:277:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(authreq->data + 1 + strlen(username) + 1, password,
data/ofono-1.31/gatchat/ppp_auth.c:278:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(password));
data/ofono-1.31/gatchat/ppp_net.c:67:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, net->if_name, IFNAMSIZ - 1);
data/ofono-1.31/gatchat/test-server.c:1011:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(addr.sun_path, sock_path, sizeof(addr.sun_path) - 1);
data/ofono-1.31/gatchat/test-server.c:1065:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(signal_fd, &si, sizeof(si));
data/ofono-1.31/gdbus/object.c:703:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(parent_path))
data/ofono-1.31/gril/gril.c:831:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(addr.sun_path, sock_path, sizeof(addr.sun_path) - 1);
data/ofono-1.31/plugins/file-provision.c:58:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
setting_group = g_try_malloc(strlen("operator:") + strlen(mcc) +
data/ofono-1.31/plugins/file-provision.c:58:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
setting_group = g_try_malloc(strlen("operator:") + strlen(mcc) +
data/ofono-1.31/plugins/file-provision.c:59:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(mnc) + 2);
data/ofono-1.31/plugins/nokia-gpio.c:221:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(20000);
data/ofono-1.31/src/call-barring.c:396:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sic) > 0)
data/ofono-1.31/src/call-barring.c:399:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dn) > 0)
data/ofono-1.31/src/call-barring.c:436:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sib) > 0) {
data/ofono-1.31/src/call-barring.c:767:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(prefix);
data/ofono-1.31/src/call-forwarding.c:223:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
number_len = strlen(cfu_voice->phone_number.number);
data/ofono-1.31/src/call-forwarding.c:600:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(prefix);
data/ofono-1.31/src/call-forwarding.c:630:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(prefix);
data/ofono-1.31/src/call-forwarding.c:788:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(number) > 0 && !valid_phone_number_format(number))
data/ofono-1.31/src/call-forwarding.c:1090:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sia) &&
data/ofono-1.31/src/call-forwarding.c:1102:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (type == SS_CONTROL_TYPE_ACTIVATION && strlen(sia) > 0)
data/ofono-1.31/src/call-forwarding.c:1109:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sib) > 0) {
data/ofono-1.31/src/call-forwarding.c:1124:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sic) > 0) {
data/ofono-1.31/src/call-meter.c:138:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value) > 3) {
data/ofono-1.31/src/call-meter.c:146:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cm->currency, value, 3);
data/ofono-1.31/src/call-meter.c:503:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value) > 3)
data/ofono-1.31/src/call-settings.c:513:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sib) || strlen(sib) || strlen(dn))
data/ofono-1.31/src/call-settings.c:513:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sib) || strlen(sib) || strlen(dn))
data/ofono-1.31/src/call-settings.c:513:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sib) || strlen(sib) || strlen(dn))
data/ofono-1.31/src/call-settings.c:522:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sia) > 0) {
data/ofono-1.31/src/call-settings.c:698:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (type != SS_CONTROL_TYPE_QUERY || strlen(sia) || strlen(sib) ||
data/ofono-1.31/src/call-settings.c:698:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (type != SS_CONTROL_TYPE_QUERY || strlen(sia) || strlen(sib) ||
data/ofono-1.31/src/call-settings.c:699:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(sic) || strlen(dn)) {
data/ofono-1.31/src/call-settings.c:699:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(sic) || strlen(dn)) {
data/ofono-1.31/src/call-settings.c:811:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(sia) && !strlen(sib) & !strlen(sic) &&
data/ofono-1.31/src/call-settings.c:811:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(sia) && !strlen(sib) & !strlen(sic) &&
data/ofono-1.31/src/call-settings.c:811:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(sia) && !strlen(sib) & !strlen(sic) &&
data/ofono-1.31/src/call-settings.c:812:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(dn) && type != SS_CONTROL_TYPE_QUERY)
data/ofono-1.31/src/call-settings.c:815:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sia) || strlen(sib) || strlen(sic) || strlen(dn)) {
data/ofono-1.31/src/call-settings.c:815:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sia) || strlen(sib) || strlen(sic) || strlen(dn)) {
data/ofono-1.31/src/call-settings.c:815:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sia) || strlen(sib) || strlen(sic) || strlen(dn)) {
data/ofono-1.31/src/call-settings.c:815:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sia) || strlen(sib) || strlen(sic) || strlen(dn)) {
data/ofono-1.31/src/call-settings.c:1274:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(prefix);
data/ofono-1.31/src/cdma-connman.c:92:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, interface, IFNAMSIZ - 1);
data/ofono-1.31/src/cdma-connman.c:405:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(username) > OFONO_CDMA_CONNMAN_MAX_USERNAME_LENGTH)
data/ofono-1.31/src/cdma-connman.c:429:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(password) > OFONO_CDMA_CONNMAN_MAX_PASSWORD_LENGTH)
data/ofono-1.31/src/cdma-provision.c:36:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sid == NULL || strlen(sid) == 0)
data/ofono-1.31/src/cdma-voicecall.c:364:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tones);
data/ofono-1.31/src/common.c:241:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(number);
data/ofono-1.31/src/common.c:288:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(number);
data/ofono-1.31/src/common.c:429:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ph->type == 145 && (strlen(ph->number) > 0) &&
data/ofono-1.31/src/common.c:432:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer + 1, ph->number, OFONO_MAX_PHONE_NUMBER_LENGTH);
data/ofono-1.31/src/common.c:435:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, ph->number, OFONO_MAX_PHONE_NUMBER_LENGTH + 1);
data/ofono-1.31/src/common.c:458:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, ph->number, OFONO_CDMA_MAX_PHONE_NUMBER_LENGTH);
data/ofono-1.31/src/common.c:472:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
data/ofono-1.31/src/common.c:543:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
data/ofono-1.31/src/common.c:587:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(*dn) > 0 && !valid_phone_number_format(*dn))
data/ofono-1.31/src/common.c:600:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(*sc) < 2 || strlen(*sc) > 3)
data/ofono-1.31/src/common.c:600:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(*sc) < 2 || strlen(*sc) > 3)
data/ofono-1.31/src/common.c:603:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(*sc); i++)
data/ofono-1.31/src/common.c:720:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(apn) > OFONO_GPRS_MAX_APN_LENGTH)
data/ofono-1.31/src/emulator.c:542:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(ind->name) + 15;
data/ofono-1.31/src/gprs-provision.c:57:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mcc == NULL || strlen(mcc) == 0 || mnc == NULL || strlen(mnc) == 0)
data/ofono-1.31/src/gprs-provision.c:57:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mcc == NULL || strlen(mcc) == 0 || mnc == NULL || strlen(mnc) == 0)
data/ofono-1.31/src/gprs.c:983:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(username) > OFONO_GPRS_MAX_USERNAME_LENGTH)
data/ofono-1.31/src/gprs.c:1013:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(password) > OFONO_GPRS_MAX_PASSWORD_LENGTH)
data/ofono-1.31/src/gprs.c:1099:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > MAX_CONTEXT_NAME_LENGTH)
data/ofono-1.31/src/gprs.c:1127:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(proxy) > MAX_MESSAGE_PROXY_LENGTH)
data/ofono-1.31/src/gprs.c:1156:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(center) > MAX_MESSAGE_CENTER_LENGTH)
data/ofono-1.31/src/gprs.c:1422:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctx->key = ctx->path + strlen(basepath) + 1;
data/ofono-1.31/src/gprs.c:2015:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(apn) > OFONO_GPRS_MAX_APN_LENGTH
data/ofono-1.31/src/gprs.c:2052:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pri_ctx->context.apn) == 0) {
data/ofono-1.31/src/gprs.c:2371:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ap->name && strlen(ap->name) > MAX_CONTEXT_NAME_LENGTH)
data/ofono-1.31/src/gprs.c:2378:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ap->username) > OFONO_GPRS_MAX_USERNAME_LENGTH)
data/ofono-1.31/src/gprs.c:2382:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ap->password) > OFONO_GPRS_MAX_PASSWORD_LENGTH)
data/ofono-1.31/src/gprs.c:2386:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ap->message_proxy) > MAX_MESSAGE_PROXY_LENGTH)
data/ofono-1.31/src/gprs.c:2390:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ap->message_center) > MAX_MESSAGE_CENTER_LENGTH)
data/ofono-1.31/src/gprs.c:3237:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(username) > OFONO_GPRS_MAX_USERNAME_LENGTH)
data/ofono-1.31/src/gprs.c:3253:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(password) > OFONO_GPRS_MAX_PASSWORD_LENGTH)
data/ofono-1.31/src/handsfree.c:298:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(subscriber_number->number, numbers[num].number,
data/ofono-1.31/src/log.c:131:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathlen = strlen(program_path);
data/ofono-1.31/src/log.c:188:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(infd[0], buf, sizeof(buf) - 1);
data/ofono-1.31/src/lte.c:109:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (username && strlen(username) <= OFONO_GPRS_MAX_USERNAME_LENGTH)
data/ofono-1.31/src/lte.c:112:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (password && strlen(password) <= OFONO_GPRS_MAX_PASSWORD_LENGTH)
data/ofono-1.31/src/lte.c:288:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > OFONO_GPRS_MAX_USERNAME_LENGTH)
data/ofono-1.31/src/lte.c:297:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > OFONO_GPRS_MAX_PASSWORD_LENGTH)
data/ofono-1.31/src/main.c:68:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = read(fd, &si, sizeof(si));
data/ofono-1.31/src/modem.c:1883:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(type) > 16)
data/ofono-1.31/src/modem.c:1897:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(type) > 16)
data/ofono-1.31/src/modem.c:1900:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name && strlen(name) > 64)
data/ofono-1.31/src/netmon.c:87:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mcc && strlen(mcc))
data/ofono-1.31/src/netmon.c:96:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mnc && strlen(mnc))
data/ofono-1.31/src/network.c:389:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (spn == NULL || strlen(spn) == 0) {
data/ofono-1.31/src/network.c:441:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(opd->name, name, OFONO_MAX_OPERATOR_NAME_LENGTH);
data/ofono-1.31/src/network.c:2028:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, get_operator_display_name(netreg), 16);
data/ofono-1.31/src/phonebook.c:95:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line_number = strlen(buf) / line_delimit + 1;
data/ofono-1.31/src/phonebook.c:98:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_temp = MIN(line_delimit, strlen(buf) - line_delimit * i);
data/ofono-1.31/src/phonebook.c:148:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
add_slash(field, text, LEN_MAX, strlen(text));
data/ofono-1.31/src/phonebook.c:158:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (number == NULL || !strlen(number) || !type)
data/ofono-1.31/src/phonebook.c:192:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(group);
data/ofono-1.31/src/phonebook.c:206:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(email);
data/ofono-1.31/src/phonebook.c:221:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sip_uri);
data/ofono-1.31/src/phonebook.c:302:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/ofono-1.31/src/phonebook.c:318:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*str1 == NULL) && (str2 != NULL) && (strlen(str2) != 0))
data/ofono-1.31/src/phonebook.c:372:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len_text = strlen(text) - 2;
data/ofono-1.31/src/phonebook.c:378:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(person->text) == len_text))
data/ofono-1.31/src/sim-auth.c:661:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(imsi) == 16) {
data/ofono-1.31/src/sim-auth.c:698:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->path = g_new0(char, strlen(path) + 34);
data/ofono-1.31/src/sim-auth.c:713:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new->path = g_new0(char, strlen(path) + 34);
data/ofono-1.31/src/sim.c:1087:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xpm_len = strlen(xpm);
data/ofono-1.31/src/sim.c:1729:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sim->mcc, sim->imsi, OFONO_MAX_MCC_LENGTH);
data/ofono-1.31/src/sim.c:1731:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sim->mnc, sim->imsi + OFONO_MAX_MCC_LENGTH,
data/ofono-1.31/src/sim.c:1781:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(imsi + 1) % 2) != parity)
data/ofono-1.31/src/sim.c:3040:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sim->spn) == 0) {
data/ofono-1.31/src/sim.c:3519:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(pin);
data/ofono-1.31/src/simfs.c:480:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (L_TFR(read(fs->fd, op->buffer + bufoff, toread)) != toread)
data/ofono-1.31/src/simfs.c:572:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (L_TFR(read(fs->fd, buf, op->record_length)) !=
data/ofono-1.31/src/simfs.c:776:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = L_TFR(read(fd, fileinfo, SIM_CACHE_HEADER_SIZE));
data/ofono-1.31/src/simfs.c:1161:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write_file((const unsigned char *) image, strlen(image),
data/ofono-1.31/src/simfs.c:1205:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = L_TFR(read(fd, buffer, image_length));
data/ofono-1.31/src/simutil.c:1244:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int number_len = strlen(ph->number);
data/ofono-1.31/src/sms.c:364:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sms->sca.number, sca->number, OFONO_MAX_PHONE_NUMBER_LENGTH);
data/ofono-1.31/src/sms.c:558:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value) == 0 || !valid_phone_number_format(value))
data/ofono-1.31/src/smsutil.c:529:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(addr);
data/ofono-1.31/src/smsutil.c:552:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (g_utf8_strlen(addr, strlen(addr)) > 11)
data/ofono-1.31/src/smsutil.c:689:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(utf8) > 22) {
data/ofono-1.31/src/smsutil.c:1891:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(addr->address) > 0) &&
data/ofono-1.31/src/smsutil.c:2784:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(msgid_str) != 2 * SMS_MSGID_LEN)
data/ofono-1.31/src/smsutil.c:3002:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r_len = strlen(r_addr);
data/ofono-1.31/src/smsutil.c:3003:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_len = strlen(s_addr);
data/ofono-1.31/src/smsutil.c:3303:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(uuid) != 2 * SMS_MSGID_LEN)
data/ofono-1.31/src/smsutil.c:4498:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/ofono-1.31/src/stkagent.c:551:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(digit) != 1 || !strspn(digit, "0123456789*#+")) {
data/ofono-1.31/src/stkagent.c:732:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(string);
data/ofono-1.31/src/stkutil.c:2758:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sc_address.number) > 20) {
data/ofono-1.31/src/stkutil.c:3981:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/ofono-1.31/src/stkutil.c:4015:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/ofono-1.31/src/stkutil.c:4108:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (strlen(addr->number) + 1) / 2;
data/ofono-1.31/src/stkutil.c:4128:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(data) == 0)
data/ofono-1.31/src/stkutil.c:4274:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (strlen(addr->number) + 1) / 2;
data/ofono-1.31/src/stkutil.c:4462:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(imei) != 15)
data/ofono-1.31/src/stkutil.c:4720:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(data);
data/ofono-1.31/src/stkutil.c:5075:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(imeisv) != 16)
data/ofono-1.31/src/stkutil.c:5160:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(meid) != 16)
data/ofono-1.31/src/stkutil.c:6288:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
struct l_string *string = l_string_new(strlen(utf8) + 1);
data/ofono-1.31/src/stkutil.c:6462:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xpm = l_string_new(strlen(xpm_header) + strlen(declaration) +
data/ofono-1.31/src/stkutil.c:6462:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xpm = l_string_new(strlen(xpm_header) + strlen(declaration) +
data/ofono-1.31/src/storage.c:64:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dir = g_try_malloc(strlen(filename) + 1);
data/ofono-1.31/src/storage.c:68:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dir, "/");
data/ofono-1.31/src/storage.c:75:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(dir, prev + 1, next - prev);
data/ofono-1.31/src/storage.c:106:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = L_TFR(read(fd, buffer, len));
data/ofono-1.31/src/ussd.c:208:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcmp(sc, "03") || strlen(dn))
data/ofono-1.31/src/ussd.c:589:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) == 0)
data/ofono-1.31/src/ussd.c:662:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) == 0)
data/ofono-1.31/src/util.c:3199:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(in);
data/ofono-1.31/src/voicecall.c:180:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (clip_validity == CLIP_VALIDITY_WITHHELD && !strlen(n->number))
data/ofono-1.31/src/voicecall.c:191:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (cnap_validity == CNAP_VALIDITY_WITHHELD && !strlen(name))
data/ofono-1.31/src/voicecall.c:1040:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(call->name, name, OFONO_MAX_CALLER_NAME_LENGTH);
data/ofono-1.31/src/voicecall.c:1343:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(clirstr) == 0 || !strcmp(clirstr, "default")) {
data/ofono-1.31/src/voicecall.c:1997:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(callpath) == 0)
data/ofono-1.31/src/voicecall.c:2194:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(in_tones);
data/ofono-1.31/src/voicecall.c:2443:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(number, req->ph.number,
data/ofono-1.31/src/voicecall.c:3585:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/ofono-1.31/src/voicecall.c:3891:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req->ph.number, addr, OFONO_MAX_PHONE_NUMBER_LENGTH);
data/ofono-1.31/src/voicecall.c:4052:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req->ph.number, addr, OFONO_MAX_PHONE_NUMBER_LENGTH);
data/ofono-1.31/tools/get-location.c:106:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ret = read(fd, buf, sizeof(buf) - 1)) >= 0) {
data/ofono-1.31/tools/get-location.c:173:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(signal_fd, &si, sizeof(si));
data/ofono-1.31/tools/huawei-audio.c:91:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rlen = read(fd, buf, sizeof(buf));
data/ofono-1.31/tools/tty-redirector.c:85:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = read(fd, &si, sizeof(si));
data/ofono-1.31/tools/tty-redirector.c:152:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
written = write(fd, value, strlen(value));
data/ofono-1.31/tools/tty-redirector.c:190:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = read(input_fd, buf, sizeof(buf));
data/ofono-1.31/unit/rilmodem-test-engine.c:178:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(addr.sun_path, ed->sock_name, sizeof(addr.sun_path) - 1);
data/ofono-1.31/unit/rilmodem-test-server.c:184:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(addr.sun_path, RIL_SERVER_SOCK_PATH, sizeof(addr.sun_path) - 1);
data/ofono-1.31/unit/test-common.c:85:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ret == TRUE && strlen(sid))
data/ofono-1.31/unit/test-common.c:136:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sid))
data/ofono-1.31/unit/test-sms.c:170:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(pdu_len == strlen(simple_deliver) / 2);
data/ofono-1.31/unit/test-sms.c:236:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(pdu_len == strlen(alnum_sender) / 2);
data/ofono-1.31/unit/test-sms.c:300:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(pdu_len == strlen(simple_deliver) / 2);
data/ofono-1.31/unit/test-sms.c:327:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(pdu_len == strlen(alnum_sender) / 2);
data/ofono-1.31/unit/test-sms.c:355:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(pdu_len == strlen(unicode_deliver) / 2);
data/ofono-1.31/unit/test-sms.c:393:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(pdu_len == strlen(simple_submit) / 2);
data/ofono-1.31/unit/test-sms.c:403:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(strlen(sms.sc_addr.address) == 0);
data/ofono-1.31/unit/test-sms.c:451:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(pdu_len == strlen(simple_submit) / 2);
data/ofono-1.31/unit/test-sms.c:489:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(pdu_len == strlen(simple_mwi) / 2);
data/ofono-1.31/unit/test-sms.c:748:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(pdu_len == strlen(data->pdu) / 2);
data/ofono-1.31/unit/test-sms.c:920:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(pdu_len == strlen(test->pdu) / 2);
data/ofono-1.31/unit/test-sms.c:1192:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("strlen: %zd\n", strlen(test->str));
data/ofono-1.31/unit/test-sms.c:1341:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(pdu_len == strlen(cbs1) / 2);
data/ofono-1.31/unit/test-stkutil.c:134:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (test != NULL && strlen(test) > 0)
data/ofono-1.31/unit/test-stkutil.c:570:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(memcmp(html, expected_html, strlen(expected_html)) == 0);
data/ofono-1.31/unit/test-stkutil.c:22275:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(memcmp(xpm, test->xpm, strlen(test->xpm)) == 0);
data/ofono-1.31/unit/test-util.c:537:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned int)strlen(sms));
data/ofono-1.31/unit/test-util.c:614:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)strlen(hex_packed));
data/ofono-1.31/unit/test-util.c:616:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(strlen(hex_packed) == strlen(sms));
data/ofono-1.31/unit/test-util.c:616:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_assert(strlen(hex_packed) == strlen(sms));
data/ofono-1.31/unit/test-util.c:979:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
back = convert_utf8_to_gsm(utf8, strlen(utf8), &nread,
ANALYSIS SUMMARY:
Hits = 1775
Lines analyzed = 259067 in approximately 5.22 seconds (49599 lines/second)
Physical Source Lines of Code (SLOC) = 189949
Hits@level = [0] 450 [1] 438 [2] 1090 [3] 52 [4] 194 [5] 1
Hits@level+ = [0+] 2225 [1+] 1775 [2+] 1337 [3+] 247 [4+] 195 [5+] 1
Hits/KSLOC@level+ = [0+] 11.7137 [1+] 9.34461 [2+] 7.03873 [3+] 1.30035 [4+] 1.02659 [5+] 0.00526457
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.