Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/pen-0.34.1/pen_kqueue.h Examining data/pen-0.34.1/poll.c Examining data/pen-0.34.1/idlers.c Examining data/pen-0.34.1/pen_epoll.h Examining data/pen-0.34.1/ssl.c Examining data/pen-0.34.1/acl.c Examining data/pen-0.34.1/dsr.h Examining data/pen-0.34.1/penctl.c Examining data/pen-0.34.1/netconv.h Examining data/pen-0.34.1/diag.h Examining data/pen-0.34.1/client.h Examining data/pen-0.34.1/conn.h Examining data/pen-0.34.1/diag.c Examining data/pen-0.34.1/event.h Examining data/pen-0.34.1/settings.c Examining data/pen-0.34.1/pen_select.h Examining data/pen-0.34.1/memory.h Examining data/pen-0.34.1/mergelogs.c Examining data/pen-0.34.1/client.c Examining data/pen-0.34.1/dsr.c Examining data/pen-0.34.1/pen.c Examining data/pen-0.34.1/memory.c Examining data/pen-0.34.1/windows.h Examining data/pen-0.34.1/acl.h Examining data/pen-0.34.1/conn.c Examining data/pen-0.34.1/select.c Examining data/pen-0.34.1/penlog.c Examining data/pen-0.34.1/server.h Examining data/pen-0.34.1/event.c Examining data/pen-0.34.1/dlist.c Examining data/pen-0.34.1/windows.c Examining data/pen-0.34.1/dlist.h Examining data/pen-0.34.1/penlogd.c Examining data/pen-0.34.1/epoll.c Examining data/pen-0.34.1/kqueue.c Examining data/pen-0.34.1/settings.h Examining data/pen-0.34.1/pen.h Examining data/pen-0.34.1/idlers.h Examining data/pen-0.34.1/pen_poll.h Examining data/pen-0.34.1/server.c Examining data/pen-0.34.1/ssl.h Examining data/pen-0.34.1/netconv.c FINAL RESULTS: data/pen-0.34.1/diag.c:22:13: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. static void syslog(int priority, const char *format, ...) data/pen-0.34.1/diag.c:27:3: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(syslogfp, format, ap); data/pen-0.34.1/diag.c:46:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(b, sizeof b, fmt, ap); data/pen-0.34.1/diag.c:65:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(b, sizeof b, fmt, ap); data/pen-0.34.1/mergelogs.c:136:2: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(p, "%[^/]/%[^/]/%[^:]:%[^:]:%[^:]:%s %s", data/pen-0.34.1/mergelogs.c:250:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(b, "%s %ld %s %[^\n]", from, &when, to, uri) != 4) { data/pen-0.34.1/mergelogs.c:289:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(b, "%s %ld %s %[^\n]", from, &when, to, uri) != 4) { data/pen-0.34.1/pen.c:1658:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(b, sizeof b, fmt, ap); data/pen-0.34.1/pen.c:1671:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(fp, fmt, ap); data/pen-0.34.1/penctl.c:54:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(b, sizeof b, fmt, ap); data/pen-0.34.1/server.c:88:6: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. n = sscanf(s, format, address, pno, data/pen-0.34.1/mergelogs.c:79:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt(argc, argv, "p:a:j:t:cd")) != -1) { data/pen-0.34.1/pen.c:2311:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt(argc, argv, opt)) != -1) { data/pen-0.34.1/pen.c:2561:7: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. if (chroot(jail) == -1) error("Can't chroot(%s)", jail); data/pen-0.34.1/penlogd.c:193:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt(argc, argv, "j:l:n:p:u:dfb")) != -1) { data/pen-0.34.1/penlogd.c:256:7: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. if (chroot(jail) == -1) error("Can't chroot(%s)", jail); data/pen-0.34.1/acl.c:29:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char mask_ipv6[129][16]; data/pen-0.34.1/acl.c:33:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char m6[16]; data/pen-0.34.1/acl.c:88:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(acls[a][i].ace.ipv6.ip.s6_addr, ipaddr, 16); data/pen-0.34.1/acl.c:261:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ip_str[INET6_ADDRSTRLEN]; data/pen-0.34.1/acl.c:269:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ip, &acls[i][j].ace.ipv4.ip, 4); data/pen-0.34.1/acl.c:271:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ip, &acls[i][j].ace.ipv4.mask, 4); data/pen-0.34.1/acl.h:24:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char country[2]; data/pen-0.34.1/diag.c:19:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). syslogfp = fopen("syslog.txt", "a"); data/pen-0.34.1/diag.c:42:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nowstr[80]; data/pen-0.34.1/diag.c:43:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[4096]; data/pen-0.34.1/diag.c:62:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[4096]; data/pen-0.34.1/dsr.c:30:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char p[100]; data/pen-0.34.1/dsr.c:166:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(our_hw_addr, ifr.ifr_hwaddr.sa_data, 6); data/pen-0.34.1/dsr.c:233:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(our_hw_addr, dl->sdl_data+dl->sdl_nlen, 6); data/pen-0.34.1/dsr.c:235:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ifname[100]; data/pen-0.34.1/dsr.c:263:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, b, n); data/pen-0.34.1/dsr.c:289:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (dsr_port) port = atoi(dsr_port); data/pen-0.34.1/dsr.c:304:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(MAC_SRC(buf), our_hw_addr, 6); data/pen-0.34.1/dsr.c:311:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ARP_SHA(buf), our_hw_addr, 6); data/pen-0.34.1/dsr.c:314:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ARP_TPA(buf), a, 4); data/pen-0.34.1/dsr.c:331:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(servers[server].hwaddr, hw, 6); data/pen-0.34.1/dsr.c:351:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&dest.sin_addr.s_addr, ARP_TPA(buf), 4); data/pen-0.34.1/dsr.c:371:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(MAC_DST(buf), ARP_SHA(buf), 6); data/pen-0.34.1/dsr.c:372:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(MAC_SRC(buf), our_hw_addr, 6); data/pen-0.34.1/dsr.c:374:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ARP_THA(buf), ARP_SHA(buf), 6); data/pen-0.34.1/dsr.c:375:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ARP_TPA(buf), ARP_SPA(buf), 4); data/pen-0.34.1/dsr.c:376:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ARP_SHA(buf), our_hw_addr, 6); data/pen-0.34.1/dsr.c:378:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ARP_SPA(buf), &dest.sin_addr.s_addr, 4); data/pen-0.34.1/dsr.c:519:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(MAC_DST(buf), servers[server].hwaddr, 6); data/pen-0.34.1/dsr.c:520:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(MAC_SRC(buf), our_hw_addr, 6); data/pen-0.34.1/dsr.c:531:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char src_mac[6]; data/pen-0.34.1/dsr.c:540:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ph.src, IPV4_DST(buf), 4); data/pen-0.34.1/dsr.c:541:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ph.dst, IPV4_SRC(buf), 4); data/pen-0.34.1/dsr.c:549:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(src_mac, MAC_SRC(buf), 6); data/pen-0.34.1/dsr.c:550:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(MAC_SRC(buf), MAC_DST(buf), 6); data/pen-0.34.1/dsr.c:551:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(MAC_DST(buf), src_mac, 6); data/pen-0.34.1/dsr.c:606:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(MAC_DST(buf), servers[server].hwaddr, 6); data/pen-0.34.1/dsr.c:607:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(MAC_SRC(buf), our_hw_addr, 6); data/pen-0.34.1/memory.c:30:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b, p, len); data/pen-0.34.1/mergelogs.c:41:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cli[1024]; /* client address */ data/pen-0.34.1/mergelogs.c:42:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tim[1024]; /* time string */ data/pen-0.34.1/mergelogs.c:43:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uri[1024]; /* uri */ data/pen-0.34.1/mergelogs.c:44:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b1[1024], b2[1024], b3[1024]; /* misc text */ data/pen-0.34.1/mergelogs.c:85:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). jitter = atoi(optarg); data/pen-0.34.1/mergelogs.c:88:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tz = atoi(optarg); data/pen-0.34.1/mergelogs.c:131:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dd[100], mm[100], yy[100]; data/pen-0.34.1/mergelogs.c:132:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hh[100], mi[100], ss[100], tz[100]; data/pen-0.34.1/mergelogs.c:138:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tms->tm_sec = atoi(ss); data/pen-0.34.1/mergelogs.c:139:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tms->tm_min = atoi(mi); data/pen-0.34.1/mergelogs.c:140:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tms->tm_hour = atoi(hh); data/pen-0.34.1/mergelogs.c:141:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tms->tm_mday = atoi(dd); data/pen-0.34.1/mergelogs.c:143:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tms->tm_year = atoi(yy)-1900; data/pen-0.34.1/mergelogs.c:146:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int d = 60*atoi(tz+3); data/pen-0.34.1/mergelogs.c:148:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). d += 3600*atoi(tz+1); data/pen-0.34.1/mergelogs.c:157:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[1024]; data/pen-0.34.1/mergelogs.c:216:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[1024], from[1024], to[1024], uri[1024]; data/pen-0.34.1/mergelogs.c:283:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[1024], from[1024], to[1024], uri[1024]; data/pen-0.34.1/mergelogs.c:323:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pfp = fopen(pfile, "r"); data/pen-0.34.1/mergelogs.c:334:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). servers[s].fp = fopen(servers[s].fn, "r"); data/pen-0.34.1/mergelogs.c:351:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cli[1024], tim[1024]; data/pen-0.34.1/netconv.c:26:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(p); data/pen-0.34.1/netconv.c:83:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char b[1024]; data/pen-0.34.1/pen.c:105:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char listenport[1000]; data/pen-0.34.1/pen.c:234:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nowstr[80]; data/pen-0.34.1/pen.c:240:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(webfile, "w"); data/pen-0.34.1/pen.c:371:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nowstr[80]; data/pen-0.34.1/pen.c:471:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[1024]; data/pen-0.34.1/pen.c:515:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p[BUFFER_MAX]; data/pen-0.34.1/pen.c:624:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024]; data/pen-0.34.1/pen.c:633:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(conns[conn].downb, msg, conns[conn].downn); data/pen-0.34.1/pen.c:644:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char b[BUFFER_MAX]; data/pen-0.34.1/pen.c:730:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(conns[i].upb, b+n, rc-n); data/pen-0.34.1/pen.c:758:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char b[BUFFER_MAX]; data/pen-0.34.1/pen.c:827:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(conns[i].downb, b+n, rc-n); data/pen-0.34.1/pen.c:920:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int devnull_fd = open("/dev/null", O_RDWR); data/pen-0.34.1/pen.c:1028:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&logserver.sin_addr.s_addr, data/pen-0.34.1/pen.c:1030:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). logserver.sin_port = htons(atoi(p)); data/pen-0.34.1/pen.c:1033:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logfp = fopen(logfile, "a"); data/pen-0.34.1/pen.c:1067:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[1024], *p; data/pen-0.34.1/pen.c:1127:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nowstr[80]; data/pen-0.34.1/pen.c:1128:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(p, "w"); data/pen-0.34.1/pen.c:1223:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int a = atoi(no); data/pen-0.34.1/pen.c:1239:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ipaddr[INET6_ADDRSTRLEN]; data/pen-0.34.1/pen.c:1257:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ipaddr, &si6->sin6_addr, sizeof ipaddr); data/pen-0.34.1/pen.c:1258:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). add_acl_ipv6(a, ipaddr, atoi(ma), permit); data/pen-0.34.1/pen.c:1278:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (p) blacklist_time = atoi(p); data/pen-0.34.1/pen.c:1282:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (p) client_acl = atoi(p); data/pen-0.34.1/pen.c:1288:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (p) expand_clienttable(atoi(p)); data/pen-0.34.1/pen.c:1292:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int conn = p ? atoi(p) : 0; data/pen-0.34.1/pen.c:1301:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int conn = p ? atoi(p) : 0; data/pen-0.34.1/pen.c:1315:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (p) expand_conntable(atoi(p)); data/pen-0.34.1/pen.c:1321:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (p) control_acl = atoi(p); data/pen-0.34.1/pen.c:1327:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (p) debuglevel = atoi(p); data/pen-0.34.1/pen.c:1357:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (p) idle_timeout = atoi(p); data/pen-0.34.1/pen.c:1362:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (p) idlers_wanted = atoi(p); data/pen-0.34.1/pen.c:1414:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). a = atoi(p); data/pen-0.34.1/pen.c:1451:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (p) pending_max = atoi(p); data/pen-0.34.1/pen.c:1462:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (p) when -= atoi(p); data/pen-0.34.1/pen.c:1478:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(p); data/pen-0.34.1/pen.c:1483:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). servers[n].acl = atoi(q); data/pen-0.34.1/pen.c:1494:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pen_setport(&servers[n].addr, atoi(q)); data/pen-0.34.1/pen.c:1496:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). servers[n].maxc = atoi(q); data/pen-0.34.1/pen.c:1498:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). servers[n].hard = atoi(q); data/pen-0.34.1/pen.c:1500:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). servers[n].status = now+atoi(q)-blacklist_time; data/pen-0.34.1/pen.c:1502:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). servers[n].weight = atoi(q); data/pen-0.34.1/pen.c:1504:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). servers[n].prio = atoi(q); data/pen-0.34.1/pen.c:1518:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int fd = p ? atoi(p) : 0; data/pen-0.34.1/pen.c:1532:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(webfile, "r"); data/pen-0.34.1/pen.c:1554:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ssl_client_renegotiation_interval = atoi(p); data/pen-0.34.1/pen.c:1610:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (p) tarpit_acl = atoi(p); data/pen-0.34.1/pen.c:1618:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (p) timeout = atoi(p); data/pen-0.34.1/pen.c:1622:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (p) tracking_time = atoi(p); data/pen-0.34.1/pen.c:1655:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[4096]; data/pen-0.34.1/pen.c:1677:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[4096]; data/pen-0.34.1/pen.c:1695:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[4096]; data/pen-0.34.1/pen.c:1701:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(cf, "r"); data/pen-0.34.1/pen.c:1715:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char b[BUFFER_MAX]; data/pen-0.34.1/pen.c:1975:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logfp = fopen(logfile, "a"); data/pen-0.34.1/pen.c:2303:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[1024]; data/pen-0.34.1/pen.c:2344:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tracking_time = atoi(optarg); data/pen-0.34.1/pen.c:2359:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). blacklist_time = atoi(optarg); data/pen-0.34.1/pen.c:2362:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). expand_clienttable(atoi(optarg)); data/pen-0.34.1/pen.c:2390:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). multi_accept = atoi(optarg); data/pen-0.34.1/pen.c:2408:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). listen_queue = atoi(optarg); data/pen-0.34.1/pen.c:2421:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). timeout = atoi(optarg); data/pen-0.34.1/pen.c:2435:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). expand_conntable(atoi(optarg)); data/pen-0.34.1/pen.c:2575:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pidfp = fopen(pidfile, "w"); data/pen-0.34.1/pen.c:2586:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cfgdir[1024], *p, dirsep = '\\'; data/pen-0.34.1/penctl.c:51:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[4096]; data/pen-0.34.1/penctl.c:119:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[1024], *p; data/pen-0.34.1/penlog.c:38:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXBUF]; data/pen-0.34.1/penlogd.c:45:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char client[100]; data/pen-0.34.1/penlogd.c:46:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char request[100]; data/pen-0.34.1/penlogd.c:75:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char request[1024]; data/pen-0.34.1/penlogd.c:92:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(request, p, q-p); data/pen-0.34.1/penlogd.c:123:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char client[100], server[100], request[100]; data/pen-0.34.1/penlogd.c:147:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&penlog[pen_n].addr, hp->h_addr, hp->h_length); data/pen-0.34.1/penlogd.c:211:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pen_max = atoi(optarg); data/pen-0.34.1/penlogd.c:233:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[1024]; data/pen-0.34.1/penlogd.c:239:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (argc < 1 || (p = atoi(argv[0])) == 0) { data/pen-0.34.1/penlogd.c:264:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logfp = fopen(logfile, "a"); data/pen-0.34.1/penlogd.c:272:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *pidfp = fopen(pidfile, "w"); data/pen-0.34.1/penlogd.c:317:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logfp = fopen(logfile, "a"); data/pen-0.34.1/select.c:62:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&w_r_copy, &w_read, sizeof w_read); data/pen-0.34.1/select.c:63:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&w_w_copy, &w_write, sizeof w_write); data/pen-0.34.1/server.c:78:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char address[1024], pno[100]; data/pen-0.34.1/ssl.c:35:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ocsp_resp_data[OCSP_RESP_MAX]; data/pen-0.34.1/ssl.c:41:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256]; data/pen-0.34.1/ssl.c:154:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ocsp_resp_data[OCSP_RESP_MAX]; data/pen-0.34.1/ssl.c:170:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keyfile[1024], certfile[1024], cacert_file[1024]; data/pen-0.34.1/ssl.c:187:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int f = open(fn, O_RDONLY); data/pen-0.34.1/ssl.c:216:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ocsp_file[1024]; data/pen-0.34.1/ssl.c:247:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ocsp_resp_copy, data, len); data/pen-0.34.1/ssl.h:25:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern unsigned char ocsp_resp_data[OCSP_RESP_MAX]; data/pen-0.34.1/windows.c:105:6: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR szPath[MAX_PATH]; data/pen-0.34.1/acl.c:100:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(acls[a][i].ace.geo.country, country, 2); data/pen-0.34.1/dsr.c:163:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifr.ifr_name, dsr_if, IFNAMSIZ-1); data/pen-0.34.1/memory.c:28:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(p); data/pen-0.34.1/mergelogs.c:145:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (t != -1 && strlen(tz) == 5) { data/pen-0.34.1/netconv.c:99:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(b, "(cannot convert address)", sizeof b); data/pen-0.34.1/pen.c:219:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int n = strlen(needle); data/pen-0.34.1/pen.c:473:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(b, "+ ", sizeof b); data/pen-0.34.1/pen.c:475:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(b+k, pen_ntoa(&clients[conns[i].client].addr), (sizeof b)-k); data/pen-0.34.1/pen.c:476:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). k += strlen(b+k); data/pen-0.34.1/pen.c:478:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(b+k, pen_ntoa(&servers[conns[i].server].addr), (sizeof b)-k); data/pen-0.34.1/pen.c:479:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). k += strlen(b+k); data/pen-0.34.1/pen.c:545:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pl=strlen(p); data/pen-0.34.1/pen.c:561:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pl=strlen(p); data/pen-0.34.1/pen.c:630:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (int)strlen(DUMMY_MSG), DUMMY_MSG); data/pen-0.34.1/pen.c:631:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). conns[conn].downn = strlen(msg); data/pen-0.34.1/pen.c:1086:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(b, a, p-a); data/pen-0.34.1/pen.c:1090:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(b, "0.0.0.0", sizeof b); data/pen-0.34.1/pen.c:1659:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = send(*fp, b, strlen(b), 0); data/pen-0.34.1/penctl.c:128:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = 1+strlen(argv[1]); /* one for \0 */ data/pen-0.34.1/penctl.c:153:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = write(fd, b, strlen(b)); data/pen-0.34.1/penctl.c:156:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). n = read(fd, b, sizeof b); data/pen-0.34.1/penlog.c:72:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = sendto(sk, buf, strlen(buf), 0, data/pen-0.34.1/penlogd.c:151:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(penlog[pen_n].client, client, 100); data/pen-0.34.1/penlogd.c:152:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(penlog[pen_n].request, request, 100); data/pen-0.34.1/ssl.c:193:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read(f, data, OCSP_RESP_MAX); ANALYSIS SUMMARY: Hits = 196 Lines analyzed = 7360 in approximately 0.23 seconds (32105 lines/second) Physical Source Lines of Code (SLOC) = 6364 Hits@level = [0] 132 [1] 25 [2] 155 [3] 5 [4] 11 [5] 0 Hits@level+ = [0+] 328 [1+] 196 [2+] 171 [3+] 16 [4+] 11 [5+] 0 Hits/KSLOC@level+ = [0+] 51.5399 [1+] 30.7982 [2+] 26.8699 [3+] 2.51414 [4+] 1.72847 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.