Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/psad-2.4.3/psad.h
Examining data/psad-2.4.3/strlcpy.c
Examining data/psad-2.4.3/psad_funcs.c
Examining data/psad-2.4.3/psadwatchd.c
Examining data/psad-2.4.3/kmsgsd.c
Examining data/psad-2.4.3/strlcat.c
FINAL RESULTS:
data/psad-2.4.3/psad_funcs.c:330:9: [4] (shell) execle:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execle(shCmd, shCmd, "-c", mail_line, (char *)NULL, (char *)NULL); /* don't use env */
data/psad-2.4.3/kmsgsd.c:103:22: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((cmdlopt = getopt(argc, argv, "c:O:Dh")) != -1) {
data/psad-2.4.3/psadwatchd.c:116:22: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((cmdlopt = getopt(argc, argv, "c:O:Dh")) != -1) {
data/psad-2.4.3/kmsgsd.c:47:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fw_msg_search[MAX_GEN_LEN];
data/psad-2.4.3/kmsgsd.c:48:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psadfifo_file[MAX_PATH_LEN];
data/psad-2.4.3/kmsgsd.c:49:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fwdata_file[MAX_PATH_LEN];
data/psad-2.4.3/kmsgsd.c:50:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fw_search_file[MAX_PATH_LEN];
data/psad-2.4.3/kmsgsd.c:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char snort_sid_str[MAX_PATH_LEN];
data/psad-2.4.3/kmsgsd.c:52:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char install_root[MAX_PATH_LEN];
data/psad-2.4.3/kmsgsd.c:53:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psad_dir[MAX_PATH_LEN];
data/psad-2.4.3/kmsgsd.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psad_fifo_dir[MAX_PATH_LEN];
data/psad-2.4.3/kmsgsd.c:55:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psad_run_dir[MAX_PATH_LEN];
data/psad-2.4.3/kmsgsd.c:56:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kmsgsd_pid_file[MAX_PATH_LEN];
data/psad-2.4.3/kmsgsd.c:82:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *overwrite_files[MAX_OVW_FILES+1];
data/psad-2.4.3/kmsgsd.c:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char overwrite_cmd[MAX_PATH_LEN];
data/psad-2.4.3/kmsgsd.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_file[MAX_PATH_LEN];
data/psad-2.4.3/kmsgsd.c:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_LINE_BUF];
data/psad-2.4.3/kmsgsd.c:155:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fifo_fd = open(psadfifo_file, O_RDWR)) < 0) {
data/psad-2.4.3/kmsgsd.c:163:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fwdata_fd = open(fwdata_file,
data/psad-2.4.3/kmsgsd.c:204:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fifo_fd = open(psadfifo_file, O_RDWR)) < 0) {
data/psad-2.4.3/kmsgsd.c:210:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fwdata_fd = open(fwdata_file, O_CREAT|O_WRONLY|O_APPEND,
data/psad-2.4.3/kmsgsd.c:278:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_buf[MAX_LINE_BUF];
data/psad-2.4.3/kmsgsd.c:279:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_fw_search_buf[MAX_GEN_LEN], *index;
data/psad-2.4.3/kmsgsd.c:292:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((config_ptr = fopen(file, "r")) == NULL) {
data/psad-2.4.3/kmsgsd.c:339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sub_var[MAX_GEN_LEN] = "";
data/psad-2.4.3/kmsgsd.c:340:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pre_str[MAX_GEN_LEN] = "";
data/psad-2.4.3/kmsgsd.c:341:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char post_str[MAX_GEN_LEN] = "";
data/psad-2.4.3/psad_funcs.c:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pid_line[MAX_PID_SIZE+1];
data/psad-2.4.3/psad_funcs.c:53:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pidfile_ptr = fopen(pid_file, "r")) == NULL) {
data/psad-2.4.3/psad_funcs.c:66:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pid = atoi(pid_line);
data/psad-2.4.3/psad_funcs.c:91:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pidfile_ptr = fopen(pid_file, "w")) == NULL) {
data/psad-2.4.3/psad_funcs.c:318:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mail_line[MAX_MSG_LEN] = "";
data/psad-2.4.3/psadwatchd.c:48:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[MAX_GEN_LEN];
data/psad-2.4.3/psadwatchd.c:49:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mail_addrs[MAX_EMAIL_LEN];
data/psad-2.4.3/psadwatchd.c:50:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shCmd[MAX_GEN_LEN];
data/psad-2.4.3/psadwatchd.c:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mailCmd[MAX_GEN_LEN];
data/psad-2.4.3/psadwatchd.c:52:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alerting_methods[MAX_GEN_LEN];
data/psad-2.4.3/psadwatchd.c:53:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psadCmd[MAX_PATH_LEN];
data/psad-2.4.3/psadwatchd.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char install_root[MAX_PATH_LEN];
data/psad-2.4.3/psadwatchd.c:55:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psad_pid_file[MAX_PATH_LEN];
data/psad-2.4.3/psadwatchd.c:56:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psad_cmdline_file[MAX_PATH_LEN];
data/psad-2.4.3/psadwatchd.c:57:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psad_run_dir[MAX_PATH_LEN];
data/psad-2.4.3/psadwatchd.c:58:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kmsgsdCmd[MAX_PATH_LEN];
data/psad-2.4.3/psadwatchd.c:59:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kmsgsd_pid_file[MAX_PATH_LEN];
data/psad-2.4.3/psadwatchd.c:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psadwatchd_pid_file[MAX_PATH_LEN];
data/psad-2.4.3/psadwatchd.c:61:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_input_mode[MAX_GEN_LEN];
data/psad-2.4.3/psadwatchd.c:62:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char enable_syslog_file[MAX_GEN_LEN];
data/psad-2.4.3/psadwatchd.c:63:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char char_psadwatchd_check_interval[MAX_NUM_LEN];
data/psad-2.4.3/psadwatchd.c:64:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char char_psadwatchd_max_retries[MAX_NUM_LEN];
data/psad-2.4.3/psadwatchd.c:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *overwrite_files[MAX_OVW_FILES+1];
data/psad-2.4.3/psadwatchd.c:104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char overwrite_cmd[MAX_PATH_LEN];
data/psad-2.4.3/psadwatchd.c:105:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_file[MAX_PATH_LEN];
data/psad-2.4.3/psadwatchd.c:211:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mail_str[MAX_MSG_LEN] = "";
data/psad-2.4.3/psadwatchd.c:212:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char syslog_str[MAX_MSG_LEN] = "";
data/psad-2.4.3/psadwatchd.c:213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pid_line[MAX_PID_SIZE];
data/psad-2.4.3/psadwatchd.c:215:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pidfile_ptr = fopen(pid_file, "r")) == NULL) {
data/psad-2.4.3/psadwatchd.c:254:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pid = atoi(pid_line);
data/psad-2.4.3/psadwatchd.c:340:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mail_str[MAX_MSG_LEN] = "";
data/psad-2.4.3/psadwatchd.c:362:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *prog_argv[MAX_ARG_LEN];
data/psad-2.4.3/psadwatchd.c:363:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline_buf[MAX_LINE_BUF];
data/psad-2.4.3/psadwatchd.c:375:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((cmdline_ptr = fopen(cmdlinefile, "r")) == NULL) {
data/psad-2.4.3/psadwatchd.c:439:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_buf[MAX_LINE_BUF];
data/psad-2.4.3/psadwatchd.c:447:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((config_ptr = fopen(file, "r")) == NULL) {
data/psad-2.4.3/psadwatchd.c:491:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp = atoi(char_psadwatchd_check_interval);
data/psad-2.4.3/psadwatchd.c:495:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp = atoi(char_psadwatchd_max_retries);
data/psad-2.4.3/psadwatchd.c:504:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sub_var[MAX_GEN_LEN] = "";
data/psad-2.4.3/psadwatchd.c:505:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pre_str[MAX_GEN_LEN] = "";
data/psad-2.4.3/psadwatchd.c:506:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char post_str[MAX_GEN_LEN] = "";
data/psad-2.4.3/kmsgsd.c:173:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((numbytes = read(fifo_fd, buf, MAX_LINE_BUF-1)) >= 0) {
data/psad-2.4.3/kmsgsd.c:321:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= (char *) safe_malloc(strlen(tmp_fw_search_buf)+1);
data/psad-2.4.3/kmsgsd.c:323:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_fw_search_buf, strlen(tmp_fw_search_buf)+1);
data/psad-2.4.3/kmsgsd.c:480:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= (char *) safe_malloc(strlen("DROP")+1);
data/psad-2.4.3/kmsgsd.c:481:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(fw_msg_search[0], "DROP", strlen("DROP")+1);
data/psad-2.4.3/psad_funcs.c:124:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i < strlen(search_str); i++)
data/psad-2.4.3/psad_funcs.c:167:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(charvar, index_tmp, char_ctr);
data/psad-2.4.3/psad_funcs.c:195:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i < strlen(value); i++) {
data/psad-2.4.3/psad_funcs.c:248:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sub_var) + strlen(pre_str) + strlen(post_str)
data/psad-2.4.3/psad_funcs.c:248:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sub_var) + strlen(pre_str) + strlen(post_str)
data/psad-2.4.3/psad_funcs.c:248:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sub_var) + strlen(pre_str) + strlen(post_str)
data/psad-2.4.3/psad_funcs.c:256:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen(sub_var) == 1)
data/psad-2.4.3/psad_funcs.c:305:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0);
data/psad-2.4.3/psadwatchd.c:250:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pid_line[strlen(pid_line)] == '\n')
data/psad-2.4.3/psadwatchd.c:251:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pid_line[strlen(pid_line)] = '\0';
data/psad-2.4.3/psadwatchd.c:368:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prog_argv[arg_num] = (char *) safe_malloc(strlen(binary)+1);
data/psad-2.4.3/psadwatchd.c:370:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(prog_argv[arg_num], binary, strlen(binary)+1);
data/psad-2.4.3/strlcat.c:59:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(dlen + strlen(s));
ANALYSIS SUMMARY:
Hits = 86
Lines analyzed = 1964 in approximately 0.08 seconds (24076 lines/second)
Physical Source Lines of Code (SLOC) = 1322
Hits@level = [0] 108 [1] 18 [2] 65 [3] 2 [4] 1 [5] 0
Hits@level+ = [0+] 194 [1+] 86 [2+] 68 [3+] 3 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 146.747 [1+] 65.053 [2+] 51.4372 [3+] 2.26929 [4+] 0.75643 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.