Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/python-libtrace-1.6+git20180219/lib/include/plt.h
Examining data/python-libtrace-1.6+git20180219/lib/include/pv.h
Examining data/python-libtrace-1.6+git20180219/lib/ipp/getrusage.c
Examining data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c
Examining data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c
Examining data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c
Examining data/python-libtrace-1.6+git20180219/lib/pldns/pldns.c
Examining data/python-libtrace-1.6+git20180219/lib/plt/icmp.c
Examining data/python-libtrace-1.6+git20180219/lib/plt/icmp6.c
Examining data/python-libtrace-1.6+git20180219/lib/plt/internet.c
Examining data/python-libtrace-1.6+git20180219/lib/plt/ip.c
Examining data/python-libtrace-1.6+git20180219/lib/plt/ip6.c
Examining data/python-libtrace-1.6+git20180219/lib/plt/ipflow.c
Examining data/python-libtrace-1.6+git20180219/lib/plt/layers.c
Examining data/python-libtrace-1.6+git20180219/lib/plt/outputtrace.c
Examining data/python-libtrace-1.6+git20180219/lib/plt/packet.c
Examining data/python-libtrace-1.6+git20180219/lib/plt/pltmodule.c
Examining data/python-libtrace-1.6+git20180219/lib/plt/sctp.c
Examining data/python-libtrace-1.6+git20180219/lib/plt/trace.c
Examining data/python-libtrace-1.6+git20180219/lib/plt/udp.c
Examining data/python-libtrace-1.6+git20180219/lib/plt/tcp.c
FINAL RESULTS:
data/python-libtrace-1.6+git20180219/lib/include/plt.h:121:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(plt_err_msg, sizeof(plt_err_msg), fmt, v1)
data/python-libtrace-1.6+git20180219/lib/include/plt.h:123:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(plt_err_msg, sizeof(plt_err_msg), fmt, v1, v2)
data/python-libtrace-1.6+git20180219/lib/include/plt.h:118:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char plt_err_msg[120]; /* For building libtrace error messages */
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:62:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char v6a[60]; /* IPprefix result (including /length) */
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:74:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10]; /* RFC 2373: IPv6 Address Architecture */
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:100:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%x", a2[0]);
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:107:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, ":%x", a2[j]);
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:184:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nt_addr[IP6_ADDR_LEN+1] = /* Null-filled address value */
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:226:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nt_addr, addr_s, as_sz);
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:479:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sp, a[IP6_ADDR_LEN];
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:563:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (length >= 0) sprintf(v6a, "0/%d", length);
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:588:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&v6a[len], "/%u", length);
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:592:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (length < 0) sprintf(v6a, "%u.%u.%u.%u",
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:594:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(v6a, "%u.%u.%u.%u/%u",
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:599:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (length >= 0) sprintf(v6e, "/%u", length);
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:721:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *endp = NULL; unsigned char addr[16];
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:852:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (dcx >= 0) memcpy(a, a2p, dcx*2);
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:853:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
y = (x-dcx)*2; memcpy(a + (16-y), a2p + dcx*2, y);
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:57:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char v6a[60]; /* String result from v6addr_to_s() */
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10]; /* RFC 2373: IPv6 Address Architecture */
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:91:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%x", a2[0]);
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:98:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, ":%x", a2[j]);
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:176:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nt_addr[IP6_ADDR_LEN+1] = /* Null-filled address value */
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:218:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nt_addr, addr_s, as_sz);
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:502:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (len >= 0) sprintf(v6a, "0/%u", len);
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:508:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (len < 0) sprintf(v6a, "%u.%u.%u.%u",
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:510:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(v6a, "%u.%u.%u.%u/%u",
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:515:24: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (len >= 0) sprintf(v6e, "/%u", len);
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:611:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sp, a[IP6_ADDR_LEN];
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:735:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (dcx >= 0) memcpy(a, a2p, dcx*2);
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:736:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
y = (x-dcx)*2; memcpy(a + (16-y), a2p + dcx*2, y);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:215:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ipf->fkey.addrs.v4.saddr, psrc_addr, 4);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:216:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ipf->fkey.addrs.v4.daddr, pdst_addr, 4);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:219:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ipf->fkey.addrs.v6.saddr, psrc_addr, 16);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:220:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ipf->fkey.addrs.v6.daddr, pdst_addr, 16);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:243:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
PyObject *result; char key[2+4+32];
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:246:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[2], &self->fkey.sport, 2);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:247:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[4], &self->fkey.dport, 2);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:249:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[6], self->fkey.addrs.v4.saddr, 4);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:250:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[10], self->fkey.addrs.v4.daddr, 4);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:254:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[6], self->fkey.addrs.v6.saddr, 16);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:255:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[22], self->fkey.addrs.v6.daddr, 16);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:264:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
PyObject *result; char key[2+4+32];
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:267:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[2], &self->fkey.dport, 2);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:268:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[4], &self->fkey.sport, 2);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:270:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[6], self->fkey.addrs.v4.daddr, 4);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:271:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[10], self->fkey.addrs.v4.saddr, 4);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:275:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[6], self->fkey.addrs.v6.daddr, 16);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:276:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[22], self->fkey.addrs.v6.saddr, 16);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:347:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
PyObject *result; char key[2+4+32];
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:352:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[2], &self->fkey.sport, 2);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:353:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[4], &self->fkey.dport, 2);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:356:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[2], &self->fkey.dport, 2);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:357:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[4], &self->fkey.sport, 2);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:361:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[6], self->fkey.addrs.v4.saddr, 4);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:362:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[10], self->fkey.addrs.v4.daddr, 4);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:365:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[6], self->fkey.addrs.v4.daddr, 4);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:366:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[10], self->fkey.addrs.v4.saddr, 4);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:372:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[6], self->fkey.addrs.v6.saddr, 16);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:373:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[22], self->fkey.addrs.v6.daddr, 16);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:376:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[6], self->fkey.addrs.v6.daddr, 16);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:377:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key[22], self->fkey.addrs.v6.saddr, 16);
data/python-libtrace-1.6+git20180219/lib/natkit/natkit.c:553:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, caddr, ver == 4 ? 4 : 16);
data/python-libtrace-1.6+git20180219/lib/pldns/pldns.c:163:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[sx], sa[j], len); sx += len;
data/python-libtrace-1.6+git20180219/lib/plt/internet.c:214:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(((libtrace_ip6_t *)lip)->ip_src.s6_addr, ap, 16);
data/python-libtrace-1.6+git20180219/lib/plt/internet.c:254:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(((libtrace_ip6_t *)lip)->ip_src.s6_addr, ap, 16);
data/python-libtrace-1.6+git20180219/lib/plt/packet.c:96:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp, vp, vsize);
data/python-libtrace-1.6+git20180219/lib/plt/pltmodule.c:31:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plt_err_msg[120];
data/python-libtrace-1.6+git20180219/lib/plt/pltmodule.c:151:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[50];
data/python-libtrace-1.6+git20180219/lib/plt/trace.c:97:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[60];
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:564:12: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
else sprintf(v6a, "0");
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:581:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(&cp[2], &cp[1], &v6a[strlen(v6a)] - cp);
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:587:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int)strlen(v6a);
data/python-libtrace-1.6+git20180219/lib/ipp/ippmodule.c:769:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(str);
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:503:12: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
else sprintf(v6a, "0");
data/python-libtrace-1.6+git20180219/lib/ipp/new-ippmodule.c:651:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(str);
data/python-libtrace-1.6+git20180219/lib/pldns/pldns.c:152:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s); /* ldns_rdf_size() gives 'raw' size */
data/python-libtrace-1.6+git20180219/lib/pldns/pldns.c:154:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += strlen(sa[j])+1; /* Include trailing blank */
data/python-libtrace-1.6+git20180219/lib/pldns/pldns.c:162:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sa[j]);
data/python-libtrace-1.6+git20180219/lib/pldns/pldns.c:180:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long len = strlen(rrs);
ANALYSIS SUMMARY:
Hits = 80
Lines analyzed = 8845 in approximately 0.30 seconds (29459 lines/second)
Physical Source Lines of Code (SLOC) = 7460
Hits@level = [0] 35 [1] 10 [2] 68 [3] 0 [4] 2 [5] 0
Hits@level+ = [0+] 115 [1+] 80 [2+] 70 [3+] 2 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 15.4155 [1+] 10.7239 [2+] 9.38338 [3+] 0.268097 [4+] 0.268097 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.