Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/rbldnsd-0.999~20180516/btrie.c Examining data/rbldnsd-0.999~20180516/btrie.h Examining data/rbldnsd-0.999~20180516/dns.h Examining data/rbldnsd-0.999~20180516/dns_dnequ.c Examining data/rbldnsd-0.999~20180516/dns_dnlabels.c Examining data/rbldnsd-0.999~20180516/dns_dnlen.c Examining data/rbldnsd-0.999~20180516/dns_dnreverse.c Examining data/rbldnsd-0.999~20180516/dns_dntol.c Examining data/rbldnsd-0.999~20180516/dns_dntop.c Examining data/rbldnsd-0.999~20180516/dns_findname.c Examining data/rbldnsd-0.999~20180516/dns_ptodn.c Examining data/rbldnsd-0.999~20180516/hooks.c Examining data/rbldnsd-0.999~20180516/ip4addr.h Examining data/rbldnsd-0.999~20180516/ip4atos.c Examining data/rbldnsd-0.999~20180516/ip4mask.c Examining data/rbldnsd-0.999~20180516/ip4parse.c Examining data/rbldnsd-0.999~20180516/ip6addr.c Examining data/rbldnsd-0.999~20180516/ip6addr.h Examining data/rbldnsd-0.999~20180516/istream.c Examining data/rbldnsd-0.999~20180516/istream.h Examining data/rbldnsd-0.999~20180516/mempool.c Examining data/rbldnsd-0.999~20180516/mempool.h Examining data/rbldnsd-0.999~20180516/qsort.c Examining data/rbldnsd-0.999~20180516/rbldnsd.h Examining data/rbldnsd-0.999~20180516/rbldnsd_acl.c Examining data/rbldnsd-0.999~20180516/rbldnsd_combined.c Examining data/rbldnsd-0.999~20180516/rbldnsd_dnset.c Examining data/rbldnsd-0.999~20180516/rbldnsd_generic.c Examining data/rbldnsd-0.999~20180516/rbldnsd_ip4set.c Examining data/rbldnsd-0.999~20180516/rbldnsd_ip4trie.c Examining data/rbldnsd-0.999~20180516/rbldnsd_ip4tset.c Examining data/rbldnsd-0.999~20180516/rbldnsd_ip6trie.c Examining data/rbldnsd-0.999~20180516/rbldnsd_ip6tset.c Examining data/rbldnsd-0.999~20180516/rbldnsd_packet.c Examining data/rbldnsd-0.999~20180516/rbldnsd_util.c Examining data/rbldnsd-0.999~20180516/rbldnsd_zones.c Examining data/rbldnsd-0.999~20180516/rbldnsd.c FINAL RESULTS: data/rbldnsd-0.999~20180516/btrie.c:1546:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buf, sizeof(buf), data/rbldnsd-0.999~20180516/rbldnsd.c:94:5: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. syslog(LOG_ERR, strchr(fmt, '%') ? "%s" : fmt, fmt); data/rbldnsd-0.999~20180516/rbldnsd.c:692:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(chroot_socket, rootdir); data/rbldnsd-0.999~20180516/rbldnsd.c:930:7: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(f, " %s" C C C C C, data/rbldnsd-0.999~20180516/rbldnsd.h:17:53: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define PRINTFLIKE(fmtp, ap) __attribute__((format(printf,fmtp,ap))) data/rbldnsd-0.999~20180516/rbldnsd_packet.c:992:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cp, inet_ntoa(((struct sockaddr_in*)pkt->p_peer)->sin_addr)); data/rbldnsd-0.999~20180516/rbldnsd_packet.c:997:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cp += sprintf(cp, " %s %s: %s/%u/%d\n", data/rbldnsd-0.999~20180516/rbldnsd_util.c:306:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(name, fmt[idx], a&255, (a>>8)&255, (a>>16)&255, (a>>24)); data/rbldnsd-0.999~20180516/rbldnsd_util.c:506:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int r = vsnprintf(buf, bufsz, fmt, ap); data/rbldnsd-0.999~20180516/rbldnsd_util.c:553:5: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. syslog(level, strchr(fmt, '%') ? "%s" : fmt, fmt); data/rbldnsd-0.999~20180516/rbldnsd.c:538:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((c = getopt(argc, argv, "u:r:b:w:t:c:p:nel:qs:h46dvaAfF:Cx:X:")) != EOF) data/rbldnsd-0.999~20180516/rbldnsd.c:646:43: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. if (rootdir && (chdir(rootdir) < 0 || chroot(rootdir) < 0)) data/rbldnsd-0.999~20180516/rbldnsd.c:681:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("NOTIFY_SOCKET")) { data/rbldnsd-0.999~20180516/rbldnsd.c:708:17: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (mount(getenv("NOTIFY_SOCKET"), chroot_socket, NULL, MS_BIND, NULL) != 0) data/rbldnsd-0.999~20180516/rbldnsd.c:800:41: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. if (rootdir && (chdir(rootdir) < 0 || chroot(rootdir) < 0)) data/rbldnsd-0.999~20180516/btrie.c:769:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data_beg, old_data_beg, di * sizeof(data_beg[0])); data/rbldnsd-0.999~20180516/btrie.c:770:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data_beg[di + 1], &old_data_beg[di], data/rbldnsd-0.999~20180516/btrie.c:837:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data_beg, old_data_beg, data/rbldnsd-0.999~20180516/btrie.c:839:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&node->ptr.children[ci + 1], &old_children[ci], data/rbldnsd-0.999~20180516/btrie.c:924:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->prefix, prefix + lc_shift(pos), LC_BYTES_PER_NODE); data/rbldnsd-0.999~20180516/btrie.c:932:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->prefix, prefix + lc_shift(pos), nbytes - lc_shift(pos)); data/rbldnsd-0.999~20180516/btrie.c:954:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->prefix + shift, child->prefix, data/rbldnsd-0.999~20180516/btrie.c:965:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->prefix + shift, child->prefix, LC_BYTES_PER_NODE - shift); data/rbldnsd-0.999~20180516/btrie.c:1255:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->ptr.data_end - (int)ndata, data, ndata * sizeof(data[0])); data/rbldnsd-0.999~20180516/btrie.c:1256:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->ptr.children, children, nchildren * sizeof(children[0])); data/rbldnsd-0.999~20180516/btrie.c:1511:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[128]; data/rbldnsd-0.999~20180516/btrie.c:1639:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&prefix[lc_shift(pos)], node->prefix, lc_bytes(node, pos)); data/rbldnsd-0.999~20180516/btrie.c:2577:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&prefix[lc_shift(pos)], node->prefix, lc_bytes(node, pos)); data/rbldnsd-0.999~20180516/btrie.c:2621:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. parse_prefix(const char *arg, btrie_oct_t prefix[16], unsigned *len) data/rbldnsd-0.999~20180516/btrie.c:2623:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addrbuf[128]; data/rbldnsd-0.999~20180516/dns_dnreverse.c:24:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rdn, dn, c); data/rbldnsd-0.999~20180516/dns_findname.c:10:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nm[60]; /* all names are less than 60 chars anyway */ data/rbldnsd-0.999~20180516/ip4addr.h:57:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ip4unpack(unsigned char bytes[4], ip4addr_t a) { data/rbldnsd-0.999~20180516/ip4atos.c:24:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[16]; data/rbldnsd-0.999~20180516/ip6addr.c:18:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int ip6prefix(const char *s, ip6oct_t ap[IP6ADDR_FULL], char **np) { data/rbldnsd-0.999~20180516/ip6addr.c:98:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int ip6cidr(const char *s, ip6oct_t ap[IP6ADDR_FULL], char **np) { data/rbldnsd-0.999~20180516/ip6addr.c:133:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bp, ap, i < n ? i : n); data/rbldnsd-0.999~20180516/ip6addr.c:157:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[(4+1)*8+1]; data/rbldnsd-0.999~20180516/ip6addr.c:181:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. bp += sprintf(bp, ":%x", (((unsigned)ap[2*i]) << 8) + ap[2*i+1]); data/rbldnsd-0.999~20180516/ip6addr.c:190:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. bp += sprintf(bp, ":%x", (((unsigned)ap[2*i]) << 8) + ap[2*i+1]); data/rbldnsd-0.999~20180516/ip6addr.h:23:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int ip6prefix(const char *s, ip6oct_t ap[IP6ADDR_FULL], char **np); data/rbldnsd-0.999~20180516/ip6addr.h:29:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int ip6cidr(const char *s, ip6oct_t ap[IP6ADDR_FULL], char **np); data/rbldnsd-0.999~20180516/istream.c:314:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zsp->is.buf, sp->readp, x); data/rbldnsd-0.999~20180516/istream.h:12:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pad1[ISTREAM_PAD]; data/rbldnsd-0.999~20180516/istream.h:13:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[ISTREAM_BUFSIZE]; /* the data pointer */ data/rbldnsd-0.999~20180516/istream.h:14:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pad2[ISTREAM_PAD]; data/rbldnsd-0.999~20180516/mempool.c:26:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MEMPOOL_CHUNKSIZE+alignto]; data/rbldnsd-0.999~20180516/mempool.c:33:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1]; data/rbldnsd-0.999~20180516/mempool.c:118:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b, buf, len); data/rbldnsd-0.999~20180516/rbldnsd.c:84:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/rbldnsd-0.999~20180516/rbldnsd.c:112:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char def_rr[5] = "\177\0\0\2\0"; /* default A RR */ data/rbldnsd-0.999~20180516/rbldnsd.c:309:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[NI_MAXHOST], serv[NI_MAXSERV]; data/rbldnsd-0.999~20180516/rbldnsd.c:333:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. initsockets(const char *bindaddr[MAXSOCK], int nba, int UNUSED family) { data/rbldnsd-0.999~20180516/rbldnsd.c:399:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sin.sin_addr, he->h_addr_list[x], 4); data/rbldnsd-0.999~20180516/rbldnsd.c:484:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[NI_MAXHOST], serv[NI_MAXSERV]; data/rbldnsd-0.999~20180516/rbldnsd.c:517:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *bindaddr[MAXSOCK]; data/rbldnsd-0.999~20180516/rbldnsd.c:693:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(chroot_socket, "/systemd_notify"); data/rbldnsd-0.999~20180516/rbldnsd.c:695:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(chroot_socket, O_WRONLY|O_CREAT|O_TRUNC, 0644)) < 0) data/rbldnsd-0.999~20180516/rbldnsd.c:792:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[40]; data/rbldnsd-0.999~20180516/rbldnsd.c:793:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. c = sprintf(buf, "%ld\n", (long)getpid()); data/rbldnsd-0.999~20180516/rbldnsd.c:794:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fdpid = open(pidfile, O_CREAT|O_WRONLY|O_TRUNC, 0644); data/rbldnsd-0.999~20180516/rbldnsd.c:911:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DNS_MAXDOMAIN+1]; data/rbldnsd-0.999~20180516/rbldnsd.c:915:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(statsfile, "a"); data/rbldnsd-0.999~20180516/rbldnsd.c:955:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(statsfile, "a"); data/rbldnsd-0.999~20180516/rbldnsd.c:966:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DNS_MAXDOMAIN+1]; data/rbldnsd-0.999~20180516/rbldnsd.c:1028:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(logfile, O_WRONLY|O_APPEND|O_CREAT|O_NONBLOCK|O_LARGEFILE, 0644); data/rbldnsd-0.999~20180516/rbldnsd.c:1057:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ibuf[150]; data/rbldnsd-0.999~20180516/rbldnsd.h:40:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char p_buf[DNS_EDNS0_MAXPACKET]; /* packet buffer */ data/rbldnsd-0.999~20180516/rbldnsd.h:53:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char q_dn[DNS_MAXDN]; /* original query DN, lowercased */ data/rbldnsd-0.999~20180516/rbldnsd.h:56:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char *q_lptr[DNS_MAXLABELS]; /* pointers to labels */ data/rbldnsd-0.999~20180516/rbldnsd.h:76:34: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned unpack32(const unsigned char nb[4]); data/rbldnsd-0.999~20180516/rbldnsd.h:83:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *parse_uint32_nb(char *s, unsigned char nb[4]); data/rbldnsd-0.999~20180516/rbldnsd.h:83:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *parse_uint32_nb(char *s, unsigned char nb[4]); data/rbldnsd-0.999~20180516/rbldnsd.h:83:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *parse_uint32_nb(char *s, unsigned char nb[4]); data/rbldnsd-0.999~20180516/rbldnsd.h:85:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *parse_time_nb(char *s, unsigned char nb[4]); data/rbldnsd-0.999~20180516/rbldnsd.h:85:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *parse_time_nb(char *s, unsigned char nb[4]); data/rbldnsd-0.999~20180516/rbldnsd.h:85:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *parse_time_nb(char *s, unsigned char nb[4]); data/rbldnsd-0.999~20180516/rbldnsd.h:199:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char dssoa_n[16]; /* refresh, retry, expire, minttl */ data/rbldnsd-0.999~20180516/rbldnsd.h:204:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char dsns_dn[1]; /* nameserver DN, varlen */ data/rbldnsd-0.999~20180516/rbldnsd.h:218:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *ds_subst[11]; /* substitution variables */ data/rbldnsd-0.999~20180516/rbldnsd.h:256:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char z_dn[DNS_MAXDN+1]; /* zone domain name */ data/rbldnsd-0.999~20180516/rbldnsd.h:266:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char *z_nsdna[MAX_NS]; /* array of nameserver DNs */ data/rbldnsd-0.999~20180516/rbldnsd.h:325:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int txtsubst(char txtbuf[TXTBUFSIZ], const char *template, data/rbldnsd-0.999~20180516/rbldnsd.h:357:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern const char def_rr[5]; data/rbldnsd-0.999~20180516/rbldnsd_acl.c:70:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. return (const char *)(keywords[i].rr); data/rbldnsd-0.999~20180516/rbldnsd_combined.c:89:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char dn[DNS_MAXDN]; data/rbldnsd-0.999~20180516/rbldnsd_combined.c:181:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dssub->ds_subst, ds->ds_subst, sizeof(ds->ds_subst)); data/rbldnsd-0.999~20180516/rbldnsd_combined.c:209:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bname[DNS_MAXDOMAIN+1], sname[DNS_MAXDOMAIN+1]; data/rbldnsd-0.999~20180516/rbldnsd_dnset.c:82:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char dn[DNS_MAXDN]; data/rbldnsd-0.999~20180516/rbldnsd_dnset.c:133:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ldn + 1, dn, dnlen); data/rbldnsd-0.999~20180516/rbldnsd_dnset.c:227:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DNS_MAXDOMAIN+1]; data/rbldnsd-0.999~20180516/rbldnsd_dnset.c:287:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DNS_MAXDOMAIN+4]; data/rbldnsd-0.999~20180516/rbldnsd_generic.c:41:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[DNS_MAXDN*2+20]; data/rbldnsd-0.999~20180516/rbldnsd_generic.c:113:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dp+1, s, dsiz); data/rbldnsd-0.999~20180516/rbldnsd_generic.c:134:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(e->data, data, dsiz); data/rbldnsd-0.999~20180516/rbldnsd_generic.c:315:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char dn[DNS_MAXDN]; data/rbldnsd-0.999~20180516/rbldnsd_generic.c:316:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DNS_MAXDOMAIN+1]; data/rbldnsd-0.999~20180516/rbldnsd_generic.c:324:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dn, ldn + 1, ldn[0]); data/rbldnsd-0.999~20180516/rbldnsd_ip6trie.c:161:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr, prefix, nb); data/rbldnsd-0.999~20180516/rbldnsd_ip6trie.c:190:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctx->prev_addr, addr, IP6ADDR_FULL); data/rbldnsd-0.999~20180516/rbldnsd_ip6tset.c:90:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(dsd->e[dsd->e_cnt++]), addr, sizeof(*dsd->e)); data/rbldnsd-0.999~20180516/rbldnsd_ip6tset.c:104:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(dsd->a[dsd->a_cnt++]), addr, sizeof(*dsd->a)); data/rbldnsd-0.999~20180516/rbldnsd_packet.c:195:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static int dntoip6addr(const unsigned char *q, ip6oct_t ap[IP6ADDR_FULL]) { data/rbldnsd-0.999~20180516/rbldnsd_packet.c:412:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char subst[IPSIZE]; data/rbldnsd-0.999~20180516/rbldnsd_packet.c:562:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cpos, dn, *dn + 1); data/rbldnsd-0.999~20180516/rbldnsd_packet.c:598:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pkt->p_cur, data, dsize); data/rbldnsd-0.999~20180516/rbldnsd_packet.c:610:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[CACHEBUF_SIZE]; data/rbldnsd-0.999~20180516/rbldnsd_packet.c:619:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[CACHEBUF_SIZE]; data/rbldnsd-0.999~20180516/rbldnsd_packet.c:625:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DNS_MAXDOMAIN]; data/rbldnsd-0.999~20180516/rbldnsd_packet.c:666:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cpos, dssoa->dssoa_n, 16); cpos += 16; data/rbldnsd-0.999~20180516/rbldnsd_packet.c:689:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (auth) memcpy(c + zsoa->ttloff, zsoa->minttl, 4); data/rbldnsd-0.999~20180516/rbldnsd_packet.c:699:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char dnbuf[DNS_MAXDN], *dp; data/rbldnsd-0.999~20180516/rbldnsd_packet.c:700:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char *dnlptr[DNS_MAXLABELS]; data/rbldnsd-0.999~20180516/rbldnsd_packet.c:724:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DNS_MAXDOMAIN]; data/rbldnsd-0.999~20180516/rbldnsd_packet.c:739:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char *nsdna[MAX_NS]; data/rbldnsd-0.999~20180516/rbldnsd_packet.c:741:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char *nsrrs[MAX_NS], *nsrre[MAX_NS]; data/rbldnsd-0.999~20180516/rbldnsd_packet.c:773:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zone->z_nsdna, nsdna, nns * sizeof(nsdna[0])); data/rbldnsd-0.999~20180516/rbldnsd_packet.c:808:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cpos, dn, size); data/rbldnsd-0.999~20180516/rbldnsd_packet.c:900:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rrTTL(c), ttlnb, 4); data/rbldnsd-0.999~20180516/rbldnsd_packet.c:931:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(c, data, dsz); data/rbldnsd-0.999~20180516/rbldnsd_packet.c:943:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sb[TXTBUFSIZ+1]; data/rbldnsd-0.999~20180516/rbldnsd_packet.c:972:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(c, show_version, dsz); data/rbldnsd-0.999~20180516/rbldnsd_packet.c:979:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cbuf[DNS_MAXDOMAIN + IPSIZE + 50]; data/rbldnsd-0.999~20180516/rbldnsd_packet.c:983:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. cp += sprintf(cp, "%lu ", (unsigned long)time(NULL)); data/rbldnsd-0.999~20180516/rbldnsd_util.c:39:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *parse_uint32_nb(char *s, unsigned char nb[4]) { data/rbldnsd-0.999~20180516/rbldnsd_util.c:39:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *parse_uint32_nb(char *s, unsigned char nb[4]) { data/rbldnsd-0.999~20180516/rbldnsd_util.c:39:41: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *parse_uint32_nb(char *s, unsigned char nb[4]) { data/rbldnsd-0.999~20180516/rbldnsd_util.c:67:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *parse_time_nb(char *s, unsigned char nb[4]) { data/rbldnsd-0.999~20180516/rbldnsd_util.c:67:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *parse_time_nb(char *s, unsigned char nb[4]) { data/rbldnsd-0.999~20180516/rbldnsd_util.c:67:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *parse_time_nb(char *s, unsigned char nb[4]) { data/rbldnsd-0.999~20180516/rbldnsd_util.c:85:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char mday[12] = { data/rbldnsd-0.999~20180516/rbldnsd_util.c:165:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char rrbuf[4+256]; /*XXX static buffer */ data/rbldnsd-0.999~20180516/rbldnsd_util.c:190:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rr+4, def_rr+4, tlen+1); data/rbldnsd-0.999~20180516/rbldnsd_util.c:197:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rr, def_rr, 4); data/rbldnsd-0.999~20180516/rbldnsd_util.c:213:34: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned unpack32(const unsigned char p[4]) { data/rbldnsd-0.999~20180516/rbldnsd_util.c:239:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int txtsubst(char sb[TXTBUFSIZ], const char *txt, data/rbldnsd-0.999~20180516/rbldnsd_util.c:261:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lp, txt, sl); data/rbldnsd-0.999~20180516/rbldnsd_util.c:280:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lp, si, sl); data/rbldnsd-0.999~20180516/rbldnsd_util.c:292:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[sizeof("255.255.254.255")]; data/rbldnsd-0.999~20180516/rbldnsd_util.c:293:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name, "%u.%u.%u.%u", a&255, (a>>8)&255, (a>>16)&255, (a>>24)); data/rbldnsd-0.999~20180516/rbldnsd_util.c:300:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[16]; data/rbldnsd-0.999~20180516/rbldnsd_util.c:301:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * const fmt[4] = { data/rbldnsd-0.999~20180516/rbldnsd_util.c:362:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char name[IP6ADDR_FULL * 4 + 2] = "*"; data/rbldnsd-0.999~20180516/rbldnsd_util.c:405:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr, beg, IP6ADDR_FULL); data/rbldnsd-0.999~20180516/rbldnsd_util.c:445:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sb[TXTBUFSIZ]; data/rbldnsd-0.999~20180516/rbldnsd_util.c:487:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b, buf, len); data/rbldnsd-0.999~20180516/rbldnsd_util.c:522:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/rbldnsd-0.999~20180516/rbldnsd_util.c:592:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/rbldnsd-0.999~20180516/rbldnsd_util.c:604:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/rbldnsd-0.999~20180516/rbldnsd_util.c:605:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DNS_MAXDOMAIN+1]; data/rbldnsd-0.999~20180516/rbldnsd_zones.c:87:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zone->z_dn, dn, dnlen); data/rbldnsd-0.999~20180516/rbldnsd_zones.c:120:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DNS_MAXDOMAIN]; data/rbldnsd-0.999~20180516/rbldnsd_zones.c:121:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char dn[DNS_MAXDN]; data/rbldnsd-0.999~20180516/rbldnsd_zones.c:129:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(name, spec, p - spec); data/rbldnsd-0.999~20180516/rbldnsd_zones.c:169:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char odn[DNS_MAXDN], pdn[DNS_MAXDN]; data/rbldnsd-0.999~20180516/rbldnsd_zones.c:199:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char dn[DNS_MAXDN]; data/rbldnsd-0.999~20180516/rbldnsd_zones.c:225:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dsns->dsns_dn, dn, dnlen); data/rbldnsd-0.999~20180516/rbldnsd_zones.c:390:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(dsf->dsf_name, O_RDONLY); data/rbldnsd-0.999~20180516/rbldnsd_zones.c:475:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DNS_MAXDOMAIN+1]; data/rbldnsd-0.999~20180516/istream.c:133:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return read((int)(long)sp->cookie, buf, szhint); data/rbldnsd-0.999~20180516/mempool.c:123:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return (char*)mp_memdup(mp, str, strlen(str) + 1); data/rbldnsd-0.999~20180516/mempool.c:139:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return (const char*)mp_dmemdup(mp, str, strlen(str) + 1); data/rbldnsd-0.999~20180516/rbldnsd.c:469:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( !strncmp(facility_names[t].name, facility, strlen(facility_names[t].name)+1) ) { data/rbldnsd-0.999~20180516/rbldnsd.c:691:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). chroot_socket = emalloc(strlen(rootdir) + strlen("/systemd_notify") + 1); data/rbldnsd-0.999~20180516/rbldnsd.c:691:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). chroot_socket = emalloc(strlen(rootdir) + strlen("/systemd_notify") + 1); data/rbldnsd-0.999~20180516/rbldnsd.c:728:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(pfd[0], &c, 1) < 1) exit(1); data/rbldnsd-0.999~20180516/rbldnsd.c:1008:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(fd, &z->z_stats, sizeof(z->z_stats)) <= 0) data/rbldnsd-0.999~20180516/rbldnsd_combined.c:153:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) > 20) name[20] = '\0'; data/rbldnsd-0.999~20180516/rbldnsd_generic.c:105:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dsiz = strlen(s); data/rbldnsd-0.999~20180516/rbldnsd_generic.c:329:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(name, "@"); data/rbldnsd-0.999~20180516/rbldnsd_packet.c:969:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dsz = strlen(show_version) + 1; data/rbldnsd-0.999~20180516/rbldnsd_packet.c:988:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp += strlen(cp); data/rbldnsd-0.999~20180516/rbldnsd_packet.c:993:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp += strlen(cp); data/rbldnsd-0.999~20180516/rbldnsd_util.c:187:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned tlen = strlen(def_rr+4); /* tlen is <= 255 */ data/rbldnsd-0.999~20180516/rbldnsd_util.c:200:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned len = strlen(str); data/rbldnsd-0.999~20180516/rbldnsd_util.c:257:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s = (char*)txt + strlen(txt); data/rbldnsd-0.999~20180516/rbldnsd_util.c:268:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else sl = strlen(si); data/rbldnsd-0.999~20180516/rbldnsd_util.c:273:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sl = strlen(si); data/rbldnsd-0.999~20180516/rbldnsd_util.c:277:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sl = strlen(si = s0); data/rbldnsd-0.999~20180516/rbldnsd_util.c:492:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return ememdup(str, strlen(str) + 1); ANALYSIS SUMMARY: Hits = 180 Lines analyzed = 10947 in approximately 0.33 seconds (32906 lines/second) Physical Source Lines of Code (SLOC) = 8347 Hits@level = [0] 69 [1] 21 [2] 144 [3] 5 [4] 10 [5] 0 Hits@level+ = [0+] 249 [1+] 180 [2+] 159 [3+] 15 [4+] 10 [5+] 0 Hits/KSLOC@level+ = [0+] 29.8311 [1+] 21.5646 [2+] 19.0488 [3+] 1.79705 [4+] 1.19804 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.