Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/sipsak-0.9.7/src/auth.c
Examining data/sipsak-0.9.7/src/auth.h
Examining data/sipsak-0.9.7/src/exit_code.c
Examining data/sipsak-0.9.7/src/exit_code.h
Examining data/sipsak-0.9.7/src/header_f.c
Examining data/sipsak-0.9.7/src/header_f.h
Examining data/sipsak-0.9.7/src/helper.c
Examining data/sipsak-0.9.7/src/helper.h
Examining data/sipsak-0.9.7/src/md5.c
Examining data/sipsak-0.9.7/src/md5.h
Examining data/sipsak-0.9.7/src/md5global.h
Examining data/sipsak-0.9.7/src/request.c
Examining data/sipsak-0.9.7/src/request.h
Examining data/sipsak-0.9.7/src/shoot.c
Examining data/sipsak-0.9.7/src/shoot.h
Examining data/sipsak-0.9.7/src/sipsak.c
Examining data/sipsak-0.9.7/src/sipsak.h
Examining data/sipsak-0.9.7/src/transport.c
Examining data/sipsak-0.9.7/src/transport.h
Examining data/sipsak-0.9.7/tests/check_helper.c
Examining data/sipsak-0.9.7/tests/check_md5.c
FINAL RESULTS:
data/sipsak-0.9.7/src/auth.c:165:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(insert, PROXYAUZ_STR_LEN+1, PROXYAUZ_STR);
data/sipsak-0.9.7/src/auth.c:169:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(insert, AUTH_STR_LEN+1, AUTH_STR);
data/sipsak-0.9.7/src/auth.c:176:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(insert, ALGO_STR_LEN+1, ALGO_STR);
data/sipsak-0.9.7/src/auth.c:179:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(insert, MD5_STR_LEN+1, MD5_STR);
data/sipsak-0.9.7/src/auth.c:184:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(insert, SHA1_STR_LEN+1, SHA1_STR);
data/sipsak-0.9.7/src/auth.c:188:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(insert, SHA256_STR_LEN+1, SHA256_STR);
data/sipsak-0.9.7/src/auth.c:378:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(insert, RESPONSE_STR_LEN+1, RESPONSE_STR);
data/sipsak-0.9.7/src/header_f.c:119:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(backup, middle_via);
data/sipsak-0.9.7/src/header_f.c:121:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(middle_via+(last_via-first_via+1), backup);
data/sipsak-0.9.7/src/header_f.c:152:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(backup, tmp);
data/sipsak-0.9.7/src/header_f.c:155:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst_to+(tmp-src_to+1), backup);
data/sipsak-0.9.7/src/helper.c:207:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ca_tmpname, name);
data/sipsak-0.9.7/src/helper.c:341:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(srvh + strlen(srv) + 1, host);
data/sipsak-0.9.7/src/helper.c:603:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(backup, insert+strlen(search));
data/sipsak-0.9.7/src/helper.c:604:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(insert, replacement);
data/sipsak-0.9.7/src/helper.c:605:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(insert+strlen(replacement), backup);
data/sipsak-0.9.7/src/helper.c:648:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(repl, "$%s$", atr);
data/sipsak-0.9.7/src/helper.c:667:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(backup, lf+1);
data/sipsak-0.9.7/src/helper.c:669:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lf+2, backup);
data/sipsak-0.9.7/src/helper.c:688:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, fst);
data/sipsak-0.9.7/src/helper.c:689:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fst, snd);
data/sipsak-0.9.7/src/helper.c:690:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(snd, tmp);
data/sipsak-0.9.7/src/helper.c:865:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/sipsak-0.9.7/src/request.c:47:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff,
data/sipsak-0.9.7/src/request.c:66:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff, "%s%i\r\n"
data/sipsak-0.9.7/src/request.c:72:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff, "%s%i\r\n"
data/sipsak-0.9.7/src/request.c:78:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff, "%s%s\r\n\r\n", TRANSPORT_PARAMETER_STR,
data/sipsak-0.9.7/src/request.c:89:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff,
data/sipsak-0.9.7/src/request.c:115:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff, "%s%s\r\n\r\n", TRANSPORT_PARAMETER_STR,
data/sipsak-0.9.7/src/request.c:121:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff,
data/sipsak-0.9.7/src/request.c:142:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff,
data/sipsak-0.9.7/src/request.c:148:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff,
data/sipsak-0.9.7/src/request.c:154:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(repl_buff,
data/sipsak-0.9.7/src/request.c:174:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff,
data/sipsak-0.9.7/src/request.c:191:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff,
data/sipsak-0.9.7/src/request.c:196:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff,
data/sipsak-0.9.7/src/request.c:207:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff, "%s%u\r\n", CON_LEN_STR, len);
data/sipsak-0.9.7/src/request.c:210:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff, "%s%s\r\n", CON_DIS_STR, con_dis);
data/sipsak-0.9.7/src/request.c:216:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff,
data/sipsak-0.9.7/src/request.c:221:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff, "%s%s", SIPSAK_MES_STR, username);
data/sipsak-0.9.7/src/request.c:226:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(repl_buff,
data/sipsak-0.9.7/src/request.c:244:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff,
data/sipsak-0.9.7/src/request.c:269:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff,
data/sipsak-0.9.7/src/request.c:293:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req_buff,
data/sipsak-0.9.7/src/shoot.c:89:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(target, "%s%i@", username, number);
data/sipsak-0.9.7/src/shoot.c:92:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(target, "%s@", username);
data/sipsak-0.9.7/src/shoot.c:440:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ruri, "%s sip:%s", INV_STR, usern);
data/sipsak-0.9.7/src/shoot.c:502:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ruri, "%s sip:sipsak_conf@", ACK_STR);
data/sipsak-0.9.7/src/shoot.c:585:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ruri, "%s sip:%s", MES_STR, usern);
data/sipsak-0.9.7/src/sipsak.c:123:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(" --local-port=PORT the local port to use (default: any)\n"
data/sipsak-0.9.7/src/sipsak.c:865:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(backup, headers);
data/sipsak-0.9.7/src/sipsak.c:364:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c=getopt_long(argc, argv, "a:A:b:B:c:C:dD:e:E:f:Fg:GhH:iIj:J:k:K:l:Lm:MnNo:O:p:P:q:r:Rs:St:Tu:UvVwW:x:z:Z:", l_opts, &option_index)) != EOF){
data/sipsak-0.9.7/src/sipsak.c:366:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c=getopt(argc, argv, "a:A:b:B:c:C:dD:e:E:f:Fg:GhH:iIj:J:k:K:l:Lm:MnNo:O:p:P:q:r:Rs:St:Tu:UvVwW:x:z:Z:")) != EOF){
data/sipsak-0.9.7/src/sipsak.c:1056:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0) ^ (getpid() + (getpid() << 15)));
data/sipsak-0.9.7/src/auth.c:61:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ha1[SIPSAK_HASHLEN], ha2[SIPSAK_HASHLEN], resp[SIPSAK_HASHLEN];
data/sipsak-0.9.7/src/auth.c:62:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ha1_hex[SIPSAK_HASHHEXLEN+1], ha2_hex[SIPSAK_HASHHEXLEN+1], resp_hex[SIPSAK_HASHHEXLEN+1];
data/sipsak-0.9.7/src/header_f.c:369:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, invite, len);
data/sipsak-0.9.7/src/header_f.c:579:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp,contact,strlen(contact));
data/sipsak-0.9.7/src/helper.c:229:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr, aptr, sizeof(struct in_addr));
data/sipsak-0.9.7/src/helper.c:340:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(srvh + strlen(srv), ".", 1);
data/sipsak-0.9.7/src/helper.c:514:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hname[100], dname[100], hlp[18];
data/sipsak-0.9.7/src/helper.c:677:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(lf, "\r\n");
data/sipsak-0.9.7/src/helper.c:761:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(backup, num, len + 1);
data/sipsak-0.9.7/src/helper.c:796:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ret = atoi(start);
data/sipsak-0.9.7/src/md5.c:72:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char PADDING[64] = {
data/sipsak-0.9.7/src/md5.c:175:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[16]; /* message digest */
data/sipsak-0.9.7/src/md5.c:178:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bits[8];
data/sipsak-0.9.7/src/md5.c:205:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char block[64];
data/sipsak-0.9.7/src/md5.c:341:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( output, input, len );
data/sipsak-0.9.7/src/md5.c:356:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)output)[i] = (char)value;
data/sipsak-0.9.7/src/md5.h:54:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[64]; /* input buffer */
data/sipsak-0.9.7/src/request.c:81:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(req_buff, "\r\n\r\n");
data/sipsak-0.9.7/src/request.c:84:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(req_buff, "\r\n");
data/sipsak-0.9.7/src/request.c:112:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(req_buff, "\r\n\r\n");
data/sipsak-0.9.7/src/request.c:213:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(req_buff, "\r\n");
data/sipsak-0.9.7/src/shoot.c:339:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ruri[11+12+20]; //FIXME: username length 20 should be dynamic
data/sipsak-0.9.7/src/shoot.c:807:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE], buf3[BUFSIZE], lport_str[LPORT_STR_LEN];
data/sipsak-0.9.7/src/shoot.c:863:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(lport_str, "%i", lport);
data/sipsak-0.9.7/src/shoot.c:1083:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(timers.firstsendt), &(timers.sendtime), sizeof(struct timeval));
data/sipsak-0.9.7/src/sipsak.c:253:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[BUFSIZE];
data/sipsak-0.9.7/src/sipsak.c:381:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pf = fopen(optarg, "rb");
data/sipsak-0.9.7/src/sipsak.c:395:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pf = fopen(optarg, "rb");
data/sipsak-0.9.7/src/sipsak.c:460:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(contact_uri, "*", 1);
data/sipsak-0.9.7/src/sipsak.c:526:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pf = fopen(optarg, "rb");
data/sipsak-0.9.7/src/sipsak.c:870:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(backup + 1, "\r\n");
data/sipsak-0.9.7/src/sipsak.h:335:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fqdn[FQDN_SIZE];
data/sipsak-0.9.7/src/sipsak.h:336:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target_dot[INET_ADDRSTRLEN], source_dot[INET_ADDRSTRLEN];
data/sipsak-0.9.7/src/transport.c:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/sipsak-0.9.7/src/transport.c:192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/sipsak-0.9.7/src/transport.c:356:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char printable[110];
data/sipsak-0.9.7/src/transport.c:367:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(print, "%.2x ", _bin[i]);
data/sipsak-0.9.7/src/transport.c:375:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial[40];
data/sipsak-0.9.7/src/transport.c:376:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dn[128];
data/sipsak-0.9.7/src/transport.c:788:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(srt->firstsendt), &(srt->sendtime), sizeof(struct timeval));
data/sipsak-0.9.7/src/transport.c:791:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(srt->starttime), &(srt->sendtime), sizeof(struct timeval));
data/sipsak-0.9.7/src/transport.c:862:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(srt->delaytime), &(srt->sendtime), sizeof(struct timeval));
data/sipsak-0.9.7/tests/check_helper.c:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ta[15];
data/sipsak-0.9.7/tests/check_helper.c:121:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ta, "test", 4);
data/sipsak-0.9.7/tests/check_helper.c:126:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ta, "test\n", 5);
data/sipsak-0.9.7/tests/check_helper.c:131:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ta, "foo\nbar\n", 8);
data/sipsak-0.9.7/tests/check_md5.c:12:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char md5hex_buf[33]; /* NULed by initialization */
data/sipsak-0.9.7/tests/check_md5.c:13:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *md5hex(char res[16]) {
data/sipsak-0.9.7/tests/check_md5.c:13:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *md5hex(char res[16]) {
data/sipsak-0.9.7/tests/check_md5.c:16:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(md5hex_buf + 2 * i, "%02hhx", res[i]);
data/sipsak-0.9.7/tests/check_md5.c:23:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res[16];
data/sipsak-0.9.7/tests/check_md5.c:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res[16];
data/sipsak-0.9.7/src/auth.c:95:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc(strlen(insert)+1);
data/sipsak-0.9.7/src/auth.c:96:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup, insert, strlen(insert));
data/sipsak-0.9.7/src/auth.c:96:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(backup, insert, strlen(insert));
data/sipsak-0.9.7/src/auth.c:108:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(auth, begin, (size_t)(end-begin));
data/sipsak-0.9.7/src/auth.c:146:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
usern=str_alloc(strlen(username)+11);
data/sipsak-0.9.7/src/auth.c:148:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(usern, strlen(username)+10, "%s%i", username, namebeg);
data/sipsak-0.9.7/src/auth.c:150:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(usern, strlen(username)+10, "%s", username);
data/sipsak-0.9.7/src/auth.c:155:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(method, message, (size_t)(end-message));
data/sipsak-0.9.7/src/auth.c:161:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(uri, begin, (size_t)(end-begin));
data/sipsak-0.9.7/src/auth.c:172:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(insert, strlen(usern)+14, "username=\"%s\", ", usern);
data/sipsak-0.9.7/src/auth.c:173:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
insert+=strlen(insert);
data/sipsak-0.9.7/src/auth.c:174:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(insert, strlen(uri)+9, "uri=\"%s\", ", uri);
data/sipsak-0.9.7/src/auth.c:175:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
insert+=strlen(insert);
data/sipsak-0.9.7/src/auth.c:197:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(insert, begin, (size_t)(end-begin+1));
data/sipsak-0.9.7/src/auth.c:206:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(realm, begin, (size_t)(end-begin));
data/sipsak-0.9.7/src/auth.c:218:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(insert, begin, (size_t)(end-begin+1));
data/sipsak-0.9.7/src/auth.c:239:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(insert, begin, (size_t)(end-begin+1));
data/sipsak-0.9.7/src/auth.c:248:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nonce, begin, (size_t)(end-begin));
data/sipsak-0.9.7/src/auth.c:258:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
insert+=strlen(insert);
data/sipsak-0.9.7/src/auth.c:261:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
insert+=strlen(insert);
data/sipsak-0.9.7/src/auth.c:264:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
insert+=strlen(insert);
data/sipsak-0.9.7/src/auth.c:275:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)&ha1_hex[0], authhash, SIPSAK_HASHHEXLEN_MD5);
data/sipsak-0.9.7/src/auth.c:279:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5Update(&Md5Ctx, usern, (unsigned int)strlen(usern));
data/sipsak-0.9.7/src/auth.c:281:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5Update(&Md5Ctx, realm, (unsigned int)strlen(realm));
data/sipsak-0.9.7/src/auth.c:283:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5Update(&Md5Ctx, password, (unsigned int)strlen(password));
data/sipsak-0.9.7/src/auth.c:289:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5Update(&Md5Ctx, method, (unsigned int)strlen(method));
data/sipsak-0.9.7/src/auth.c:291:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5Update(&Md5Ctx, uri, (unsigned int)strlen(uri));
data/sipsak-0.9.7/src/auth.c:298:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5Update(&Md5Ctx, nonce, (unsigned int)strlen(nonce));
data/sipsak-0.9.7/src/auth.c:301:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5Update(&Md5Ctx, qop_tmp, (unsigned int)strlen(qop_tmp));
data/sipsak-0.9.7/src/auth.c:310:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)&ha1_hex[0], authhash, SIPSAK_HASHHEXLEN_SHA1);
data/sipsak-0.9.7/src/auth.c:314:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA1_Update(&Sha1Ctx, usern, (unsigned int)strlen(usern));
data/sipsak-0.9.7/src/auth.c:316:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA1_Update(&Sha1Ctx, realm, (unsigned int)strlen(realm));
data/sipsak-0.9.7/src/auth.c:318:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA1_Update(&Sha1Ctx, password, (unsigned int)strlen(password));
data/sipsak-0.9.7/src/auth.c:324:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA1_Update(&Sha1Ctx, method, (unsigned int)strlen(method));
data/sipsak-0.9.7/src/auth.c:326:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA1_Update(&Sha1Ctx, uri, (unsigned int)strlen(uri));
data/sipsak-0.9.7/src/auth.c:333:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA1_Update(&Sha1Ctx, nonce, (unsigned int)strlen(nonce));
data/sipsak-0.9.7/src/auth.c:336:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA1_Update(&Sha1Ctx, qop_tmp, (unsigned int)strlen(qop_tmp));
data/sipsak-0.9.7/src/auth.c:344:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char*)&ha1_hex[0], authhash, SIPSAK_HASHHEXLEN_SHA256);
data/sipsak-0.9.7/src/auth.c:348:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA256_Update(&Sha256Ctx, usern, (unsigned int)strlen(usern));
data/sipsak-0.9.7/src/auth.c:350:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA256_Update(&Sha256Ctx, realm, (unsigned int)strlen(realm));
data/sipsak-0.9.7/src/auth.c:352:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA256_Update(&Sha256Ctx, password, (unsigned int)strlen(password));
data/sipsak-0.9.7/src/auth.c:358:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA256_Update(&Sha256Ctx, method, (unsigned int)strlen(method));
data/sipsak-0.9.7/src/auth.c:360:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA256_Update(&Sha256Ctx, uri, (unsigned int)strlen(uri));
data/sipsak-0.9.7/src/auth.c:367:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA256_Update(&Sha256Ctx, nonce, (unsigned int)strlen(nonce));
data/sipsak-0.9.7/src/auth.c:370:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SHA256_Update(&Sha256Ctx, qop_tmp, (unsigned int)strlen(qop_tmp));
data/sipsak-0.9.7/src/auth.c:381:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
insert+=strlen(insert);
data/sipsak-0.9.7/src/auth.c:383:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(insert, backup, strlen(backup));
data/sipsak-0.9.7/src/auth.c:383:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(insert, backup, strlen(backup));
data/sipsak-0.9.7/src/header_f.c:41:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup = str_alloc(strlen(ins) + 1);
data/sipsak-0.9.7/src/header_f.c:42:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup, ins, strlen(ins));
data/sipsak-0.9.7/src/header_f.c:42:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(backup, ins, strlen(ins));
data/sipsak-0.9.7/src/header_f.c:43:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ins, header, strlen(header));
data/sipsak-0.9.7/src/header_f.c:43:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(ins, header, strlen(header));
data/sipsak-0.9.7/src/header_f.c:44:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ins + strlen(header), backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:44:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(ins + strlen(header), backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:44:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(ins + strlen(header), backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:69:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(fqdn)+15+30+1);
data/sipsak-0.9.7/src/header_f.c:71:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
VIA_SIP_STR_LEN+TRANSPORT_STR_LEN+1+strlen(fqdn)+15+30,
data/sipsak-0.9.7/src/header_f.c:77:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mes)+strlen(via_line)>= BUFSIZE){
data/sipsak-0.9.7/src/header_f.c:77:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mes)+strlen(via_line)>= BUFSIZE){
data/sipsak-0.9.7/src/header_f.c:82:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc((strlen(via)+1));
data/sipsak-0.9.7/src/header_f.c:83:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup, via, strlen(via));
data/sipsak-0.9.7/src/header_f.c:83:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(backup, via, strlen(via));
data/sipsak-0.9.7/src/header_f.c:84:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(via, via_line, strlen(via_line));
data/sipsak-0.9.7/src/header_f.c:84:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(via, via_line, strlen(via_line));
data/sipsak-0.9.7/src/header_f.c:85:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(via+strlen(via_line), backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:85:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(via+strlen(via_line), backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:85:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(via+strlen(via_line), backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:118:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc(strlen(middle_via)+1);
data/sipsak-0.9.7/src/header_f.c:120:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(middle_via, first_via, (size_t)(last_via-first_via+1));
data/sipsak-0.9.7/src/header_f.c:151:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc(strlen(tmp)+1);
data/sipsak-0.9.7/src/header_f.c:154:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dst_to, src_to, (size_t)(tmp-src_to+1));
data/sipsak-0.9.7/src/header_f.c:176:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc(strlen(max)+1);
data/sipsak-0.9.7/src/header_f.c:177:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup, max, (size_t)(strlen(max)));
data/sipsak-0.9.7/src/header_f.c:177:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(backup, max, (size_t)(strlen(max)));
data/sipsak-0.9.7/src/header_f.c:187:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(max, backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:187:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(max, backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:198:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc(strlen(crlfi)+1);
data/sipsak-0.9.7/src/header_f.c:199:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup, crlfi, strlen(crlfi));
data/sipsak-0.9.7/src/header_f.c:199:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(backup, crlfi, strlen(crlfi));
data/sipsak-0.9.7/src/header_f.c:211:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(crlfi, backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:211:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(crlfi, backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:231:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc(strlen(foo)+1);
data/sipsak-0.9.7/src/header_f.c:232:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup, foo, strlen(foo));
data/sipsak-0.9.7/src/header_f.c:232:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(backup, foo, strlen(foo));
data/sipsak-0.9.7/src/header_f.c:234:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(foo, uri, strlen(uri));
data/sipsak-0.9.7/src/header_f.c:234:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(foo, uri, strlen(uri));
data/sipsak-0.9.7/src/header_f.c:235:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(foo+strlen(uri), SIP20_STR, SIP20_STR_LEN);
data/sipsak-0.9.7/src/header_f.c:235:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(foo+strlen(uri), SIP20_STR, SIP20_STR_LEN);
data/sipsak-0.9.7/src/header_f.c:236:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(foo+strlen(uri)+SIP20_STR_LEN, backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:236:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(foo+strlen(uri)+SIP20_STR_LEN, backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:236:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(foo+strlen(uri)+SIP20_STR_LEN, backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:256:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc(strlen(cr)+1);
data/sipsak-0.9.7/src/header_f.c:257:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup, cr, strlen(cr));
data/sipsak-0.9.7/src/header_f.c:257:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(backup, cr, strlen(cr));
data/sipsak-0.9.7/src/header_f.c:265:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cr, backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:265:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(cr, backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:326:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc(strlen(cr)+1);
data/sipsak-0.9.7/src/header_f.c:327:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup, cr, strlen(cr));
data/sipsak-0.9.7/src/header_f.c:327:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(backup, cr, strlen(cr));
data/sipsak-0.9.7/src/header_f.c:334:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cr, RR_STR, RR_STR_LEN);
data/sipsak-0.9.7/src/header_f.c:337:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cr, ROUTE_STR, ROUTE_STR_LEN);
data/sipsak-0.9.7/src/header_f.c:345:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cr, rr + RR_STR_LEN, (cr2 - (rr + len) + 1));
data/sipsak-0.9.7/src/header_f.c:349:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cr, backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:349:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(cr, backup, strlen(backup)+1);
data/sipsak-0.9.7/src/header_f.c:367:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(invite);
data/sipsak-0.9.7/src/header_f.c:407:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
server=strncpy(server, warning, (size_t)(srvsize - 1));
data/sipsak-0.9.7/src/header_f.c:454:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc(strlen(eol)+1);
data/sipsak-0.9.7/src/header_f.c:455:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup, eol, (size_t)(strlen(eol)));
data/sipsak-0.9.7/src/header_f.c:455:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(backup, eol, (size_t)(strlen(eol)));
data/sipsak-0.9.7/src/header_f.c:457:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cs_s+=strlen(cs_s);
data/sipsak-0.9.7/src/header_f.c:458:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cs_s, backup, strlen(backup));
data/sipsak-0.9.7/src/header_f.c:458:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(cs_s, backup, strlen(backup));
data/sipsak-0.9.7/src/header_f.c:470:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc(strlen(eol)+1);
data/sipsak-0.9.7/src/header_f.c:471:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup, eol, (size_t)(strlen(eol)));
data/sipsak-0.9.7/src/header_f.c:471:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(backup, eol, (size_t)(strlen(eol)));
data/sipsak-0.9.7/src/header_f.c:473:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cs_s+=strlen(cs_s);
data/sipsak-0.9.7/src/header_f.c:474:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cs_s, backup, strlen(backup));
data/sipsak-0.9.7/src/header_f.c:474:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(cs_s, backup, strlen(backup));
data/sipsak-0.9.7/src/header_f.c:560:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = contact + strlen(contact);
data/sipsak-0.9.7/src/header_f.c:578:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = str_alloc(strlen(contact)+1);
data/sipsak-0.9.7/src/header_f.c:579:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(tmp,contact,strlen(contact));
data/sipsak-0.9.7/src/helper.c:112:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(host) == 0) {
data/sipsak-0.9.7/src/helper.c:201:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(STRNCASECMP(ca_tmpname, name, strlen(ca_tmpname)) == 0)) {
data/sipsak-0.9.7/src/helper.c:202:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ca_tmpname = malloc(strlen(name) + 1);
data/sipsak-0.9.7/src/helper.c:228:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dlen == 4 && STRNCASECMP(ca_tmpname, name, strlen(ca_tmpname)) == 0) {
data/sipsak-0.9.7/src/helper.c:332:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
srvh_len = strlen(host) + strlen(srv) + 2;
data/sipsak-0.9.7/src/helper.c:332:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
srvh_len = strlen(host) + strlen(srv) + 2;
data/sipsak-0.9.7/src/helper.c:339:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(srvh, srv, strlen(srv));
data/sipsak-0.9.7/src/helper.c:339:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(srvh, srv, strlen(srv));
data/sipsak-0.9.7/src/helper.c:340:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(srvh + strlen(srv), ".", 1);
data/sipsak-0.9.7/src/helper.c:341:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(srvh + strlen(srv) + 1, host);
data/sipsak-0.9.7/src/helper.c:524:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fqdn, hostname, FQDN_SIZE-1);
data/sipsak-0.9.7/src/helper.c:525:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(hname, hostname, sizeof(hname)-1);
data/sipsak-0.9.7/src/helper.c:529:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(hname, un.nodename, sizeof(hname)-1);
data/sipsak-0.9.7/src/helper.c:548:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fqdn, hname, FQDN_SIZE-1);
data/sipsak-0.9.7/src/helper.c:558:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fqdn, hlp, FQDN_SIZE-1);
data/sipsak-0.9.7/src/helper.c:562:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fqdn, he->h_name, FQDN_SIZE-1);
data/sipsak-0.9.7/src/helper.c:565:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fqdn, hname, FQDN_SIZE-1);
data/sipsak-0.9.7/src/helper.c:577:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fqdn, hostname, FQDN_SIZE-1);
data/sipsak-0.9.7/src/helper.c:602:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc(strlen(insert)+1);
data/sipsak-0.9.7/src/helper.c:603:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(backup, insert+strlen(search));
data/sipsak-0.9.7/src/helper.c:605:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(insert+strlen(replacement), backup);
data/sipsak-0.9.7/src/helper.c:621:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(isalnum(*(strings + strlen(strings) - 1)) != 0)) {
data/sipsak-0.9.7/src/helper.c:627:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = strings + strlen(strings);
data/sipsak-0.9.7/src/helper.c:643:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
repl = str_alloc(strlen(val) + 3);
data/sipsak-0.9.7/src/helper.c:666:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc(strlen(lf)+2);
data/sipsak-0.9.7/src/helper.c:676:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lf = mes + strlen(mes);
data/sipsak-0.9.7/src/helper.c:687:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = str_alloc(strlen(fst)+1);
data/sipsak-0.9.7/src/helper.c:709:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r=(int)(t * (float)strlen(message));
data/sipsak-0.9.7/src/helper.c:731:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(number) == 0) {
data/sipsak-0.9.7/src/helper.c:748:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(num);
data/sipsak-0.9.7/src/helper.c:824:7: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
j = getchar();
data/sipsak-0.9.7/src/request.c:64:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req_buff += strlen(req_buff);
data/sipsak-0.9.7/src/request.c:76:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req_buff += strlen(req_buff);
data/sipsak-0.9.7/src/request.c:110:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req_buff += strlen(req_buff);
data/sipsak-0.9.7/src/request.c:140:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req_buff += strlen(req_buff);
data/sipsak-0.9.7/src/request.c:189:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req_buff += strlen(req_buff);
data/sipsak-0.9.7/src/request.c:200:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req_buff += strlen(req_buff);
data/sipsak-0.9.7/src/request.c:202:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(mes_body);
data/sipsak-0.9.7/src/request.c:205:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = SIPSAK_MES_STR_LEN + strlen(username);
data/sipsak-0.9.7/src/request.c:208:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req_buff += strlen(req_buff);
data/sipsak-0.9.7/src/request.c:211:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req_buff += strlen(req_buff);
data/sipsak-0.9.7/src/request.c:222:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req_buff += strlen(req_buff) - 1;
data/sipsak-0.9.7/src/shoot.c:441:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!STRNCASECMP(received, ruri, strlen(ruri))) {
data/sipsak-0.9.7/src/shoot.c:503:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (STRNCASECMP(received, ruri, strlen(ruri))==0) {
data/sipsak-0.9.7/src/shoot.c:586:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!STRNCASECMP(received, ruri, strlen(ruri))) {
data/sipsak-0.9.7/src/shoot.c:889:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
usern = str_alloc(strlen(username) + 12);
data/sipsak-0.9.7/src/shoot.c:893:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*(username + strlen(username) - 1) != '@') {
data/sipsak-0.9.7/src/shoot.c:894:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
usern = str_alloc(strlen(username) + 2);
data/sipsak-0.9.7/src/shoot.c:937:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nameend=(int)strlen(request);
data/sipsak-0.9.7/src/sipsak.c:408:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg) == 1 && STRNCASECMP(optarg, "-", 1) == 0) {
data/sipsak-0.9.7/src/sipsak.c:416:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
password=str_alloc(strlen(optarg) + 1);
data/sipsak-0.9.7/src/sipsak.c:417:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(password, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:417:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(password, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:427:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mes_body=str_alloc(strlen(optarg) + 1);
data/sipsak-0.9.7/src/sipsak.c:428:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mes_body, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:428:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(mes_body, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:431:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc(strlen(optarg)+1);
data/sipsak-0.9.7/src/sipsak.c:432:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:432:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(backup, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:447:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
from_uri=str_alloc(strlen(optarg)+1);
data/sipsak-0.9.7/src/sipsak.c:448:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(from_uri, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:448:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(from_uri, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:453:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(optarg) == 5 && STRNCASECMP(optarg, "empty", 5) == 0) ||
data/sipsak-0.9.7/src/sipsak.c:454:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(optarg) == 4 && STRNCASECMP(optarg, "none", 4) == 0)) {
data/sipsak-0.9.7/src/sipsak.c:457:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ((strlen(optarg) == 1 && STRNCASECMP(optarg, "*", 1) == 0) ||
data/sipsak-0.9.7/src/sipsak.c:458:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(optarg) == 4 && STRNCASECMP(optarg, "star", 4) == 0)) {
data/sipsak-0.9.7/src/sipsak.c:463:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup=str_alloc(strlen(optarg)+1);
data/sipsak-0.9.7/src/sipsak.c:464:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:464:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(backup, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:480:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
contact_uri=str_alloc(strlen(optarg)+1);
data/sipsak-0.9.7/src/sipsak.c:481:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(contact_uri, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:481:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(contact_uri, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:500:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg) == 3 &&
data/sipsak-0.9.7/src/sipsak.c:504:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(optarg) == 3 &&
data/sipsak-0.9.7/src/sipsak.c:509:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(optarg) == 3 &&
data/sipsak-0.9.7/src/sipsak.c:523:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg) != 1 && STRNCASECMP(optarg, "-", 1) != 0) {
data/sipsak-0.9.7/src/sipsak.c:540:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(optarg) == 1 && STRNCASECMP(optarg, "-", 1) == 0) {
data/sipsak-0.9.7/src/sipsak.c:573:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg) < SIPSAK_HASHHEXLEN_MD5) {
data/sipsak-0.9.7/src/sipsak.c:612:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg) == 4 && STRNCASECMP(optarg, "rand", 4) == 0) {
data/sipsak-0.9.7/src/sipsak.c:620:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
con_dis=str_alloc(strlen(optarg) + 1);
data/sipsak-0.9.7/src/sipsak.c:621:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(con_dis, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:621:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(con_dis, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:695:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg) == 4 && STRNCASECMP(optarg,"sips",4) == 0){
data/sipsak-0.9.7/src/sipsak.c:699:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(optarg) != 3 || STRNCASECMP(optarg,"sip",3) != 0){
data/sipsak-0.9.7/src/sipsak.c:738:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup = str_alloc(strlen(domainname)+1+6);
data/sipsak-0.9.7/src/sipsak.c:739:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(backup, strlen(domainname)+6, "%s:%i", domainname, port);
data/sipsak-0.9.7/src/sipsak.c:761:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auth_username=str_alloc(strlen(optarg) + 1);
data/sipsak-0.9.7/src/sipsak.c:762:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(auth_username, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:762:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(auth_username, optarg, strlen(optarg));
data/sipsak-0.9.7/src/sipsak.c:864:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup = str_alloc(strlen(headers) + 30); // FIXME
data/sipsak-0.9.7/src/sipsak.c:868:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
backup = headers + strlen(headers) - 1;
data/sipsak-0.9.7/src/transport.c:693:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sendto(cd->usock, mes, strlen(mes), 0, (struct sockaddr *) &(cd->adr), sizeof(struct sockaddr));
data/sipsak-0.9.7/src/transport.c:700:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = gnutls_record_send(tls_session, mes, strlen(mes));
data/sipsak-0.9.7/src/transport.c:708:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = send(cd->csock, mes, strlen(mes), 0);
ANALYSIS SUMMARY:
Hits = 322
Lines analyzed = 7220 in approximately 1.02 seconds (7070 lines/second)
Physical Source Lines of Code (SLOC) = 5925
Hits@level = [0] 436 [1] 216 [2] 52 [3] 3 [4] 51 [5] 0
Hits@level+ = [0+] 758 [1+] 322 [2+] 106 [3+] 54 [4+] 51 [5+] 0
Hits/KSLOC@level+ = [0+] 127.932 [1+] 54.346 [2+] 17.8903 [3+] 9.11392 [4+] 8.60759 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.