Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/uaputl-1.12/uaputl.h
Examining data/uaputl-1.12/uapcmd.c
Examining data/uaputl-1.12/uaputl.c
Examining data/uaputl-1.12/uapcmd.h
FINAL RESULTS:
data/uaputl-1.12/uapcmd.c:1534:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argv_rate[i], argv[j]);
data/uaputl-1.12/uapcmd.c:1552:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argv_mrate[0], argv[output[1][0] + 1]);
data/uaputl-1.12/uapcmd.c:1567:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argv_urate[0], argv[output[2][0] + 1]);
data/uaputl-1.12/uaputl.c:337:9: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(fmt, ap);
data/uaputl-1.12/uaputl.c:426:9: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
fscanf(fp, "%s", str);
data/uaputl-1.12/uaputl.c:428:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(domain_name, str);
data/uaputl-1.12/uaputl.c:458:9: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
fscanf(fp, "%s", str);
data/uaputl-1.12/uaputl.c:469:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, strtok(str, ", "));
data/uaputl-1.12/uaputl.c:2373:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(country_80211d, args[1]);
data/uaputl-1.12/uaputl.c:3597:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(country, argv[output[1][0] + 1]);
data/uaputl-1.12/uaputl.c:5516:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dev_name, DEFAULT_DEV_NAME);
data/uaputl-1.12/uapcmd.c:758:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:873:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:1011:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:1115:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:1220:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:1332:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:1509:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:1789:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:1901:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:2009:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:2107:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:2201:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:2330:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:2432:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:2537:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:2639:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:2743:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:2866:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:2986:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:3090:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:3195:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:3301:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:3441:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:3674:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:3856:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:3980:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:4084:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:4212:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:4357:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:4465:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:4627:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:611:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:783:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:995:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:1093:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:1191:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:1293:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:1420:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:1538:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:3383:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:3547:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:3755:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:3942:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:4031:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:4092:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:4208:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+", cmd_options, NULL)) != -1) {
data/uaputl-1.12/uaputl.c:5519:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "+hi:d:v", ap_options, NULL)) != -1) {
data/uaputl-1.12/uapcmd.c:941:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tlv->Ssid, argv[0], tlv->Length);
data/uaputl-1.12/uapcmd.c:966:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ssid, tlv->Ssid, tlv->Length);
data/uaputl-1.12/uapcmd.c:1053:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->BeaconPeriod_ms = (u16) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:1157:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->DtimPeriod = (u8) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:1264:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->ChanNumber = (u8) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:1267:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->BandConfigType = atoi(argv[1]) ? BAND_CONFIG_ACS_MODE : 0;
data/uaputl-1.12/uapcmd.c:1268:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->ChanNumber = (u8) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:1385:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pChanList->ChanNumber = (u8) atoi(argv[i]);
data/uaputl-1.12/uapcmd.c:1457:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parse_input(int argc, char **argv, int output[3][2])
data/uaputl-1.12/uapcmd.c:1460:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *keywords[3] = { "rates", "mbrate", "urate" };
data/uaputl-1.12/uapcmd.c:1493:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv_rate[14];
data/uaputl-1.12/uapcmd.c:1495:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv_mrate[1];
data/uaputl-1.12/uapcmd.c:1496:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv_urate[1];
data/uaputl-1.12/uapcmd.c:1533:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) malloc(sizeof(char) * (strlen(argv[j]) + 1));
data/uaputl-1.12/uapcmd.c:1551:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) malloc(sizeof(char) * (strlen(argv[j]) + 1));
data/uaputl-1.12/uapcmd.c:1566:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) malloc(sizeof(char) * (strlen(argv[j]) + 1));
data/uaputl-1.12/uapcmd.c:1947:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->TxPower_dBm = (u8) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:2049:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->BcastSsidCtl = (u8) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:2216:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) < 0) ||
data/uaputl-1.12/uapcmd.c:2217:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > 1)) {
data/uaputl-1.12/uapcmd.c:2225:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) < 0) ||
data/uaputl-1.12/uapcmd.c:2226:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > 1)) {
data/uaputl-1.12/uapcmd.c:2233:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[1]) == 0) || (atoi(argv[1]) < 0) ||
data/uaputl-1.12/uapcmd.c:2234:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[1]) > 1)) {
data/uaputl-1.12/uapcmd.c:2265:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->WhichAntenna = (u8) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:2270:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->AntennaMode = (u8) atoi(argv[1]);
data/uaputl-1.12/uapcmd.c:2371:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->RtsThreshold = (u16) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:2473:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->FragThreshold = (u16) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:2577:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->RadioCtl = (u8) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:2679:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->rsn_replay_prot = (u8) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:3026:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->PktFwdCtl = (u8) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:3131:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->StaAgeoutTimer_ms = (u32) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:3236:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->AuthMode = (u8) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:3317:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((atoi(argv[0]) == PROTOCOL_NO_SECURITY) ||
data/uaputl-1.12/uapcmd.c:3318:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) == PROTOCOL_STATIC_WEP))) {
data/uaputl-1.12/uapcmd.c:3350:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->Protocol = (u16) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:3464:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[(3 * i)]) == 0) || (atoi(argv[(3 * i)]) < 0) ||
data/uaputl-1.12/uapcmd.c:3465:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[(3 * i)]) > 3)) {
data/uaputl-1.12/uapcmd.c:3473:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[(3 * i) + 1]) < 0) ||
data/uaputl-1.12/uapcmd.c:3474:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[(3 * i) + 1]) > 1)) {
data/uaputl-1.12/uapcmd.c:3485:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
printf("ERR:Incorrect KEY_%d length %d\n", atoi(argv[(3 * i)]),
data/uaputl-1.12/uapcmd.c:3501:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) < 0) ||
data/uaputl-1.12/uapcmd.c:3502:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > 3)) {
data/uaputl-1.12/uapcmd.c:3544:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->KeyIndex = atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:3552:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
keyindex = atoi(argv[(3 * i)]);
data/uaputl-1.12/uapcmd.c:3553:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
is_default = atoi(argv[(3 * i) + 1]);
data/uaputl-1.12/uapcmd.c:3589:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tlv->Key, key, length);
data/uaputl-1.12/uapcmd.c:3693:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) < 0) ||
data/uaputl-1.12/uapcmd.c:3694:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > 3)) {
data/uaputl-1.12/uapcmd.c:3775:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ie_ptr->ie_index = (u16) uap_cpu_to_le16(atoi(argv[0]));
data/uaputl-1.12/uapcmd.c:3786:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ie_ptr->ie_index = uap_cpu_to_le16(atoi(argv[0]));
data/uaputl-1.12/uapcmd.c:3877:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(argv[0]) & ~CIPHER_BITMAP) {
data/uaputl-1.12/uapcmd.c:3882:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(argv[1]) & ~CIPHER_BITMAP) {
data/uaputl-1.12/uapcmd.c:3887:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (is_cipher_valid(atoi(argv[0]), atoi(argv[1])) != UAP_SUCCESS) {
data/uaputl-1.12/uapcmd.c:3887:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (is_cipher_valid(atoi(argv[0]), atoi(argv[1])) != UAP_SUCCESS) {
data/uaputl-1.12/uapcmd.c:3919:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->PairwiseCipher = (u8) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:3920:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->GroupCipher = (u8) atoi(argv[1]);
data/uaputl-1.12/uapcmd.c:4019:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->GroupRekeyTime_sec = (u32) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:4145:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tlv->Passphrase, argv[0], tlv->Length);
data/uaputl-1.12/uapcmd.c:4229:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((atoi(argv[0]) < 0) || (atoi(argv[0]) > 2))) {
data/uaputl-1.12/uapcmd.c:4229:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((atoi(argv[0]) < 0) || (atoi(argv[0]) > 2))) {
data/uaputl-1.12/uapcmd.c:4236:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi(argv[0]) != 0) && (argc == 1)) {
data/uaputl-1.12/uapcmd.c:4279:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->FilterMode = atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:4400:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->Max_sta_num = (u16) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:4508:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->retry_limit = (u8) atoi(argv[0]);
data/uaputl-1.12/uapcmd.c:4580:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/uaputl-1.12/uapcmd.c:4643:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) != 2)) {
data/uaputl-1.12/uapcmd.c:4659:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(argv[1], "r");
data/uaputl-1.12/uapcmd.c:4679:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cmd_buf->type = atoi(argv[0]);
data/uaputl-1.12/uaputl.c:64:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dev_name[IFNAMSIZ + 1];
data/uaputl-1.12/uaputl.c:268:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(argv[i]) == atoi(argv[j])) {
data/uaputl-1.12/uaputl.c:268:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(argv[i]) == atoi(argv[j])) {
data/uaputl-1.12/uaputl.c:402:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[64];
data/uaputl-1.12/uaputl.c:403:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain_name[40];
data/uaputl-1.12/uaputl.c:410:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country2[3];
data/uaputl-1.12/uaputl.c:412:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("80211d_domain.conf", "r");
data/uaputl-1.12/uaputl.c:803:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) < 0) ||
data/uaputl-1.12/uaputl.c:804:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > 2)) {
data/uaputl-1.12/uaputl.c:812:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pm.ps_mode = atoi(argv[0]);
data/uaputl-1.12/uaputl.c:824:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[1]) == 0) || (atoi(argv[1]) < 1) ||
data/uaputl-1.12/uaputl.c:825:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[1]) > 2)) {
data/uaputl-1.12/uaputl.c:832:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi(argv[1]);
data/uaputl-1.12/uaputl.c:841:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[2]) == 0) || (atoi(argv[2]) < 0) ||
data/uaputl-1.12/uaputl.c:842:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[2]) > 1)) {
data/uaputl-1.12/uaputl.c:850:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pm.sleep_param.ctrl_bitmap = atoi(argv[2]);
data/uaputl-1.12/uaputl.c:856:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pm.sleep_param.min_sleep = atoi(argv[3]);
data/uaputl-1.12/uaputl.c:857:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pm.sleep_param.max_sleep = atoi(argv[4]);
data/uaputl-1.12/uaputl.c:878:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pm.inact_param.inactivity_to = atoi(argv[2]);
data/uaputl-1.12/uaputl.c:879:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pm.inact_param.min_awake = atoi(argv[3]);
data/uaputl-1.12/uaputl.c:880:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pm.inact_param.max_awake = atoi(argv[4]);
data/uaputl-1.12/uaputl.c:893:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[5]) == 0) || (atoi(argv[5]) < 1) ||
data/uaputl-1.12/uaputl.c:894:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[5]) > 2)) {
data/uaputl-1.12/uaputl.c:901:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (type == atoi(argv[5])) {
data/uaputl-1.12/uaputl.c:906:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi(argv[5]);
data/uaputl-1.12/uaputl.c:908:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[6]) == 0) || (atoi(argv[6]) < 0) ||
data/uaputl-1.12/uaputl.c:909:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[6]) > 1)) {
data/uaputl-1.12/uaputl.c:917:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pm.sleep_param.ctrl_bitmap = atoi(argv[6]);
data/uaputl-1.12/uaputl.c:923:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pm.sleep_param.min_sleep = atoi(argv[7]);
data/uaputl-1.12/uaputl.c:924:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pm.sleep_param.max_sleep = atoi(argv[8]);
data/uaputl-1.12/uaputl.c:945:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pm.inact_param.inactivity_to = atoi(argv[6]);
data/uaputl-1.12/uaputl.c:946:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pm.inact_param.min_awake = atoi(argv[7]);
data/uaputl-1.12/uaputl.c:947:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pm.inact_param.max_awake = atoi(argv[8]);
data/uaputl-1.12/uaputl.c:1871:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[30];
data/uaputl-1.12/uaputl.c:1888:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
config_file = fopen(argv[0], "r");
data/uaputl-1.12/uaputl.c:1997:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
index = atoi(args[0] + strlen("protectionFromQTime"));
data/uaputl-1.12/uaputl.c:2005:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sco_prot_qtime[index] = (u16) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2011:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sco_prot_rate = (u16) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2017:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sco_acl_freq = (u16) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2023:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
acl_enabled = (u16) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2029:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
acl_bt_time = (u16) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2035:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
acl_wlan_time = (u16) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2041:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
acl_prot_rate = (u16) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2086:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[30];
data/uaputl-1.12/uaputl.c:2113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country_80211d[4];
data/uaputl-1.12/uaputl.c:2119:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
config_file = fopen(argv[0], "r");
data/uaputl-1.12/uaputl.c:2412:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmd_buf->Domain.CountryCode, country_80211d,
data/uaputl-1.12/uaputl.c:2414:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmd_buf->Domain.Subband, sub_bands,
data/uaputl-1.12/uaputl.c:2485:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(args[1]) == 0) || (atoi(args[1]) < 0) ||
data/uaputl-1.12/uaputl.c:2486:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(args[1]) > 2)) {
data/uaputl-1.12/uaputl.c:2489:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(args[1]));
data/uaputl-1.12/uaputl.c:2492:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
filter_tlv->FilterMode = atoi(args[1]);
data/uaputl-1.12/uaputl.c:2496:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
filter_tlv->Count = atoi(args[1]);
data/uaputl-1.12/uaputl.c:2528:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mask_ie_index = (u16) atoi(args[0] + strlen("MgmtSubtypeMask_"));
data/uaputl-1.12/uaputl.c:2557:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
custom_ie_ptr->ie_index = (u16) atoi(args[0] + strlen("IEBuffer_"));
data/uaputl-1.12/uaputl.c:2604:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tlv->Ssid, args[1], tlv->Length);
data/uaputl-1.12/uaputl.c:2627:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->BeaconPeriod_ms = (u16) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2656:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pChanList->ChanNumber = (u8) atoi(args[i + 1]);
data/uaputl-1.12/uaputl.c:2680:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->ChanNumber = (u8) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2682:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->BandConfigType = atoi(args[2]) ? BAND_CONFIG_ACS_MODE : 0;
data/uaputl-1.12/uaputl.c:2713:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(args[1]) != UAP_SUCCESS) || (atoi(args[1]) < 0) ||
data/uaputl-1.12/uaputl.c:2714:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(args[1]) > 1)) {
data/uaputl-1.12/uaputl.c:2733:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->AntennaMode = atoi(args[1]);
data/uaputl-1.12/uaputl.c:2738:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(args[1]) != UAP_SUCCESS) || (atoi(args[1]) < 0) ||
data/uaputl-1.12/uaputl.c:2739:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(args[1]) > 1)) {
data/uaputl-1.12/uaputl.c:2758:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->AntennaMode = atoi(args[1]);
data/uaputl-1.12/uaputl.c:2805:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->TxPower_dBm = (u8) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2828:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->BcastSsidCtl = (u8) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2849:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->RtsThreshold = (u16) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2872:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->FragThreshold = (u16) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2895:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->DtimPeriod = (u8) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2917:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->RadioCtl = (u8) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2939:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->rsn_replay_prot = (u8) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2974:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->PktFwdCtl = (u8) atoi(args[1]);
data/uaputl-1.12/uaputl.c:2996:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->StaAgeoutTimer_ms = (u32) atoi(args[1]);
data/uaputl-1.12/uaputl.c:3005:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi(args[1]) < 0) || (atoi(args[1]) > 1)) {
data/uaputl-1.12/uaputl.c:3005:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi(args[1]) < 0) || (atoi(args[1]) > 1)) {
data/uaputl-1.12/uaputl.c:3023:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->AuthMode = (u8) atoi(args[1]);
data/uaputl-1.12/uaputl.c:3036:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
keyindex = atoi(args[1]);
data/uaputl-1.12/uaputl.c:3099:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tlv->Key, &args[1][1], strlen(args[1]) - 2);
data/uaputl-1.12/uaputl.c:3146:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tlv->Passphrase, args[1], tlv->Length);
data/uaputl-1.12/uaputl.c:3168:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->Protocol = (u16) atoi(args[1]);
data/uaputl-1.12/uaputl.c:3171:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(args[1]) & (PROTOCOL_WPA | PROTOCOL_WPA2)) {
data/uaputl-1.12/uaputl.c:3201:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pairwisecipher = atoi(args[1]);
data/uaputl-1.12/uaputl.c:3219:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
groupcipher = atoi(args[1]);
data/uaputl-1.12/uaputl.c:3247:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->GroupRekeyTime_sec = (u32) atoi(args[1]);
data/uaputl-1.12/uaputl.c:3270:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->Max_sta_num = (u16) atoi(args[1]);
data/uaputl-1.12/uaputl.c:3294:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tlv->retry_limit = (u8) atoi(args[1]);
data/uaputl-1.12/uaputl.c:3498:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
parse_input_80211d(int argc, char **argv, int output[2][2])
data/uaputl-1.12/uaputl.c:3501:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *keywords[2] = { "state", "country" };
data/uaputl-1.12/uaputl.c:3542:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[4] = { ' ', ' ', 0, 0 };
data/uaputl-1.12/uaputl.c:3675:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmd_buf->Domain.CountryCode, country, strlen(country));
data/uaputl-1.12/uaputl.c:3676:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmd_buf->Domain.Subband, sub_bands,
data/uaputl-1.12/uaputl.c:4047:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi(argv[0]) != 0) && (atoi(argv[0]) != 1) && (atoi(argv[0]) != 2)) {
data/uaputl-1.12/uaputl.c:4047:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi(argv[0]) != 0) && (atoi(argv[0]) != 1) && (atoi(argv[0]) != 2)) {
data/uaputl-1.12/uaputl.c:4047:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi(argv[0]) != 0) && (atoi(argv[0]) != 1) && (atoi(argv[0]) != 2)) {
data/uaputl-1.12/uaputl.c:4053:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
reg = atoi(argv[0]);
data/uaputl-1.12/uaputl.c:4228:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subcmd = atoi(argv[0]);
data/uaputl-1.12/uaputl.c:4522:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[i]) == 0) || (atoi(argv[i]) < 1) ||
data/uaputl-1.12/uaputl.c:4523:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[i]) > MAX_CHANNELS)) {
data/uaputl-1.12/uaputl.c:4542:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi(argv[0]) < MIN_TX_POWER) ||
data/uaputl-1.12/uaputl.c:4543:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > MAX_TX_POWER)) {
data/uaputl-1.12/uaputl.c:4555:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ret = is_protocol_valid(atoi(argv[0]));
data/uaputl-1.12/uaputl.c:4563:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[1]) == 0) || (atoi(argv[1]) < 0) ||
data/uaputl-1.12/uaputl.c:4564:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[1]) > 1)) {
data/uaputl-1.12/uaputl.c:4568:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi(argv[1]) == 1) && (atoi(argv[0]) != 0)) {
data/uaputl-1.12/uaputl.c:4568:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi(argv[1]) == 1) && (atoi(argv[0]) != 0)) {
data/uaputl-1.12/uaputl.c:4573:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((argc == 1) || (atoi(argv[1]) == 0)) {
data/uaputl-1.12/uaputl.c:4574:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) < 1) ||
data/uaputl-1.12/uaputl.c:4575:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > MAX_CHANNELS)) {
data/uaputl-1.12/uaputl.c:4613:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((atoi(argv[0]) != 0) && (atoi(argv[0]) != 1))) {
data/uaputl-1.12/uaputl.c:4613:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((atoi(argv[0]) != 0) && (atoi(argv[0]) != 1))) {
data/uaputl-1.12/uaputl.c:4625:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) < 0) ||
data/uaputl-1.12/uaputl.c:4626:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > MAX_RTS_THRESHOLD)) {
data/uaputl-1.12/uaputl.c:4638:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) < MIN_FRAG_THRESHOLD) ||
data/uaputl-1.12/uaputl.c:4639:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > MAX_FRAG_THRESHOLD)) {
data/uaputl-1.12/uaputl.c:4650:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) < 1) ||
data/uaputl-1.12/uaputl.c:4651:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > MAX_DTIM_PERIOD)) {
data/uaputl-1.12/uaputl.c:4662:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) < 0) ||
data/uaputl-1.12/uaputl.c:4663:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > 1)) {
data/uaputl-1.12/uaputl.c:4677:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((atoi(argv[0]) != 0) && (atoi(argv[0]) != 1))) {
data/uaputl-1.12/uaputl.c:4677:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((atoi(argv[0]) != 0) && (atoi(argv[0]) != 1))) {
data/uaputl-1.12/uaputl.c:4708:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((atoi(argv[0]) != 0) && (atoi(argv[0]) != 1))) {
data/uaputl-1.12/uaputl.c:4708:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((atoi(argv[0]) != 0) && (atoi(argv[0]) != 1))) {
data/uaputl-1.12/uaputl.c:4720:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || ((atoi(argv[0]) != 0) &&
data/uaputl-1.12/uaputl.c:4721:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((atoi(argv[0]) <
data/uaputl-1.12/uaputl.c:4723:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) >
data/uaputl-1.12/uaputl.c:4737:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) < 0) ||
data/uaputl-1.12/uaputl.c:4738:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > 1)) {
data/uaputl-1.12/uaputl.c:4751:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) < 0) ||
data/uaputl-1.12/uaputl.c:4752:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > MAX_GRP_TIMER)) {
data/uaputl-1.12/uaputl.c:4764:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) > 8) ||
data/uaputl-1.12/uaputl.c:4765:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) < 0)) {
data/uaputl-1.12/uaputl.c:4777:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) < MIN_BEACON_PERIOD)
data/uaputl-1.12/uaputl.c:4778:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
|| (atoi(argv[0]) > MAX_BEACON_PERIOD)) {
data/uaputl-1.12/uaputl.c:4790:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) > MAX_RETRY_LIMIT) ||
data/uaputl-1.12/uaputl.c:4791:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) < 0)) {
data/uaputl-1.12/uaputl.c:4805:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((IS_HEX_OR_DIGIT(argv[0]) == 0) || (atoi(argv[0]) < 0) ||
data/uaputl-1.12/uaputl.c:4806:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > 1)) {
data/uaputl-1.12/uaputl.c:4828:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((ISDIGIT(argv[0]) == 0) || (atoi(argv[0]) < 0) ||
data/uaputl-1.12/uaputl.c:4829:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(argv[0]) > 1)) {
data/uaputl-1.12/uaputl.c:5171:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ssid, ssid_tlv->Ssid, ssid_tlv->Length);
data/uaputl-1.12/uapcmd.c:896:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[0]) > MAX_SSID_LENGTH) {
data/uaputl-1.12/uapcmd.c:904:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (argv[0][strlen(argv[0])] == '"') {
data/uaputl-1.12/uapcmd.c:905:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv[0][strlen(argv[0])] = '\0';
data/uaputl-1.12/uapcmd.c:907:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(argv[0])) {
data/uaputl-1.12/uapcmd.c:913:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[0]);
data/uaputl-1.12/uapcmd.c:940:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlv->Length = strlen(argv[0]);
data/uaputl-1.12/uapcmd.c:1533:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *) malloc(sizeof(char) * (strlen(argv[j]) + 1));
data/uaputl-1.12/uapcmd.c:1551:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *) malloc(sizeof(char) * (strlen(argv[j]) + 1));
data/uaputl-1.12/uapcmd.c:1566:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *) malloc(sizeof(char) * (strlen(argv[j]) + 1));
data/uaputl-1.12/uapcmd.c:3481:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(argv[(3 * i) + 2]) != 5) &&
data/uaputl-1.12/uapcmd.c:3482:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(argv[(3 * i) + 2]) != 10)
data/uaputl-1.12/uapcmd.c:3483:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen(argv[(3 * i) + 2]) != 13) &&
data/uaputl-1.12/uapcmd.c:3484:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(argv[(3 * i) + 2]) != 26)) {
data/uaputl-1.12/uapcmd.c:3486:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[(3 * i) + 2]));
data/uaputl-1.12/uapcmd.c:3490:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(argv[(3 * i) + 2]) == 10) ||
data/uaputl-1.12/uapcmd.c:3491:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(argv[(3 * i) + 2]) == 26)) {
data/uaputl-1.12/uapcmd.c:3555:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(key);
data/uaputl-1.12/uapcmd.c:3733:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ie_buf_len = strlen(argv[2]);
data/uaputl-1.12/uapcmd.c:4099:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((argc == 1) && (strlen(argv[0]) > MAX_WPA_PASSPHRASE_LENGTH)) {
data/uaputl-1.12/uapcmd.c:4103:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((argc == 1) && (strlen(argv[0]) < MIN_WPA_PASSPHRASE_LENGTH)) {
data/uaputl-1.12/uapcmd.c:4107:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((argc == 1) && (strlen(argv[0]) == MAX_WPA_PASSPHRASE_LENGTH)) {
data/uaputl-1.12/uapcmd.c:4122:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[0]);
data/uaputl-1.12/uapcmd.c:4144:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlv->Length = strlen(argv[0]);
data/uaputl-1.12/uaputl.c:418:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *) country2, country, 2);
data/uaputl-1.12/uaputl.c:726:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_ifrn.ifrn_name, dev_name, strlen(dev_name));
data/uaputl-1.12/uaputl.c:726:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(ifr.ifr_ifrn.ifrn_name, dev_name, strlen(dev_name));
data/uaputl-1.12/uaputl.c:1738:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(line);
data/uaputl-1.12/uaputl.c:1839:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = pos + strlen(pos) - 1;
data/uaputl-1.12/uaputl.c:1997:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
index = atoi(args[0] + strlen("protectionFromQTime"));
data/uaputl-1.12/uaputl.c:2369:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(args[1]) > 3) || (strlen(args[1]) < 0)) {
data/uaputl-1.12/uaputl.c:2369:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(args[1]) > 3) || (strlen(args[1]) < 0)) {
data/uaputl-1.12/uaputl.c:2374:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(country_80211d); i++) {
data/uaputl-1.12/uaputl.c:2413:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(country_80211d));
data/uaputl-1.12/uaputl.c:2528:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mask_ie_index = (u16) atoi(args[0] + strlen("MgmtSubtypeMask_"));
data/uaputl-1.12/uaputl.c:2545:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ie_buf_len = strlen(args[1]);
data/uaputl-1.12/uaputl.c:2557:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
custom_ie_ptr->ie_index = (u16) atoi(args[0] + strlen("IEBuffer_"));
data/uaputl-1.12/uaputl.c:2582:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (args[1][strlen(args[1]) - 1] == '"') {
data/uaputl-1.12/uaputl.c:2583:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
args[1][strlen(args[1]) - 1] = '\0';
data/uaputl-1.12/uaputl.c:2585:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(args[1]) > MAX_SSID_LENGTH) ||
data/uaputl-1.12/uaputl.c:2586:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(args[1]) == 0)) {
data/uaputl-1.12/uaputl.c:2592:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlv_len = sizeof(TLVBUF_SSID) + strlen(args[1]);
data/uaputl-1.12/uaputl.c:2603:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlv->Length = strlen(args[1]);
data/uaputl-1.12/uaputl.c:3052:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(args[1]) != 2) && (strlen(args[1]) != 7) &&
data/uaputl-1.12/uaputl.c:3052:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(args[1]) != 2) && (strlen(args[1]) != 7) &&
data/uaputl-1.12/uaputl.c:3053:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(args[1]) != 15)) {
data/uaputl-1.12/uaputl.c:3057:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key_len = strlen(args[1]) - 2;
data/uaputl-1.12/uaputl.c:3059:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(args[1]) != 0) && (strlen(args[1]) != 10) &&
data/uaputl-1.12/uaputl.c:3059:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(args[1]) != 0) && (strlen(args[1]) != 10) &&
data/uaputl-1.12/uaputl.c:3060:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(args[1]) != 26)) {
data/uaputl-1.12/uaputl.c:3069:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key_len = strlen(args[1]) / 2;
data/uaputl-1.12/uaputl.c:3099:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(tlv->Key, &args[1][1], strlen(args[1]) - 2);
data/uaputl-1.12/uaputl.c:3115:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (args[1][strlen(args[1]) - 1] == '"') {
data/uaputl-1.12/uaputl.c:3116:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
args[1][strlen(args[1]) - 1] = '\0';
data/uaputl-1.12/uaputl.c:3118:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlv_len = sizeof(TLVBUF_WPA_PASSPHRASE) + strlen(args[1]);
data/uaputl-1.12/uaputl.c:3119:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[1]) > MAX_WPA_PASSPHRASE_LENGTH) {
data/uaputl-1.12/uaputl.c:3123:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[1]) < MIN_WPA_PASSPHRASE_LENGTH) {
data/uaputl-1.12/uaputl.c:3127:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[1]) == MAX_WPA_PASSPHRASE_LENGTH) {
data/uaputl-1.12/uaputl.c:3145:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlv->Length = strlen(args[1]);
data/uaputl-1.12/uaputl.c:3591:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(argv[output[1][0] + 1]) > 3) ||
data/uaputl-1.12/uaputl.c:3592:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(argv[output[1][0] + 1]) < 0)) {
data/uaputl-1.12/uaputl.c:3599:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(country); i++) {
data/uaputl-1.12/uaputl.c:3675:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(cmd_buf->Domain.CountryCode, country, strlen(country));
data/uaputl-1.12/uaputl.c:4479:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(x); i++)
data/uaputl-1.12/uaputl.c:4880:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mac) != ((2 * ETH_ALEN) + (ETH_ALEN - 1))) {
data/uaputl-1.12/uaputl.c:4910:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (strlen(str) + 1) / 2;
data/uaputl-1.12/uaputl.c:4954:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(p);
data/uaputl-1.12/uaputl.c:5437:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_ifrn.ifrn_name, dev_name, strlen(dev_name));
data/uaputl-1.12/uaputl.c:5437:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(ifr.ifr_ifrn.ifrn_name, dev_name, strlen(dev_name));
data/uaputl-1.12/uaputl.c:5522:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg) < IFNAMSIZ) {
data/uaputl-1.12/uaputl.c:5524:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dev_name, optarg, strlen(optarg));
data/uaputl-1.12/uaputl.c:5524:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(dev_name, optarg, strlen(optarg));
data/uaputl-1.12/uaputl.c:5553:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(ap_command[i].cmd, argv[0], strlen(ap_command[i].cmd)))
data/uaputl-1.12/uaputl.c:5555:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ap_command[i].cmd) != strlen(argv[0]))
data/uaputl-1.12/uaputl.c:5555:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ap_command[i].cmd) != strlen(argv[0]))
ANALYSIS SUMMARY:
Hits = 343
Lines analyzed = 11621 in approximately 0.34 seconds (34027 lines/second)
Physical Source Lines of Code (SLOC) = 8633
Hits@level = [0] 905 [1] 74 [2] 211 [3] 47 [4] 11 [5] 0
Hits@level+ = [0+] 1248 [1+] 343 [2+] 269 [3+] 58 [4+] 11 [5+] 0
Hits/KSLOC@level+ = [0+] 144.562 [1+] 39.7313 [2+] 31.1595 [3+] 6.71841 [4+] 1.27418 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.