Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/validns-0.8+git20160720/a.c Examining data/validns-0.8+git20160720/aaaa.c Examining data/validns-0.8+git20160720/afsdb.c Examining data/validns-0.8+git20160720/base32hex.c Examining data/validns-0.8+git20160720/base32hex.h Examining data/validns-0.8+git20160720/base64.c Examining data/validns-0.8+git20160720/base64.h Examining data/validns-0.8+git20160720/carp.c Examining data/validns-0.8+git20160720/carp.h Examining data/validns-0.8+git20160720/cbtree.c Examining data/validns-0.8+git20160720/cbtree.h Examining data/validns-0.8+git20160720/cert.c Examining data/validns-0.8+git20160720/cname.c Examining data/validns-0.8+git20160720/common.h Examining data/validns-0.8+git20160720/dhcid.c Examining data/validns-0.8+git20160720/dlv.c Examining data/validns-0.8+git20160720/dname.c Examining data/validns-0.8+git20160720/ds.c Examining data/validns-0.8+git20160720/hinfo.c Examining data/validns-0.8+git20160720/isdn.c Examining data/validns-0.8+git20160720/kx.c Examining data/validns-0.8+git20160720/l32.c Examining data/validns-0.8+git20160720/l64.c Examining data/validns-0.8+git20160720/loc.c Examining data/validns-0.8+git20160720/lp.c Examining data/validns-0.8+git20160720/main.c Examining data/validns-0.8+git20160720/mb.c Examining data/validns-0.8+git20160720/mempool.c Examining data/validns-0.8+git20160720/mempool.h Examining data/validns-0.8+git20160720/mg.c Examining data/validns-0.8+git20160720/minfo.c Examining data/validns-0.8+git20160720/mr.c Examining data/validns-0.8+git20160720/mx.c Examining data/validns-0.8+git20160720/naptr.c Examining data/validns-0.8+git20160720/nid.c Examining data/validns-0.8+git20160720/ns.c Examining data/validns-0.8+git20160720/nsap.c Examining data/validns-0.8+git20160720/nsec.c Examining data/validns-0.8+git20160720/nsec3.c Examining data/validns-0.8+git20160720/nsec3param.c Examining data/validns-0.8+git20160720/ptr.c Examining data/validns-0.8+git20160720/px.c Examining data/validns-0.8+git20160720/rp.c Examining data/validns-0.8+git20160720/rr.c Examining data/validns-0.8+git20160720/rr.h Examining data/validns-0.8+git20160720/rt.c Examining data/validns-0.8+git20160720/soa.c Examining data/validns-0.8+git20160720/spf.c Examining data/validns-0.8+git20160720/srv.c Examining data/validns-0.8+git20160720/sshfp.c Examining data/validns-0.8+git20160720/textparse.c Examining data/validns-0.8+git20160720/textparse.h Examining data/validns-0.8+git20160720/threads.c Examining data/validns-0.8+git20160720/tlsa.c Examining data/validns-0.8+git20160720/txt.c Examining data/validns-0.8+git20160720/x25.c Examining data/validns-0.8+git20160720/ipseckey.c Examining data/validns-0.8+git20160720/dnskey.c Examining data/validns-0.8+git20160720/nsec3checks.c Examining data/validns-0.8+git20160720/rrsig.c FINAL RESULTS: data/validns-0.8+git20160720/carp.c:112:6: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (readlink("/proc/self/exe", proggy, MAXPATHLEN) != -1) data/validns-0.8+git20160720/carp.c:49:4: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, ap); data/validns-0.8+git20160720/carp.c:70:4: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, ap); data/validns-0.8+git20160720/carp.c:87:3: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, ap); data/validns-0.8+git20160720/cbtree.c:323:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(b, ((x & z) == z) ? "1" : "0"); data/validns-0.8+git20160720/ipseckey.c:100:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gw, rr->gateway.gateway_none); data/validns-0.8+git20160720/ipseckey.c:109:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gw, rr->gateway.gateway_name); data/validns-0.8+git20160720/main.c:415:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(new_file_info->name, fname); data/validns-0.8+git20160720/mempool.c:95:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). return strcpy(r, s); data/validns-0.8+git20160720/mempool.c:101:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). return strcpy(r, s); data/validns-0.8+git20160720/textparse.c:134:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, file_info->current_origin); data/validns-0.8+git20160720/textparse.c:139:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, file_info->current_origin); data/validns-0.8+git20160720/textparse.c:212:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(mystpcpy(r, *input), file_info->current_origin); data/validns-0.8+git20160720/textparse.c:214:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(mystpcpy(mystpcpy(r, *input), "."), file_info->current_origin); data/validns-0.8+git20160720/main.c:526:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((o = getopt(argc, argv, "fhMqsvI:z:t:p:n:")) != -1) { data/validns-0.8+git20160720/a.c:37:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/aaaa.c:37:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/afsdb.c:45:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/base32hex.c:223:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char dstbuf[512]; data/validns-0.8+git20160720/base32hex.c:224:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char reverse_buf[1024]; data/validns-0.8+git20160720/base32hex.c:282:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *buf[20]; data/validns-0.8+git20160720/base64.c:105:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char dstbuf[512]; data/validns-0.8+git20160720/base64.c:144:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *buf[20]; data/validns-0.8+git20160720/carp.c:100:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char proggy[MAXPATHLEN]; data/validns-0.8+git20160720/cbtree.c:30:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mem[0]; data/validns-0.8+git20160720/cbtree.c:114:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(x + sizeof(intptr_t), u, ulen + 1); data/validns-0.8+git20160720/cbtree.c:174:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(x + sizeof(intptr_t), ubytes, ulen + 1); data/validns-0.8+git20160720/cbtree.c:318:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char b[9]; data/validns-0.8+git20160720/cert.c:124:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/common.h:27:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[LINEBUFSZ]; data/validns-0.8+git20160720/common.h:37:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[0]; data/validns-0.8+git20160720/common.h:81:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char policy_checks[N_POLICY_CHECKS]; data/validns-0.8+git20160720/dlv.c:75:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ss[4096]; data/validns-0.8+git20160720/dnskey.c:90:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/ds.c:76:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ss[4096]; data/validns-0.8+git20160720/hinfo.c:47:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/ipseckey.c:96:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024], gw[1000]; data/validns-0.8+git20160720/ipseckey.c:112:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(gw, "??"); data/validns-0.8+git20160720/kx.c:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/l32.c:43:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/l64.c:41:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/lp.c:46:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/main.c:37:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sval[40]; data/validns-0.8+git20160720/main.c:216:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/validns-0.8+git20160720/main.c:402:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fname, "r"); data/validns-0.8+git20160720/mempool.c:20:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mem[0]; data/validns-0.8+git20160720/minfo.c:42:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/mx.c:41:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/naptr.c:75:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/nid.c:41:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/nsec.c:68:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ss[1024]; data/validns-0.8+git20160720/nsec.c:127:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[1024]; data/validns-0.8+git20160720/nsec3.c:120:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ss[1024]; data/validns-0.8+git20160720/nsec3checks.c:32:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char md0[EVP_MAX_MD_SIZE]; data/validns-0.8+git20160720/nsec3checks.c:33:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char md1[EVP_MAX_MD_SIZE]; data/validns-0.8+git20160720/nsec3checks.c:34:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char *md[2]; data/validns-0.8+git20160720/nsec3checks.c:70:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(r.data, md[mdi], digest_size); data/validns-0.8+git20160720/nsec3checks.c:166:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hashed_name[33]; data/validns-0.8+git20160720/nsec3checks.c:167:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char binary_hashed_name[20]; data/validns-0.8+git20160720/nsec3checks.c:179:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hashed_name, name, 32); hashed_name[32] = 0; data/validns-0.8+git20160720/nsec3checks.c:191:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rr->this_hashed_name.data, binary_hashed_name, 20); data/validns-0.8+git20160720/nsec3param.c:90:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ss[1024]; data/validns-0.8+git20160720/px.c:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/rp.c:43:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/rr.c:95:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[10]; data/validns-0.8+git20160720/rr.c:101:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s, "TYPE%d", type); data/validns-0.8+git20160720/rr.c:109:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s, "TYPE%d", type); data/validns-0.8+git20160720/rr.c:126:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(r, s+i+1, l-i); data/validns-0.8+git20160720/rr.c:454:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/validns-0.8+git20160720/rr.c:456:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "\\# %d ...", rr->data.length); data/validns-0.8+git20160720/rt.c:41:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/soa.c:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/spf.c:61:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ss[1024]; data/validns-0.8+git20160720/srv.c:62:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/sshfp.c:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ss[4096]; data/validns-0.8+git20160720/textparse.c:73:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/validns-0.8+git20160720/textparse.c:630:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b64[4096]; data/validns-0.8+git20160720/textparse.c:665:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b32[4096]; data/validns-0.8+git20160720/textparse.c:722:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(r.data, o, l+1); data/validns-0.8+git20160720/textparse.c:772:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(r.data, o, l+1); data/validns-0.8+git20160720/textparse.c:778:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hex[4096]; data/validns-0.8+git20160720/textparse.c:885:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&r.data[len], &set->data[map_base], 2 + set->data[map_base+1]); data/validns-0.8+git20160720/textparse.c:957:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(t, &b1, 1); data/validns-0.8+git20160720/textparse.c:962:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(t, &b2, 2); data/validns-0.8+git20160720/textparse.c:967:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(t, &b4, 4); data/validns-0.8+git20160720/textparse.c:972:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(t, &b8, 8); data/validns-0.8+git20160720/textparse.c:977:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(t, bd.data, bd.length); data/validns-0.8+git20160720/textparse.c:983:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(t, &b1, 1); data/validns-0.8+git20160720/textparse.c:985:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(t, bd.data, bd.length); data/validns-0.8+git20160720/textparse.c:991:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(t, &b2, 2); data/validns-0.8+git20160720/textparse.c:993:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(t, bd.data, bd.length); data/validns-0.8+git20160720/tlsa.c:71:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/validns-0.8+git20160720/txt.c:63:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ss[1024]; data/validns-0.8+git20160720/base32hex.c:226:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int expect_sz = strlen(expect); data/validns-0.8+git20160720/base64.c:107:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int expect_sz = strlen(expect); data/validns-0.8+git20160720/cbtree.c:75:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t ulen = strlen(u); data/validns-0.8+git20160720/cbtree.c:105:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t ulen = strlen(u); data/validns-0.8+git20160720/cbtree.c:204:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t ulen = strlen(u); data/validns-0.8+git20160720/cbtree.c:291:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t ulen = strlen(prefix); data/validns-0.8+git20160720/cbtree.c:341:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t ulen = strlen((char *)(p + sizeof(intptr_t))); data/validns-0.8+git20160720/cbtree.c:359:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t ulen = strlen(u); data/validns-0.8+git20160720/main.c:409:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). new_file_info = malloc(sizeof(*new_file_info) + strlen(fname) + 1); data/validns-0.8+git20160720/main.c:581:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(optarg) && *(optarg+strlen(optarg)-1) == '.') { data/validns-0.8+git20160720/main.c:581:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(optarg) && *(optarg+strlen(optarg)-1) == '.') { data/validns-0.8+git20160720/main.c:583:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (strlen(optarg)) { data/validns-0.8+git20160720/main.c:584:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). G.opt.first_origin = getmem(strlen(optarg)+2); data/validns-0.8+git20160720/main.c:585:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(mystpcpy(G.opt.first_origin, optarg), "."); data/validns-0.8+git20160720/mempool.c:94:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *r = getmem(strlen(s)+1); data/validns-0.8+git20160720/mempool.c:100:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *r = getmem_temp(strlen(s)+1); data/validns-0.8+git20160720/nsec3.c:133:3: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(s, "-"); data/validns-0.8+git20160720/nsec3checks.c:171:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(name); data/validns-0.8+git20160720/nsec3param.c:103:3: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(s, "-"); data/validns-0.8+git20160720/rr.c:115:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l = strlen(s); data/validns-0.8+git20160720/rr.c:139:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned char *res = getmem_temp(strlen(s)+2); data/validns-0.8+git20160720/rr.c:230:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name_l = strlen(name); data/validns-0.8+git20160720/rr.c:273:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name_l = strlen(name); data/validns-0.8+git20160720/rr.c:708:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((nrr->flags & NAME_FLAG_APEX_PARENT) || strlen(nrr->name) < zone_apex_l) { data/validns-0.8+git20160720/textparse.c:122:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(buf); data/validns-0.8+git20160720/textparse.c:130:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ol = strlen(file_info->current_origin); data/validns-0.8+git20160720/textparse.c:138:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf, "."); data/validns-0.8+git20160720/textparse.c:210:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r = getmem(strlen(*input) + 1 + strlen(file_info->current_origin) + 1); data/validns-0.8+git20160720/textparse.c:210:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r = getmem(strlen(*input) + 1 + strlen(file_info->current_origin) + 1); data/validns-0.8+git20160720/textparse.c:1027:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return(dlen + strlen(s)); data/validns-0.8+git20160720/tlsa.c:112:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(s); ANALYSIS SUMMARY: Hits = 124 Lines analyzed = 8904 in approximately 0.23 seconds (39112 lines/second) Physical Source Lines of Code (SLOC) = 7224 Hits@level = [0] 123 [1] 31 [2] 78 [3] 1 [4] 13 [5] 1 Hits@level+ = [0+] 247 [1+] 124 [2+] 93 [3+] 15 [4+] 14 [5+] 1 Hits/KSLOC@level+ = [0+] 34.1916 [1+] 17.165 [2+] 12.8738 [3+] 2.07641 [4+] 1.93798 [5+] 0.138427 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.