Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/vrrpd-1.0/ipaddr.c
Examining data/vrrpd-1.0/ipaddr.h
Examining data/vrrpd-1.0/libnetlink.h
Examining data/vrrpd-1.0/proto.h
Examining data/vrrpd-1.0/ll_map.h
Examining data/vrrpd-1.0/daemon.h
Examining data/vrrpd-1.0/vrrpd.h
Examining data/vrrpd-1.0/ll_map.c
Examining data/vrrpd-1.0/vrrpd.c
Examining data/vrrpd-1.0/daemon.c
Examining data/vrrpd-1.0/ipsecah.h
Examining data/vrrpd-1.0/md5.c
Examining data/vrrpd-1.0/iproute.c
Examining data/vrrpd-1.0/ipsecah.c
Examining data/vrrpd-1.0/libnetlink.c
Examining data/vrrpd-1.0/md5.h
Examining data/vrrpd-1.0/iproute.h
FINAL RESULTS:
data/vrrpd-1.0/ll_map.c:84:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(im->name, RTA_DATA(tb[IFLA_IFNAME]));
data/vrrpd-1.0/ll_map.c:149:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ncache, name);
data/vrrpd-1.0/vrrpd.c:168:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( pidfile, sizeof(pidfile), "%s/" VRRP_PID_FORMAT
data/vrrpd-1.0/vrrpd.c:915:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( from.sa_data, vsrv->vif.ifname );
data/vrrpd-1.0/vrrpd.h:36:19: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
#define vrrpd_log syslog
data/vrrpd-1.0/vrrpd.h:137:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define VRRP_LOG( str ) printf str
data/vrrpd-1.0/vrrpd.c:1060:9: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt( argc, argv, "f:si:v:a:p:d:m:c:hnDl:" );
data/vrrpd-1.0/daemon.c:63:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(_PATH_DEVNULL, O_RDWR, 0);
data/vrrpd-1.0/ipaddr.c:132:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/vrrpd-1.0/iproute.c:129:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->rtm, r, sizeof(struct rtmsg));
data/vrrpd-1.0/iproute.c:136:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (tb[RTA_SRC]) memcpy(&entry->src, RTA_DATA(tb[RTA_SRC]), 4);
data/vrrpd-1.0/iproute.c:137:26: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (tb[RTA_PREFSRC]) memcpy(&entry->psrc, RTA_DATA(tb[RTA_PREFSRC]), 4);
data/vrrpd-1.0/iproute.c:138:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (tb[RTA_DST]) memcpy(&entry->dest, RTA_DATA(tb[RTA_DST]), 4);
data/vrrpd-1.0/iproute.c:139:26: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (tb[RTA_GATEWAY]) memcpy(&entry->gate, RTA_DATA(tb[RTA_GATEWAY]), 4);
data/vrrpd-1.0/iproute.c:140:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (tb[RTA_FLOW]) memcpy(&entry->flow, RTA_DATA(tb[RTA_FLOW]), 4);
data/vrrpd-1.0/iproute.c:187:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/vrrpd-1.0/iproute.c:196:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&req.r, r->rtm, sizeof(struct rtmsg));
data/vrrpd-1.0/iproute.c:252:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[20];
data/vrrpd-1.0/iproute.c:256:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d.%d.%d.%d", bytep[0], bytep[1], bytep[2], bytep[3]);
data/vrrpd-1.0/ipsecah.c:32:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k_ipad[65]; /* inner padding - key XORd with ipad */
data/vrrpd-1.0/ipsecah.c:33:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k_opad[65]; /* outer padding - key XORd with opad */
data/vrrpd-1.0/ipsecah.c:34:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tk[16];
data/vrrpd-1.0/ipsecah.c:64:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(k_ipad,key,key_len);
data/vrrpd-1.0/ipsecah.c:65:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(k_opad,key,key_len);
data/vrrpd-1.0/libnetlink.c:137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/vrrpd-1.0/libnetlink.c:224:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/vrrpd-1.0/libnetlink.c:301:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(answer, h, h->nlmsg_len);
data/vrrpd-1.0/libnetlink.c:311:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(answer, h, h->nlmsg_len);
data/vrrpd-1.0/libnetlink.c:339:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/vrrpd-1.0/libnetlink.c:411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/vrrpd-1.0/libnetlink.c:474:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(rta), &data, 4);
data/vrrpd-1.0/libnetlink.c:489:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(rta), data, alen);
data/vrrpd-1.0/libnetlink.c:504:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(subrta), &data, 4);
data/vrrpd-1.0/libnetlink.c:519:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(subrta), data, alen);
data/vrrpd-1.0/ll_map.c:32:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char addr[8];
data/vrrpd-1.0/ll_map.c:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/vrrpd-1.0/ll_map.c:79:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(im->addr, RTA_DATA(tb[IFLA_ADDRESS]), alen);
data/vrrpd-1.0/ll_map.c:104:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char nbuf[16];
data/vrrpd-1.0/ll_map.c:136:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ncache[16];
data/vrrpd-1.0/md5.c:87:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define MD5_memcpy memcpy
data/vrrpd-1.0/md5.c:91:30: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define MD5_memcpy(_a,_b,_c) memcpy((_a), (_b),(_c))
data/vrrpd-1.0/md5.c:98:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char PADDING[64] = {
data/vrrpd-1.0/md5.c:196:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[16]; /* message digest */
data/vrrpd-1.0/md5.c:199:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bits[8];
data/vrrpd-1.0/md5.c:229:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char block[64];
data/vrrpd-1.0/md5.c:381:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)output)[i] = (char)value;
data/vrrpd-1.0/md5.h:63:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[64]; /* input buffer */
data/vrrpd-1.0/vrrpd.c:88:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vrrp_hwaddr[6]; // WORK: lame hardcoded for ethernet
data/vrrpd-1.0/vrrpd.c:92:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char VridName[VRIDNAME_MAX+1]="vrrpd"; /* handy to have a name in the logs */
data/vrrpd-1.0/vrrpd.c:93:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char PidDir[FILENAME_MAX+1];
data/vrrpd-1.0/vrrpd.c:115:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ifname[MAXINTS];
data/vrrpd-1.0/vrrpd.c:167:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pidfile[FILENAME_MAX+1];
data/vrrpd-1.0/vrrpd.c:183:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fOut = fopen( name, "w" );
data/vrrpd-1.0/vrrpd.c:214:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fIn = fopen( name, "r" );
data/vrrpd-1.0/vrrpd.c:316:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ifr.ifr_hwaddr.sa_data, addr, addrlen );
data/vrrpd-1.0/vrrpd.c:350:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ifr.ifr_hwaddr.sa_data, addr, addrlen );
data/vrrpd-1.0/vrrpd.c:378:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( addr, ifr.ifr_hwaddr.sa_data, addrlen );
data/vrrpd-1.0/vrrpd.c:500:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(backup_auth_data,ah->auth_data,sizeof(ah->auth_data));
data/vrrpd-1.0/vrrpd.c:527:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(buffer+i*sizeof(uint32_t),&ipbuf,sizeof(uint32_t));
data/vrrpd-1.0/vrrpd.c:690:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( eth->ether_shost, vrrp_hwaddr, sizeof(vrrp_hwaddr));
data/vrrpd-1.0/vrrpd.c:807:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ah->auth_data,digest,HMAC_MD5_TRUNC);
data/vrrpd-1.0/vrrpd.c:856:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pw, vif->auth_data, sizeof(vif->auth_data));
data/vrrpd-1.0/vrrpd.c:1101:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vsrv->vrid = atoi( optarg );
data/vrrpd-1.0/vrrpd.c:1120:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vsrv->orig_prio = vsrv->priority = atoi( optarg );
data/vrrpd-1.0/vrrpd.c:1127:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vsrv->adver_int = atoi( optarg );
data/vrrpd-1.0/vrrpd.c:1141:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vsrv->delt_prio = atoi( optarg );
data/vrrpd-1.0/vrrpd.c:1222:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( vrrp_hwaddr, vsrv->vif.hwaddr,sizeof(vsrv->vif.hwaddr));
data/vrrpd-1.0/vrrpd.c:1296:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char __ar_sha[ETH_ALEN]; /* Sender hardware address. */
data/vrrpd-1.0/vrrpd.c:1297:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char __ar_sip[4]; /* Sender IP address. */
data/vrrpd-1.0/vrrpd.c:1298:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char __ar_tha[ETH_ALEN]; /* Target hardware address. */
data/vrrpd-1.0/vrrpd.c:1299:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char __ar_tip[4]; /* Target IP address. */
data/vrrpd-1.0/vrrpd.c:1311:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( eth->ether_shost, hwaddr, hwlen );
data/vrrpd-1.0/vrrpd.c:1320:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( arph->__ar_sha, hwaddr, hwlen );
data/vrrpd-1.0/vrrpd.c:1322:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( arph->__ar_sip, &addr, sizeof(addr) );
data/vrrpd-1.0/vrrpd.c:1323:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( arph->__ar_tip, &addr, sizeof(addr) );
data/vrrpd-1.0/vrrpd.c:1338:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char temp_ipaddr[32];
data/vrrpd-1.0/vrrpd.h:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hwaddr[6]; /* WORK: lame hardcoded for ethernet !!!! */
data/vrrpd-1.0/vrrpd.c:277:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
data/vrrpd-1.0/vrrpd.c:297:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
data/vrrpd-1.0/vrrpd.c:315:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
data/vrrpd-1.0/vrrpd.c:340:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
data/vrrpd-1.0/vrrpd.c:376:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
data/vrrpd-1.0/vrrpd.c:998:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
data/vrrpd-1.0/vrrpd.c:1263:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read( vsrv->sockfd, buf, buflen );
data/vrrpd-1.0/vrrpd.c:1808:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( ifr[i].ifr_name, ifname[i], IFNAMSIZ );
data/vrrpd-1.0/vrrpd.c:1826:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( ifr_up.ifr_name, ifname[i], IFNAMSIZ );
ANALYSIS SUMMARY:
Hits = 86
Lines analyzed = 4043 in approximately 0.13 seconds (30151 lines/second)
Physical Source Lines of Code (SLOC) = 2621
Hits@level = [0] 119 [1] 9 [2] 70 [3] 1 [4] 6 [5] 0
Hits@level+ = [0+] 205 [1+] 86 [2+] 77 [3+] 7 [4+] 6 [5+] 0
Hits/KSLOC@level+ = [0+] 78.2144 [1+] 32.8119 [2+] 29.3781 [3+] 2.67074 [4+] 2.2892 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.