The following issues were found
collectors/python.d.plugin/alarms/alarms.chart.py
15 issues
Line: 8
Column: 1
from json import loads
from bases.FrameworkServices.UrlService import UrlService
update_every = 10
disabled_by_default = True
Reported by Pylint.
Line: 1
Column: 1
# -*- coding: utf-8 -*-
# Description: alarms netdata python.d module
# Author: andrewm4894
# SPDX-License-Identifier: GPL-3.0-or-later
from json import loads
from bases.FrameworkServices.UrlService import UrlService
Reported by Pylint.
Line: 10
Column: 1
from bases.FrameworkServices.UrlService import UrlService
update_every = 10
disabled_by_default = True
def charts_template(sm, alarm_status_chart_type='line'):
order = [
Reported by Pylint.
Line: 11
Column: 1
from bases.FrameworkServices.UrlService import UrlService
update_every = 10
disabled_by_default = True
def charts_template(sm, alarm_status_chart_type='line'):
order = [
'alarms',
Reported by Pylint.
Line: 14
Column: 1
disabled_by_default = True
def charts_template(sm, alarm_status_chart_type='line'):
order = [
'alarms',
'values'
]
Reported by Pylint.
Line: 14
Column: 1
disabled_by_default = True
def charts_template(sm, alarm_status_chart_type='line'):
order = [
'alarms',
'values'
]
Reported by Pylint.
Line: 23
Column: 1
mappings = ', '.join(['{0}={1}'.format(k, v) for k, v in sm.items()])
charts = {
'alarms': {
'options': [None, 'Alarms ({0})'.format(mappings), 'status', 'status', 'alarms.status', alarm_status_chart_type],
'lines': [],
'variables': [
['alarms_num'],
]
},
Reported by Pylint.
Line: 43
Column: 1
DEFAULT_ALARM_STATUS_CHART_TYPE = 'line'
class Service(UrlService):
def __init__(self, configuration=None, name=None):
UrlService.__init__(self, configuration=configuration, name=name)
self.sm = self.configuration.get('status_map', DEFAULT_STATUS_MAP)
self.alarm_status_chart_type = self.configuration.get('alarm_status_chart_type', DEFAULT_ALARM_STATUS_CHART_TYPE)
self.order, self.definitions = charts_template(self.sm, self.alarm_status_chart_type)
Reported by Pylint.
Line: 43
Column: 1
DEFAULT_ALARM_STATUS_CHART_TYPE = 'line'
class Service(UrlService):
def __init__(self, configuration=None, name=None):
UrlService.__init__(self, configuration=configuration, name=name)
self.sm = self.configuration.get('status_map', DEFAULT_STATUS_MAP)
self.alarm_status_chart_type = self.configuration.get('alarm_status_chart_type', DEFAULT_ALARM_STATUS_CHART_TYPE)
self.order, self.definitions = charts_template(self.sm, self.alarm_status_chart_type)
Reported by Pylint.
Line: 46
Column: 9
class Service(UrlService):
def __init__(self, configuration=None, name=None):
UrlService.__init__(self, configuration=configuration, name=name)
self.sm = self.configuration.get('status_map', DEFAULT_STATUS_MAP)
self.alarm_status_chart_type = self.configuration.get('alarm_status_chart_type', DEFAULT_ALARM_STATUS_CHART_TYPE)
self.order, self.definitions = charts_template(self.sm, self.alarm_status_chart_type)
self.url = self.configuration.get('url', DEFAULT_URL)
self.collect_alarm_values = bool(self.configuration.get('collect_alarm_values', DEFAULT_COLLECT_ALARM_VALUES))
self.collected_dims = {'alarms': set(), 'values': set()}
Reported by Pylint.
collectors/python.d.plugin/portcheck/portcheck.chart.py
15 issues
Line: 13
Column: 1
except ImportError:
from time import time
from bases.FrameworkServices.SimpleService import SimpleService
PORT_LATENCY = 'connect'
PORT_SUCCESS = 'success'
PORT_TIMEOUT = 'timeout'
Reported by Pylint.
Line: 1
Column: 1
# -*- coding: utf-8 -*-
# Description: simple port check netdata python.d module
# Original Author: ccremer (github.com/ccremer)
# SPDX-License-Identifier: GPL-3.0-or-later
import socket
try:
from time import monotonic as time
Reported by Pylint.
Line: 25
Column: 1
CHARTS = {
'latency': {
'options': [None, 'TCP connect latency', 'milliseconds', 'latency', 'portcheck.latency', 'line'],
'lines': [
[PORT_LATENCY, 'connect', 'absolute', 100, 1000]
]
},
'status': {
Reported by Pylint.
Line: 42
Column: 1
# Not deriving from SocketService, too much is different
class Service(SimpleService):
def __init__(self, configuration=None, name=None):
SimpleService.__init__(self, configuration=configuration, name=name)
self.order = ORDER
self.definitions = CHARTS
self.host = self.configuration.get('host')
Reported by Pylint.
Line: 42
Column: 1
# Not deriving from SocketService, too much is different
class Service(SimpleService):
def __init__(self, configuration=None, name=None):
SimpleService.__init__(self, configuration=configuration, name=name)
self.order = ORDER
self.definitions = CHARTS
self.host = self.configuration.get('host')
Reported by Pylint.
Line: 53
Column: 1
def check(self):
"""
Parse configuration, check if configuration is available, and dynamically create chart lines data
:return: boolean
"""
if self.host is None or self.port is None:
self.error('Host or port missing')
return False
Reported by Pylint.
Line: 63
Column: 1
self.error('"port" is not an integer. Specify a numerical value, not service name.')
return False
self.debug('Enabled portcheck: {host}:{port}, update every {update}s, timeout: {timeout}s'.format(
host=self.host, port=self.port, update=self.update_every, timeout=self.timeout
))
# We will accept any (valid-ish) configuration, even if initial connection fails (a service might be down from
# the beginning)
return True
Reported by Pylint.
Line: 66
Column: 1
self.debug('Enabled portcheck: {host}:{port}, update every {update}s, timeout: {timeout}s'.format(
host=self.host, port=self.port, update=self.update_every, timeout=self.timeout
))
# We will accept any (valid-ish) configuration, even if initial connection fails (a service might be down from
# the beginning)
return True
def _get_data(self):
"""
Reported by Pylint.
Line: 82
Column: 1
success = False
try:
for socket_config in socket.getaddrinfo(self.host, self.port, socket.AF_UNSPEC, socket.SOCK_STREAM):
# use first working socket
sock = self._create_socket(socket_config)
if sock is not None:
self._connect2socket(data, socket_config, sock)
self._disconnect(sock)
Reported by Pylint.
Line: 102
Column: 9
return data
def _create_socket(self, socket_config):
af, sock_type, proto, _, sa = socket_config
try:
self.debug('Creating socket to "{address}", port {port}'.format(address=sa[0], port=sa[1]))
sock = socket.socket(af, sock_type, proto)
sock.settimeout(self.timeout)
return sock
Reported by Pylint.
collectors/proc.plugin/sys_class_infiniband.c
15 issues
Line: 410
Column: 5
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
// Gen filename allocation and concatenation
#define GEN_DO_COUNTER_NAME(NAME, GRP, DESC, DIR, PORT, ...) \
PORT->file_##NAME = callocz(1, strlen(PORT->counters_path) + sizeof(#NAME) + 3); \
strcat(PORT->file_##NAME, PORT->counters_path); \
strcat(PORT->file_##NAME, "/" #NAME);
FOREACH_COUNTER(GEN_DO_COUNTER_NAME, p)
// Check HW Counters vendor dependent
DIR *hwcounters_dir = opendir(hwcounters_dirname);
Reported by FlawFinder.
Line: 411
Column: 5
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
#define GEN_DO_COUNTER_NAME(NAME, GRP, DESC, DIR, PORT, ...) \
PORT->file_##NAME = callocz(1, strlen(PORT->counters_path) + sizeof(#NAME) + 3); \
strcat(PORT->file_##NAME, PORT->counters_path); \
strcat(PORT->file_##NAME, "/" #NAME);
FOREACH_COUNTER(GEN_DO_COUNTER_NAME, p)
// Check HW Counters vendor dependent
DIR *hwcounters_dir = opendir(hwcounters_dirname);
if (hwcounters_dir) {
Reported by FlawFinder.
Line: 426
Column: 5
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
// Allocate the chars to the filenames
#define GEN_DO_HWCOUNTER_NAME(NAME, GRP, DESC, DIR, PORT, HW, ...) \
HW->file_##NAME = callocz(1, strlen(PORT->hwcounters_path) + sizeof(#NAME) + 3); \
strcat(HW->file_##NAME, PORT->hwcounters_path); \
strcat(HW->file_##NAME, "/" #NAME);
// VENDOR-MLX: Mellanox
if (strncmp(dev_dent->d_name, "mlx", 3) == 0) {
// Allocate the vendor specific struct
Reported by FlawFinder.
Line: 427
Column: 5
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
#define GEN_DO_HWCOUNTER_NAME(NAME, GRP, DESC, DIR, PORT, HW, ...) \
HW->file_##NAME = callocz(1, strlen(PORT->hwcounters_path) + sizeof(#NAME) + 3); \
strcat(HW->file_##NAME, PORT->hwcounters_path); \
strcat(HW->file_##NAME, "/" #NAME);
// VENDOR-MLX: Mellanox
if (strncmp(dev_dent->d_name, "mlx", 3) == 0) {
// Allocate the vendor specific struct
p->hwcounters_mlx = callocz(1, sizeof(struct ibporthw_mlx));
Reported by FlawFinder.
Line: 237
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
struct ibport *p;
char name[IBNAME_MAX + 1];
snprintfz(name, IBNAME_MAX, "%s-%s", dev, port);
// search it, resuming from the last position in sequence
for (p = ibport_last_used; p; p = p->next) {
if (unlikely(!strcmp(name, p->name))) {
Reported by FlawFinder.
Line: 267
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
p->chart_type_hwpackets = strdupz("infiniband_hwc_packets");
p->chart_type_hwerrors = strdupz("infiniband_hwc_errors");
char buffer[RRD_ID_LENGTH_MAX + 1];
snprintfz(buffer, RRD_ID_LENGTH_MAX, "ib_cntbytes_%s", p->name);
p->chart_id_bytes = strdupz(buffer);
snprintfz(buffer, RRD_ID_LENGTH_MAX, "ib_cntpackets_%s", p->name);
p->chart_id_packets = strdupz(buffer);
Reported by FlawFinder.
Line: 310
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static long long int dt_to_refresh_ports = 0, last_refresh_ports_usec = 0;
if (unlikely(enable_new_ports == -1)) {
char dirname[FILENAME_MAX + 1];
snprintfz(dirname, FILENAME_MAX, "%s%s", netdata_configured_host_prefix, "/sys/class/infiniband");
sys_class_infiniband_dirname =
config_get(CONFIG_SECTION_PLUGIN_SYS_CLASS_INFINIBAND, "dirname to monitor", dirname);
Reported by FlawFinder.
Line: 355
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
continue;
// /sys/class/infiniband/<dev>/ports
char ports_dirname[FILENAME_MAX + 1];
snprintfz(ports_dirname, FILENAME_MAX, "%s/%s/%s", sys_class_infiniband_dirname, dev_dent->d_name, "ports");
DIR *ports_dir = opendir(ports_dirname);
if (unlikely(!ports_dir))
continue;
Reported by FlawFinder.
Line: 368
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (!strcmp(port_dent->d_name, "..") || !strcmp(port_dent->d_name, "."))
continue;
char buffer[FILENAME_MAX + 1];
// Check if counters are available (mandatory)
// /sys/class/infiniband/<device>/ports/<port>/counters
char counters_dirname[FILENAME_MAX + 1];
snprintfz(counters_dirname, FILENAME_MAX, "%s/%s/%s", ports_dirname, port_dent->d_name, "counters");
Reported by FlawFinder.
Line: 372
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// Check if counters are available (mandatory)
// /sys/class/infiniband/<device>/ports/<port>/counters
char counters_dirname[FILENAME_MAX + 1];
snprintfz(counters_dirname, FILENAME_MAX, "%s/%s/%s", ports_dirname, port_dent->d_name, "counters");
DIR *counters_dir = opendir(counters_dirname);
// Standard counters are mandatory
if (!counters_dir)
continue;
Reported by FlawFinder.
collectors/ebpf.plugin/ebpf.c
15 issues
Line: 1083
Column: 23
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
void set_global_variables()
{
// Get environment variables
ebpf_plugin_dir = getenv("NETDATA_PLUGINS_DIR");
if (!ebpf_plugin_dir)
ebpf_plugin_dir = PLUGINS_DIR;
ebpf_user_config_dir = getenv("NETDATA_USER_CONFIG_DIR");
if (!ebpf_user_config_dir)
Reported by FlawFinder.
Line: 1087
Column: 28
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (!ebpf_plugin_dir)
ebpf_plugin_dir = PLUGINS_DIR;
ebpf_user_config_dir = getenv("NETDATA_USER_CONFIG_DIR");
if (!ebpf_user_config_dir)
ebpf_user_config_dir = CONFIG_DIR;
ebpf_stock_config_dir = getenv("NETDATA_STOCK_CONFIG_DIR");
if (!ebpf_stock_config_dir)
Reported by FlawFinder.
Line: 1091
Column: 29
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (!ebpf_user_config_dir)
ebpf_user_config_dir = CONFIG_DIR;
ebpf_stock_config_dir = getenv("NETDATA_STOCK_CONFIG_DIR");
if (!ebpf_stock_config_dir)
ebpf_stock_config_dir = LIBCONFIG_DIR;
ebpf_configured_log_dir = getenv("NETDATA_LOG_DIR");
if (!ebpf_configured_log_dir)
Reported by FlawFinder.
Line: 1095
Column: 31
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (!ebpf_stock_config_dir)
ebpf_stock_config_dir = LIBCONFIG_DIR;
ebpf_configured_log_dir = getenv("NETDATA_LOG_DIR");
if (!ebpf_configured_log_dir)
ebpf_configured_log_dir = LOG_DIR;
ebpf_nprocs = (int)sysconf(_SC_NPROCESSORS_ONLN);
if (ebpf_nprocs > NETDATA_MAX_PROCESSOR) {
Reported by FlawFinder.
Line: 1150
Column: 17
CWE codes:
120
20
Suggestion:
Check implementation on installation, or limit the size of all string inputs
}
while (1) {
int c = getopt_long(argc, argv, "hvgacdnprsw", long_options, &option_index);
if (c == -1)
break;
switch (c) {
case 'h': {
Reported by FlawFinder.
Line: 68
Column: 1
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
.rwlock = AVL_LOCK_INITIALIZER } };
int running_on_kernel = 0;
char kernel_string[64];
int ebpf_nprocs;
static int isrh;
uint32_t finalized_threads = 1;
pthread_mutex_t lock;
Reported by FlawFinder.
Line: 792
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int family = ifa->ifa_addr->sa_family;
w->ver = (uint8_t) family;
char text[INET6_ADDRSTRLEN];
if (family == AF_INET) {
struct sockaddr_in *in = (struct sockaddr_in*) ifa->ifa_addr;
w->first.addr32[0] = in->sin_addr.s_addr;
w->last.addr32[0] = in->sin_addr.s_addr;
Reported by FlawFinder.
Line: 809
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
} else {
struct sockaddr_in6 *in6 = (struct sockaddr_in6*) ifa->ifa_addr;
memcpy(w->first.addr8, (void *)&in6->sin6_addr, sizeof(struct in6_addr));
memcpy(w->last.addr8, (void *)&in6->sin6_addr, sizeof(struct in6_addr));
if (inet_ntop(AF_INET6, w->first.addr8, text, INET_ADDRSTRLEN)) {
w->value = strdupz(text);
w->hash = simple_hash(text);
Reported by FlawFinder.
Line: 810
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
struct sockaddr_in6 *in6 = (struct sockaddr_in6*) ifa->ifa_addr;
memcpy(w->first.addr8, (void *)&in6->sin6_addr, sizeof(struct in6_addr));
memcpy(w->last.addr8, (void *)&in6->sin6_addr, sizeof(struct in6_addr));
if (inet_ntop(AF_INET6, w->first.addr8, text, INET_ADDRSTRLEN)) {
w->value = strdupz(text);
w->hash = simple_hash(text);
} else {
Reported by FlawFinder.
Line: 1062
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*/
static int load_collector_config(char *path, int *disable_apps)
{
char lpath[4096];
snprintf(lpath, 4095, "%s/%s", path, NETDATA_EBPF_CONFIG_FILE);
if (!appconfig_load(&collector_config, lpath, 0, NULL)) {
snprintf(lpath, 4095, "%s/%s", path, NETDATA_EBPF_OLD_CONFIG_FILE);
if (!appconfig_load(&collector_config, lpath, 0, NULL)) {
Reported by FlawFinder.
collectors/python.d.plugin/redis/redis.chart.py
15 issues
Line: 10
Column: 1
import re
from copy import deepcopy
from bases.FrameworkServices.SocketService import SocketService
REDIS_ORDER = [
'operations',
'hit_rate',
'memory',
Reported by Pylint.
Line: 1
Column: 1
# -*- coding: utf-8 -*-
# Description: redis netdata python.d module
# Author: Pawel Krupa (paulfantom)
# Author: Ilya Mashchenko (ilyam8)
# SPDX-License-Identifier: GPL-3.0-or-later
import re
from copy import deepcopy
Reported by Pylint.
Line: 89
Column: 1
]
},
'connections': {
'options': [None, 'Connections', 'connections/s', 'connections', 'redis.connections', 'line'],
'lines': [
['total_connections_received', 'received', 'incremental', 1],
['rejected_connections', 'rejected', 'incremental', -1]
]
},
Reported by Pylint.
Line: 138
Column: 1
}
def copy_chart(name):
return {name: deepcopy(CHARTS[name])}
RE = re.compile(r'\n([a-z_0-9 ]+):(?:keys=)?([^,\r]+)')
Reported by Pylint.
Line: 145
Column: 1
RE = re.compile(r'\n([a-z_0-9 ]+):(?:keys=)?([^,\r]+)')
class Service(SocketService):
def __init__(self, configuration=None, name=None):
SocketService.__init__(self, configuration=configuration, name=name)
self.order = list()
self.definitions = dict()
self._keep_alive = True
Reported by Pylint.
Line: 145
Column: 1
RE = re.compile(r'\n([a-z_0-9 ]+):(?:keys=)?([^,\r]+)')
class Service(SocketService):
def __init__(self, configuration=None, name=None):
SocketService.__init__(self, configuration=configuration, name=name)
self.order = list()
self.definitions = dict()
self._keep_alive = True
Reported by Pylint.
Line: 154
Column: 9
self.host = self.configuration.get('host', 'localhost')
self.port = self.configuration.get('port', 6379)
self.unix_socket = self.configuration.get('socket')
p = self.configuration.get('pass')
self.auth_request = 'AUTH {0} \r\n'.format(p).encode() if p else None
self.request = 'INFO\r\n'.encode()
self.bgsave_time = 0
self.keyspace_dbs = set()
Reported by Pylint.
Line: 160
Column: 5
self.bgsave_time = 0
self.keyspace_dbs = set()
def do_auth(self):
resp = self._get_raw_data(request=self.auth_request)
if not resp:
return False
if resp.strip() != '+OK':
self.error('invalid password')
Reported by Pylint.
Line: 169
Column: 5
return False
return True
def get_raw_and_parse(self):
if self.auth_request and not self.do_auth():
return None
resp = self._get_raw_data()
Reported by Pylint.
Line: 201
Column: 5
return data
@staticmethod
def calc_hit_rate(data):
try:
hits = int(data['keyspace_hits'])
misses = int(data['keyspace_misses'])
data['hit_rate'] = hits * 100 / (hits + misses)
except (KeyError, ZeroDivisionError):
Reported by Pylint.
web/server/web_client.c
15 issues
Line: 377
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
// find the physical file on disk
char webfilename[FILENAME_MAX + 1];
snprintfz(webfilename, FILENAME_MAX, "%s/%s", netdata_configured_web_dir, filename);
struct stat statbuf;
int done = 0;
while(!done) {
Reported by FlawFinder.
Line: 418
Column: 14
CWE codes:
362
}
// open the file
w->ifd = open(webfilename, O_NONBLOCK, O_RDONLY);
if(w->ifd == -1) {
w->ifd = w->ofd;
if(errno == EBUSY || errno == EAGAIN) {
error("%llu: File '%s' is busy, sending 307 Moved Temporarily to force retry.", w->id, webfilename);
Reported by FlawFinder.
Line: 861
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
w->header_parse_last_size = 0;
web_client_disable_wait_receive(w);
char hostname[256];
char *copyme = strstr(s,"hostname=");
if ( copyme ){
copyme += 9;
char *end = strchr(copyme,'&');
if(end){
Reported by FlawFinder.
Line: 868
Column: 21
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
char *end = strchr(copyme,'&');
if(end){
size_t length = MIN(255, end - copyme);
memcpy(hostname,copyme,length);
hostname[length] = 0X00;
}
else{
memcpy(hostname,"not available",13);
hostname[13] = 0x00;
Reported by FlawFinder.
Line: 872
Column: 21
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
hostname[length] = 0X00;
}
else{
memcpy(hostname,"not available",13);
hostname[13] = 0x00;
}
}
else{
memcpy(hostname,"not available",13);
Reported by FlawFinder.
Line: 877
Column: 17
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
}
else{
memcpy(hostname,"not available",13);
hostname[13] = 0x00;
}
error("The server is configured to always use encrypted connections, please enable the SSL on child with hostname '%s'.",hostname);
s = NULL;
}
Reported by FlawFinder.
Line: 1036
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
//Variables used to map the variables in the query string case it is present
int total_variables;
char *ptr_variables[WEB_FIELDS_MAX];
// make sure we have complete request
// complete requests contain: \r\n\r\n
while(*s) {
// find a line feed
Reported by FlawFinder.
Line: 1158
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *code_msg = web_response_code_to_string(w->response.code);
// prepare the last modified and expiration dates
char date[32], edate[32];
{
struct tm tmbuf, *tm;
tm = gmtime_r(&w->response.data->date, &tmbuf);
strftime(date, sizeof(date), "%a, %d %b %Y %H:%M:%S %Z", tm);
Reported by FlawFinder.
Line: 1523
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#endif /* NETDATA_INTERNAL_CHECKS */
}
char filename[FILENAME_MAX+1];
url = filename;
strncpyz(filename, w->last_url, FILENAME_MAX);
tok = mystrsep(&url, "?");
buffer_flush(w->response.data);
return mysendfile(w, (tok && *tok)?tok:"/");
Reported by FlawFinder.
Line: 1586
Column: 17
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
case HTTP_VALIDATION_INCOMPLETE:
if(w->response.data->len > NETDATA_WEB_REQUEST_MAX_SIZE) {
strcpy(w->last_url, "too big request");
debug(D_WEB_CLIENT_ACCESS, "%llu: Received request is too big (%zu bytes).", w->id, w->response.data->len);
buffer_flush(w->response.data);
buffer_sprintf(w->response.data, "Received request is too big (%zu bytes).\r\n", w->response.data->len);
Reported by FlawFinder.
collectors/python.d.plugin/traefik/traefik.chart.py
14 issues
Line: 9
Column: 1
from collections import defaultdict
from json import loads
from bases.FrameworkServices.UrlService import UrlService
ORDER = [
'response_statuses',
'response_codes',
'detailed_response_codes',
Reported by Pylint.
Line: 1
Column: 1
# -*- coding: utf-8 -*-
# Description: traefik netdata python.d module
# Author: Alexandre Menezes (@ale_menezes)
# SPDX-License-Identifier: GPL-3.0-or-later
from collections import defaultdict
from json import loads
from bases.FrameworkServices.UrlService import UrlService
Reported by Pylint.
Line: 24
Column: 1
CHARTS = {
'response_statuses': {
'options': [None, 'Response statuses', 'requests/s', 'responses', 'traefik.response_statuses', 'stacked'],
'lines': [
['successful_requests', 'success', 'incremental'],
['server_errors', 'error', 'incremental'],
['redirects', 'redirect', 'incremental'],
['bad_requests', 'bad', 'incremental'],
Reported by Pylint.
Line: 34
Column: 1
]
},
'response_codes': {
'options': [None, 'Responses by codes', 'requests/s', 'responses', 'traefik.response_codes', 'stacked'],
'lines': [
['2xx', None, 'incremental'],
['5xx', None, 'incremental'],
['3xx', None, 'incremental'],
['4xx', None, 'incremental'],
Reported by Pylint.
Line: 45
Column: 1
]
},
'detailed_response_codes': {
'options': [None, 'Detailed response codes', 'requests/s', 'responses', 'traefik.detailed_response_codes',
'stacked'],
'lines': []
},
'requests': {
'options': [None, 'Requests', 'requests/s', 'requests', 'traefik.requests', 'line'],
Reported by Pylint.
Line: 56
Column: 1
]
},
'total_response_time': {
'options': [None, 'Total response time', 'seconds', 'timings', 'traefik.total_response_time', 'line'],
'lines': [
['total_response_time_sec', 'response', 'absolute', 1, 10000]
]
},
'average_response_time': {
Reported by Pylint.
Line: 62
Column: 1
]
},
'average_response_time': {
'options': [None, 'Average response time', 'milliseconds', 'timings', 'traefik.average_response_time', 'line'],
'lines': [
['average_response_time_sec', 'response', 'absolute', 1, 1000]
]
},
'average_response_time_per_iteration': {
Reported by Pylint.
Line: 91
Column: 1
]
class Service(UrlService):
def __init__(self, configuration=None, name=None):
UrlService.__init__(self, configuration=configuration, name=name)
self.url = self.configuration.get('url', 'http://localhost:8080/health')
self.order = ORDER
self.definitions = CHARTS
Reported by Pylint.
Line: 143
Column: 5
return self.data or None
def get_data_per_code_status(self, raw_data):
data = defaultdict(int)
for code, value in raw_data['total_status_code_count'].items():
code_prefix = code[0]
if code_prefix == '1' or code_prefix == '2' or code == '304':
data['successful_requests'] += value
Reported by Pylint.
Line: 159
Column: 5
data['other_requests'] += value
self.data.update(data)
def get_data_per_code_family(self, raw_data):
data = defaultdict(int)
for code, value in raw_data['total_status_code_count'].items():
code_prefix = code[0]
if code_prefix == '1':
data['1xx'] += value
Reported by Pylint.
daemon/daemon.c
14 issues
Line: 53
Column: 12
CWE codes:
362
Suggestion:
Use fchown( ) instead
// we created it
// chown it to match the required user
if(chown(dir, uid, gid) == -1)
error("Cannot chown directory '%s' to %u:%u", dir, (unsigned int)uid, (unsigned int)gid);
}
else if(errno != EEXIST)
// log an error only if the directory does not exist
error("Cannot create directory '%s'", dir);
Reported by FlawFinder.
Line: 97
Column: 12
CWE codes:
362
Suggestion:
Use fchown( ) instead
clean_directory(netdata_configured_lock_dir);
if(pidfile[0]) {
if(chown(pidfile, uid, gid) == -1)
error("Cannot chown '%s' to %u:%u", pidfile, (unsigned int)uid, (unsigned int)gid);
}
int ngroups = (int)sysconf(_SC_NGROUPS_MAX);
gid_t *supplementary_groups = NULL;
Reported by FlawFinder.
Line: 190
Column: 15
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
}
// check the environment
char *s = getenv("OOMScoreAdjust");
if(!s || !*s) {
snprintfz(buf, 30, "%d", (int)wanted_score);
s = buf;
}
Reported by FlawFinder.
Line: 6
Column: 1
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#include "common.h"
#include <sched.h>
char pidfile[FILENAME_MAX + 1] = "";
char claimingdirectory[FILENAME_MAX + 1];
char exepath[FILENAME_MAX + 1];
void get_netdata_execution_path(void)
{
Reported by FlawFinder.
Line: 7
Column: 1
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#include <sched.h>
char pidfile[FILENAME_MAX + 1] = "";
char claimingdirectory[FILENAME_MAX + 1];
char exepath[FILENAME_MAX + 1];
void get_netdata_execution_path(void)
{
int ret;
Reported by FlawFinder.
Line: 8
Column: 1
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char pidfile[FILENAME_MAX + 1] = "";
char claimingdirectory[FILENAME_MAX + 1];
char exepath[FILENAME_MAX + 1];
void get_netdata_execution_path(void)
{
int ret;
size_t exepath_size = 0;
Reported by FlawFinder.
Line: 175
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#endif
static void oom_score_adj(void) {
char buf[30 + 1];
long long int old_score, wanted_score = OOM_SCORE_ADJ_MAX, final_score = 0;
// read the existing score
if(read_single_signed_number_file("/proc/self/oom_score_adj", &old_score)) {
error("Out-Of-Memory (OOM) score setting is not supported on this system.");
Reported by FlawFinder.
Line: 225
Column: 14
CWE codes:
362
}
int written = 0;
int fd = open("/proc/self/oom_score_adj", O_WRONLY);
if(fd != -1) {
snprintfz(buf, 30, "%d", (int)wanted_score);
ssize_t len = strlen(buf);
if(len > 0 && write(fd, buf, (size_t)len) == len) written = 1;
close(fd);
Reported by FlawFinder.
Line: 459
Column: 17
CWE codes:
362
// generate our pid file
int pidfd = -1;
if(pidfile[0]) {
pidfd = open(pidfile, O_WRONLY | O_CREAT, 0644);
if(pidfd >= 0) {
if(ftruncate(pidfd, 0) != 0)
error("Cannot truncate pidfile '%s'.", pidfile);
char b[100];
Reported by FlawFinder.
Line: 464
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if(ftruncate(pidfd, 0) != 0)
error("Cannot truncate pidfile '%s'.", pidfile);
char b[100];
sprintf(b, "%d\n", getpid());
ssize_t i = write(pidfd, b, strlen(b));
if(i <= 0)
error("Cannot write pidfile '%s'.", pidfile);
}
Reported by FlawFinder.
collectors/python.d.plugin/phpfpm/phpfpm.chart.py
14 issues
Line: 10
Column: 1
import json
import re
from bases.FrameworkServices.UrlService import UrlService
REGEX = re.compile(r'([a-z][a-z ]+): ([\d.]+)')
POOL_INFO = [
('active processes', 'active'),
Reported by Pylint.
Line: 1
Column: 1
# -*- coding: utf-8 -*-
# Description: PHP-FPM netdata python.d module
# Author: Pawel Krupa (paulfantom)
# Author: Ilya Mashchenko (ilyam8)
# SPDX-License-Identifier: GPL-3.0-or-later
import json
import re
Reported by Pylint.
Line: 30
Column: 1
]
def average(collection):
return sum(collection, 0.0) / max(len(collection), 1)
CALC = [
('min', min),
Reported by Pylint.
Line: 51
Column: 1
CHARTS = {
'connections': {
'options': [None, 'PHP-FPM Active Connections', 'connections', 'active connections', 'phpfpm.connections',
'line'],
'lines': [
['active'],
['maxActive', 'max active'],
['idle']
Reported by Pylint.
Line: 66
Column: 1
]
},
'performance': {
'options': [None, 'PHP-FPM Performance', 'status', 'performance', 'phpfpm.performance', 'line'],
'lines': [
['reached', 'max children reached'],
['slow', 'slow requests']
]
},
Reported by Pylint.
Line: 73
Column: 1
]
},
'request_duration': {
'options': [None, 'PHP-FPM Requests Duration Among All Idle Processes', 'milliseconds', 'request duration',
'phpfpm.request_duration',
'line'],
'lines': [
['minReqDur', 'min', 'absolute', 1, 1000],
['maxReqDur', 'max', 'absolute', 1, 1000],
Reported by Pylint.
Line: 83
Column: 1
]
},
'request_cpu': {
'options': [None, 'PHP-FPM Last Request CPU Usage Among All Idle Processes', 'percentage', 'request CPU',
'phpfpm.request_cpu', 'line'],
'lines': [
['minReqCpu', 'min'],
['maxReqCpu', 'max'],
['avgReqCpu', 'avg']
Reported by Pylint.
Line: 92
Column: 1
]
},
'request_mem': {
'options': [None, 'PHP-FPM Last Request Memory Usage Among All Idle Processes', 'KB', 'request memory',
'phpfpm.request_mem', 'line'],
'lines': [
['minReqMem', 'min', 'absolute', 1, 1024],
['maxReqMem', 'max', 'absolute', 1, 1024],
['avgReqMem', 'avg', 'absolute', 1, 1024]
Reported by Pylint.
Line: 103
Column: 1
}
class Service(UrlService):
def __init__(self, configuration=None, name=None):
UrlService.__init__(self, configuration=configuration, name=name)
self.order = ORDER
self.definitions = CHARTS
self.url = self.configuration.get('url', 'http://localhost/status?full&json')
Reported by Pylint.
Line: 103
Column: 1
}
class Service(UrlService):
def __init__(self, configuration=None, name=None):
UrlService.__init__(self, configuration=configuration, name=name)
self.order = ORDER
self.definitions = CHARTS
self.url = self.configuration.get('url', 'http://localhost/status?full&json')
Reported by Pylint.
database/sqlite/sqlite_functions.c
14 issues
Line: 800
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
while (sqlite3_step(res_chart) == SQLITE_ROW) {
char id[512];
sprintf(id, "%s.%s", sqlite3_column_text(res_chart, 3), sqlite3_column_text(res_chart, 1));
RRDSET *st = rrdset_find(host, id);
if (st && !rrdset_flag_check(st, RRDSET_FLAG_ARCHIVED))
continue;
if (c)
Reported by FlawFinder.
Line: 1255
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
while (sqlite3_step(res) == SQLITE_ROW) {
char id[512];
sprintf(id, "%s.%s", sqlite3_column_text(res, 3), sqlite3_column_text(res, 1));
if (!st || uuid_compare(*(uuid_t *)sqlite3_column_blob(res, 7), chart_id)) {
if (unlikely(st && !st->counter)) {
freez(st->context);
freez((char *) st->name);
Reported by FlawFinder.
Line: 165
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int sql_init_database(void)
{
char *err_msg = NULL;
char sqlite_database[FILENAME_MAX + 1];
int rc;
fatal_assert(0 == uv_mutex_init(&sqlite_transaction_lock));
snprintfz(sqlite_database, FILENAME_MAX, "%s/netdata-meta.db", netdata_configured_cache_dir);
Reported by FlawFinder.
Line: 308
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int rc;
#ifdef NETDATA_INTERNAL_CHECKS
char uuid_str[GUID_LEN + 1];
uuid_unparse_lower(*dimension_uuid, uuid_str);
debug(D_METADATALOG,"Deleting dimension uuid %s", uuid_str);
#endif
if (unlikely(!res)) {
Reported by FlawFinder.
Line: 384
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
error_report("Failed to reset statement when searching for a chart UUID, rc = %d", rc);
#ifdef NETDATA_INTERNAL_CHECKS
char uuid_str[GUID_LEN + 1];
if (likely(uuid)) {
uuid_unparse_lower(*uuid, uuid_str);
debug(D_METADATALOG, "Found UUID %s for chart %s.%s", uuid_str, type, name ? name : id);
}
else
Reported by FlawFinder.
Line: 425
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
uuid_generate(*uuid);
#ifdef NETDATA_INTERNAL_CHECKS
char uuid_str[GUID_LEN + 1];
uuid_unparse_lower(*uuid, uuid_str);
debug(D_METADATALOG,"Generating uuid [%s] for chart %s under host %s", uuid_str, st->id, st->rrdhost->hostname);
#endif
rc = update_chart_metadata(uuid, st, id, name);
Reported by FlawFinder.
Line: 799
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
size_t dimensions = 0;
while (sqlite3_step(res_chart) == SQLITE_ROW) {
char id[512];
sprintf(id, "%s.%s", sqlite3_column_text(res_chart, 3), sqlite3_column_text(res_chart, 1));
RRDSET *st = rrdset_find(host, id);
if (st && !rrdset_flag_check(st, RRDSET_FLAG_ARCHIVED))
continue;
Reported by FlawFinder.
Line: 954
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
goto failed;
}
char uuid_str[GUID_LEN + 1];
uuid_unparse_lower(*((uuid_t *) sqlite3_column_blob(res, 0)), uuid_str);
host = callocz(1, sizeof(RRDHOST));
set_host_properties(host, sqlite3_column_int(res, 2), RRD_MEMORY_MODE_DBENGINE, hostname,
Reported by FlawFinder.
Line: 1248
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
RRDSET *st = NULL;
char machine_guid[GUID_LEN + 1];
uuid_unparse_lower(host->host_uuid, machine_guid);
uuid_t rrdeng_uuid;
uuid_t chart_id;
while (sqlite3_step(res) == SQLITE_ROW) {
Reported by FlawFinder.
Line: 1254
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
uuid_t chart_id;
while (sqlite3_step(res) == SQLITE_ROW) {
char id[512];
sprintf(id, "%s.%s", sqlite3_column_text(res, 3), sqlite3_column_text(res, 1));
if (!st || uuid_compare(*(uuid_t *)sqlite3_column_blob(res, 7), chart_id)) {
if (unlikely(st && !st->counter)) {
freez(st->context);
Reported by FlawFinder.