The following issues were found
collectors/proc.plugin/proc_pagetypeinfo.c
7 issues
Line: 75
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// Handle
static procfile *ff = NULL;
static char ff_path[FILENAME_MAX + 1];
// RRD Sets
static RRDSET *st_order = NULL;
static RRDSET **st_nodezonetype = NULL;
Reported by FlawFinder.
Line: 213
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
, RRDSET_TYPE_STACKED
);
for (o = 0; o < pageorders_cnt; o++) {
char id[3+1];
snprintfz(id, 3, "%lu", o);
char name[20+1];
dim_name(name, o, pagesize);
Reported by FlawFinder.
Line: 216
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char id[3+1];
snprintfz(id, 3, "%lu", o);
char name[20+1];
dim_name(name, o, pagesize);
systemorders[o].rd = rrddim_add(st_order, id, name, pagesize, 1, RRD_ALGORITHM_ABSOLUTE);
}
}
Reported by FlawFinder.
Line: 236
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
continue;
// "pagetype Node" + NUMA-NodeId + ZoneName + TypeName
char setid[13+1+2+1+MAX_ZONETYPE_NAME+1+MAX_PAGETYPE_NAME+1];
snprintfz(setid, 13+1+2+1+MAX_ZONETYPE_NAME+1+MAX_PAGETYPE_NAME, "pagetype_Node%d_%s_%s", pgl->node, pgl->zone, pgl->type);
// Skip explicitly refused charts
if (simple_pattern_matches(filter_types, setid))
continue;
Reported by FlawFinder.
Line: 244
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
continue;
// "Node" + NUMA-NodeID + ZoneName + TypeName
char setname[4+1+MAX_ZONETYPE_NAME+1+MAX_PAGETYPE_NAME +1];
snprintfz(setname, MAX_ZONETYPE_NAME + MAX_PAGETYPE_NAME, "Node %d %s %s",
pgl->node, pgl->zone, pgl->type);
st_nodezonetype[p] = rrdset_create_localhost(
"mem"
Reported by FlawFinder.
Line: 263
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
, RRDSET_TYPE_STACKED
);
for (o = 0; o < pageorders_cnt; o++) {
char dimid[3+1];
snprintfz(dimid, 3, "%lu", o);
char dimname[20+1];
dim_name(dimname, o, pagesize);
pgl->rd[o] = rrddim_add(st_nodezonetype[p], dimid, dimname, pagesize, 1, RRD_ALGORITHM_ABSOLUTE);
Reported by FlawFinder.
Line: 265
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
for (o = 0; o < pageorders_cnt; o++) {
char dimid[3+1];
snprintfz(dimid, 3, "%lu", o);
char dimname[20+1];
dim_name(dimname, o, pagesize);
pgl->rd[o] = rrddim_add(st_nodezonetype[p], dimid, dimname, pagesize, 1, RRD_ALGORITHM_ABSOLUTE);
}
}
Reported by FlawFinder.
database/engine/rrdengineapi.c
7 issues
Line: 22
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void rrdeng_generate_legacy_uuid(const char *dim_id, char *chart_id, uuid_t *ret_uuid)
{
EVP_MD_CTX *evpctx;
unsigned char hash_value[EVP_MAX_MD_SIZE];
unsigned int hash_len;
evpctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(evpctx, EVP_sha256(), NULL);
EVP_DigestUpdate(evpctx, dim_id, strlen(dim_id));
Reported by FlawFinder.
Line: 32
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
EVP_DigestFinal_ex(evpctx, hash_value, &hash_len);
EVP_MD_CTX_destroy(evpctx);
fatal_assert(hash_len > sizeof(uuid_t));
memcpy(ret_uuid, hash_value, sizeof(uuid_t));
}
/* Transform legacy UUID to be unique across hosts deterministically */
void rrdeng_convert_legacy_uuid_to_multihost(char machine_guid[GUID_LEN + 1], uuid_t *legacy_uuid, uuid_t *ret_uuid)
{
Reported by FlawFinder.
Line: 36
Column: 46
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
/* Transform legacy UUID to be unique across hosts deterministically */
void rrdeng_convert_legacy_uuid_to_multihost(char machine_guid[GUID_LEN + 1], uuid_t *legacy_uuid, uuid_t *ret_uuid)
{
EVP_MD_CTX *evpctx;
unsigned char hash_value[EVP_MAX_MD_SIZE];
unsigned int hash_len;
Reported by FlawFinder.
Line: 39
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void rrdeng_convert_legacy_uuid_to_multihost(char machine_guid[GUID_LEN + 1], uuid_t *legacy_uuid, uuid_t *ret_uuid)
{
EVP_MD_CTX *evpctx;
unsigned char hash_value[EVP_MAX_MD_SIZE];
unsigned int hash_len;
evpctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(evpctx, EVP_sha256(), NULL);
EVP_DigestUpdate(evpctx, machine_guid, GUID_LEN);
Reported by FlawFinder.
Line: 49
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
EVP_DigestFinal_ex(evpctx, hash_value, &hash_len);
EVP_MD_CTX_destroy(evpctx);
fatal_assert(hash_len > sizeof(uuid_t));
memcpy(ret_uuid, hash_value, sizeof(uuid_t));
}
void rrdeng_metric_init(RRDDIM *rd)
{
struct page_cache *pg_cache;
Reported by FlawFinder.
Line: 27
Column: 38
CWE codes:
126
evpctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(evpctx, EVP_sha256(), NULL);
EVP_DigestUpdate(evpctx, dim_id, strlen(dim_id));
EVP_DigestUpdate(evpctx, chart_id, strlen(chart_id));
EVP_DigestFinal_ex(evpctx, hash_value, &hash_len);
EVP_MD_CTX_destroy(evpctx);
fatal_assert(hash_len > sizeof(uuid_t));
memcpy(ret_uuid, hash_value, sizeof(uuid_t));
Reported by FlawFinder.
Line: 28
Column: 40
CWE codes:
126
evpctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(evpctx, EVP_sha256(), NULL);
EVP_DigestUpdate(evpctx, dim_id, strlen(dim_id));
EVP_DigestUpdate(evpctx, chart_id, strlen(chart_id));
EVP_DigestFinal_ex(evpctx, hash_value, &hash_len);
EVP_MD_CTX_destroy(evpctx);
fatal_assert(hash_len > sizeof(uuid_t));
memcpy(ret_uuid, hash_value, sizeof(uuid_t));
}
Reported by FlawFinder.
database/rrddim.c
7 issues
Line: 346
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
}
rd->memsize = size;
strcpy(rd->magic, RRDDIMENSION_MAGIC);
rd->id = strdupz(id);
rd->hash = simple_hash(rd->id);
rd->cache_filename = strdupz(fullfilename);
Reported by FlawFinder.
Line: 72
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
debug(D_RRD_CALLS, "rrddim_set_name() from %s.%s to %s.%s", st->name, rd->name, st->name, name);
char varname[CONFIG_MAX_NAME + 1];
snprintfz(varname, CONFIG_MAX_NAME, "dim %s name", rd->id);
rd->name = config_set_default(st->config_section, varname, name);
rd->hash_name = simple_hash(rd->name);
rrddimvar_rename_all(rd);
rd->exposed = 0;
Reported by FlawFinder.
Line: 252
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return rd;
}
char filename[FILENAME_MAX + 1];
char fullfilename[FILENAME_MAX + 1];
char varname[CONFIG_MAX_NAME + 1];
unsigned long size = sizeof(RRDDIM) + (st->entries * sizeof(storage_number));
Reported by FlawFinder.
Line: 253
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
char filename[FILENAME_MAX + 1];
char fullfilename[FILENAME_MAX + 1];
char varname[CONFIG_MAX_NAME + 1];
unsigned long size = sizeof(RRDDIM) + (st->entries * sizeof(storage_number));
debug(D_RRD_CALLS, "Adding dimension '%s/%s'.", st->id, id);
Reported by FlawFinder.
Line: 255
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char filename[FILENAME_MAX + 1];
char fullfilename[FILENAME_MAX + 1];
char varname[CONFIG_MAX_NAME + 1];
unsigned long size = sizeof(RRDDIM) + (st->entries * sizeof(storage_number));
debug(D_RRD_CALLS, "Adding dimension '%s/%s'.", st->id, id);
rrdset_strncpyz_name(filename, id, FILENAME_MAX);
Reported by FlawFinder.
Line: 190
Column: 92
CWE codes:
126
for (rrdc = host->alarms_with_foreach; rrdc ; rrdc = rrdc->next) {
if (simple_pattern_matches(rrdc->spdim, rd->id) || simple_pattern_matches(rrdc->spdim, rd->name)) {
if (rrdc->hash_chart == st->hash_name || !strcmp(rrdc->chart, st->name) || !strcmp(rrdc->chart, st->id)) {
char *name = alarm_name_with_dim(rrdc->name, strlen(rrdc->name), rd->name, strlen(rd->name));
if (name) {
if(rrdcalc_exists(host, st->name, name, 0, 0)){
freez(name);
continue;
}
Reported by FlawFinder.
Line: 190
Column: 62
CWE codes:
126
for (rrdc = host->alarms_with_foreach; rrdc ; rrdc = rrdc->next) {
if (simple_pattern_matches(rrdc->spdim, rd->id) || simple_pattern_matches(rrdc->spdim, rd->name)) {
if (rrdc->hash_chart == st->hash_name || !strcmp(rrdc->chart, st->name) || !strcmp(rrdc->chart, st->id)) {
char *name = alarm_name_with_dim(rrdc->name, strlen(rrdc->name), rd->name, strlen(rd->name));
if (name) {
if(rrdcalc_exists(host, st->name, name, 0, 0)){
freez(name);
continue;
}
Reported by FlawFinder.
exporting/read_config.c
7 issues
Line: 119
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
return 0;
}
strcpy(target_ci->instance_name, local_ci->instance_name);
strcpy(target_ci->connector_name, local_ci->connector_name);
return 1;
}
Reported by FlawFinder.
Line: 120
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
}
strcpy(target_ci->instance_name, local_ci->instance_name);
strcpy(target_ci->connector_name, local_ci->connector_name);
return 1;
}
/**
Reported by FlawFinder.
Line: 292
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
local_ci.instance_name, local_ci.connector_name);
tmp_ci_list = (struct connector_instance_list *)callocz(1, sizeof(struct connector_instance_list));
memcpy(&tmp_ci_list->local_ci, &local_ci, sizeof(local_ci));
tmp_ci_list->backend_type = exporting_select_type(local_ci.connector_name);
tmp_ci_list->next = tmp_ci_list_prev;
tmp_ci_list_prev = tmp_ci_list;
instances_to_activate++;
} else
Reported by FlawFinder.
Line: 475
Column: 81
CWE codes:
126
#define STR_PROMETHEUS_REMOTE_WRITE_HTTPS "prometheus_remote_write:https"
if ((tmp_instance->config.type == EXPORTING_CONNECTOR_TYPE_GRAPHITE_HTTP &&
!strncmp(tmp_ci_list->local_ci.connector_name, STR_GRAPHITE_HTTPS, strlen(STR_GRAPHITE_HTTPS))) ||
(tmp_instance->config.type == EXPORTING_CONNECTOR_TYPE_JSON_HTTP &&
!strncmp(tmp_ci_list->local_ci.connector_name, STR_JSON_HTTPS, strlen(STR_JSON_HTTPS))) ||
(tmp_instance->config.type == EXPORTING_CONNECTOR_TYPE_OPENTSDB_HTTP &&
!strncmp(tmp_ci_list->local_ci.connector_name, STR_OPENTSDB_HTTPS, strlen(STR_OPENTSDB_HTTPS))) ||
(tmp_instance->config.type == EXPORTING_CONNECTOR_TYPE_PROMETHEUS_REMOTE_WRITE &&
Reported by FlawFinder.
Line: 477
Column: 77
CWE codes:
126
if ((tmp_instance->config.type == EXPORTING_CONNECTOR_TYPE_GRAPHITE_HTTP &&
!strncmp(tmp_ci_list->local_ci.connector_name, STR_GRAPHITE_HTTPS, strlen(STR_GRAPHITE_HTTPS))) ||
(tmp_instance->config.type == EXPORTING_CONNECTOR_TYPE_JSON_HTTP &&
!strncmp(tmp_ci_list->local_ci.connector_name, STR_JSON_HTTPS, strlen(STR_JSON_HTTPS))) ||
(tmp_instance->config.type == EXPORTING_CONNECTOR_TYPE_OPENTSDB_HTTP &&
!strncmp(tmp_ci_list->local_ci.connector_name, STR_OPENTSDB_HTTPS, strlen(STR_OPENTSDB_HTTPS))) ||
(tmp_instance->config.type == EXPORTING_CONNECTOR_TYPE_PROMETHEUS_REMOTE_WRITE &&
!strncmp(
tmp_ci_list->local_ci.connector_name, STR_PROMETHEUS_REMOTE_WRITE_HTTPS,
Reported by FlawFinder.
Line: 479
Column: 81
CWE codes:
126
(tmp_instance->config.type == EXPORTING_CONNECTOR_TYPE_JSON_HTTP &&
!strncmp(tmp_ci_list->local_ci.connector_name, STR_JSON_HTTPS, strlen(STR_JSON_HTTPS))) ||
(tmp_instance->config.type == EXPORTING_CONNECTOR_TYPE_OPENTSDB_HTTP &&
!strncmp(tmp_ci_list->local_ci.connector_name, STR_OPENTSDB_HTTPS, strlen(STR_OPENTSDB_HTTPS))) ||
(tmp_instance->config.type == EXPORTING_CONNECTOR_TYPE_PROMETHEUS_REMOTE_WRITE &&
!strncmp(
tmp_ci_list->local_ci.connector_name, STR_PROMETHEUS_REMOTE_WRITE_HTTPS,
strlen(STR_PROMETHEUS_REMOTE_WRITE_HTTPS)))) {
tmp_instance->config.options |= EXPORTING_OPTION_USE_TLS;
Reported by FlawFinder.
Line: 483
Column: 18
CWE codes:
126
(tmp_instance->config.type == EXPORTING_CONNECTOR_TYPE_PROMETHEUS_REMOTE_WRITE &&
!strncmp(
tmp_ci_list->local_ci.connector_name, STR_PROMETHEUS_REMOTE_WRITE_HTTPS,
strlen(STR_PROMETHEUS_REMOTE_WRITE_HTTPS)))) {
tmp_instance->config.options |= EXPORTING_OPTION_USE_TLS;
}
#endif
#ifdef NETDATA_INTERNAL_CHECKS
Reported by FlawFinder.
registry/registry_internals.c
7 issues
Line: 84
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// verify the person, the machine and the URL exist in our DB
REGISTRY_PERSON_URL *registry_verify_request(char *person_guid, char *machine_guid, char *url, REGISTRY_PERSON **pp, REGISTRY_MACHINE **mm) {
char pbuf[GUID_LEN + 1], mbuf[GUID_LEN + 1];
if(!person_guid || !*person_guid || !machine_guid || !*machine_guid || !url || !*url) {
info("Registry Request Verification: invalid request! person: '%s', machine '%s', url '%s'", person_guid?person_guid:"UNSET", machine_guid?machine_guid:"UNSET", url?url:"UNSET");
return NULL;
}
Reported by FlawFinder.
Line: 224
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
REGISTRY_MACHINE *registry_request_machine(char *person_guid, char *machine_guid, char *url, char *request_machine, time_t when) {
(void)when;
char mbuf[GUID_LEN + 1];
REGISTRY_PERSON *p = NULL;
REGISTRY_MACHINE *m = NULL;
REGISTRY_PERSON_URL *pu = registry_verify_request(person_guid, machine_guid, url, &p, &m);
if(!pu || !p || !m) return NULL;
Reported by FlawFinder.
Line: 285
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
char *registry_get_this_machine_guid(void) {
static char guid[GUID_LEN + 1] = "";
if(likely(guid[0]))
return guid;
// read it from disk
Reported by FlawFinder.
Line: 291
Column: 14
CWE codes:
362
return guid;
// read it from disk
int fd = open(registry.machine_guid_filename, O_RDONLY);
if(fd != -1) {
char buf[GUID_LEN + 1];
if(read(fd, buf, GUID_LEN) != GUID_LEN)
error("Failed to read machine GUID from '%s'", registry.machine_guid_filename);
else {
Reported by FlawFinder.
Line: 293
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// read it from disk
int fd = open(registry.machine_guid_filename, O_RDONLY);
if(fd != -1) {
char buf[GUID_LEN + 1];
if(read(fd, buf, GUID_LEN) != GUID_LEN)
error("Failed to read machine GUID from '%s'", registry.machine_guid_filename);
else {
buf[GUID_LEN] = '\0';
if(regenerate_guid(buf, guid) == -1) {
Reported by FlawFinder.
Line: 319
Column: 14
CWE codes:
362
guid[GUID_LEN] = '\0';
// save it
fd = open(registry.machine_guid_filename, O_WRONLY|O_CREAT|O_TRUNC, 444);
if(fd == -1)
fatal("Cannot create unique machine id file '%s'. Please fix this.", registry.machine_guid_filename);
if(write(fd, guid, GUID_LEN) != GUID_LEN)
fatal("Cannot write the unique machine id file '%s'. Please fix this.", registry.machine_guid_filename);
Reported by FlawFinder.
Line: 294
Column: 12
CWE codes:
120
20
int fd = open(registry.machine_guid_filename, O_RDONLY);
if(fd != -1) {
char buf[GUID_LEN + 1];
if(read(fd, buf, GUID_LEN) != GUID_LEN)
error("Failed to read machine GUID from '%s'", registry.machine_guid_filename);
else {
buf[GUID_LEN] = '\0';
if(regenerate_guid(buf, guid) == -1) {
error("Failed to validate machine GUID '%s' from '%s'. Ignoring it - this might mean this netdata will appear as duplicate in the registry.",
Reported by FlawFinder.
collectors/python.d.plugin/python_modules/urllib3/packages/ordered_dict.py
6 issues
Line: 143
Column: 5
for k in self:
yield (k, self[k])
def update(*args, **kwds):
'''od.update(E, **F) -> None. Update od from dict/iterable E and F.
If E is a dict instance, does: for k in E: od[k] = E[k]
If E has a .keys() method, does: for k in E.keys(): od[k] = E[k]
Or if E is an iterable of items, does: for k, v in E: od[k] = v
Reported by Pylint.
Line: 29
Column: 5
# The sentinel element never gets deleted (this simplifies the algorithm).
# Each link is stored as a list of length three: [PREV, NEXT, KEY].
def __init__(self, *args, **kwds):
'''Initialize an ordered dictionary. Signature is the same as for
regular dictionaries, but keyword arguments are not recommended
because their insertion order is arbitrary.
'''
Reported by Pylint.
Line: 198
Column: 5
self[key] = default
return default
def __repr__(self, _repr_running={}):
'od.__repr__() <==> repr(od)'
call_key = id(self), _get_ident()
if call_key in _repr_running:
return '...'
_repr_running[call_key] = 1
Reported by Pylint.
Line: 1
Column: 1
# Backport of OrderedDict() class that runs on Python 2.4, 2.5, 2.6, 2.7 and pypy.
# Passes Python2.7's test suite and incorporates all the latest updates.
# Copyright 2009 Raymond Hettinger, released under the MIT License.
# http://code.activestate.com/recipes/576693/
# SPDX-License-Identifier: MIT
try:
from thread import get_ident as _get_ident
except ImportError:
from dummy_thread import get_ident as _get_ident
Reported by Pylint.
Line: 152
Column: 9
In either case, this is followed by: for k, v in F.items(): od[k] = v
'''
if len(args) > 2:
raise TypeError('update() takes at most 2 positional '
'arguments (%d given)' % (len(args),))
elif not args:
raise TypeError('update() takes at least 1 argument (0 given)')
self = args[0]
Reported by Pylint.
Line: 231
Column: 9
and values equal to v (which defaults to None).
'''
d = cls()
for key in iterable:
d[key] = value
return d
def __eq__(self, other):
Reported by Pylint.
collectors/python.d.plugin/retroshare/retroshare.chart.py
6 issues
Line: 8
Column: 1
import json
from bases.FrameworkServices.UrlService import UrlService
ORDER = [
'bandwidth',
'peers',
'dht',
Reported by Pylint.
Line: 68
Column: 9
Get data from API
:return: dict
"""
self.url = self.baseurl + '/api/v2/stats'
data = self._get_stats()
if data is None:
return None
data['bandwidth_up_kb'] = data['bandwidth_up_kb'] * -1
Reported by Pylint.
Line: 1
Column: 1
# -*- coding: utf-8 -*-
# Description: RetroShare netdata python.d module
# Authors: sehraf
# SPDX-License-Identifier: GPL-3.0-or-later
import json
from bases.FrameworkServices.UrlService import UrlService
Reported by Pylint.
Line: 18
Column: 1
CHARTS = {
'bandwidth': {
'options': [None, 'RetroShare Bandwidth', 'kilobits/s', 'RetroShare', 'retroshare.bandwidth', 'area'],
'lines': [
['bandwidth_up_kb', 'Upload'],
['bandwidth_down_kb', 'Download']
]
},
Reported by Pylint.
Line: 41
Column: 1
}
class Service(UrlService):
def __init__(self, configuration=None, name=None):
UrlService.__init__(self, configuration=configuration, name=name)
self.order = ORDER
self.definitions = CHARTS
self.baseurl = self.configuration.get('url', 'http://localhost:9090')
Reported by Pylint.
Line: 41
Column: 1
}
class Service(UrlService):
def __init__(self, configuration=None, name=None):
UrlService.__init__(self, configuration=configuration, name=name)
self.order = ORDER
self.definitions = CHARTS
self.baseurl = self.configuration.get('url', 'http://localhost:9090')
Reported by Pylint.
collectors/python.d.plugin/logind/logind.chart.py
6 issues
Line: 6
Column: 1
# Author: Austin S. Hemmelgarn (Ferroin)
# SPDX-License-Identifier: GPL-3.0-or-later
from bases.FrameworkServices.ExecutableService import ExecutableService
priority = 59999
disabled_by_default = True
LOGINCTL_COMMAND = 'loginctl list-sessions --no-legend'
Reported by Pylint.
Line: 1
Column: 1
# -*- coding: utf-8 -*-
# Description: logind netdata python.d module
# Author: Austin S. Hemmelgarn (Ferroin)
# SPDX-License-Identifier: GPL-3.0-or-later
from bases.FrameworkServices.ExecutableService import ExecutableService
priority = 59999
disabled_by_default = True
Reported by Pylint.
Line: 8
Column: 1
from bases.FrameworkServices.ExecutableService import ExecutableService
priority = 59999
disabled_by_default = True
LOGINCTL_COMMAND = 'loginctl list-sessions --no-legend'
ORDER = [
Reported by Pylint.
Line: 9
Column: 1
from bases.FrameworkServices.ExecutableService import ExecutableService
priority = 59999
disabled_by_default = True
LOGINCTL_COMMAND = 'loginctl list-sessions --no-legend'
ORDER = [
'sessions',
Reported by Pylint.
Line: 45
Column: 1
}
class Service(ExecutableService):
def __init__(self, configuration=None, name=None):
ExecutableService.__init__(self, configuration=configuration, name=name)
self.order = ORDER
self.definitions = CHARTS
self.command = LOGINCTL_COMMAND
Reported by Pylint.
Line: 45
Column: 1
}
class Service(ExecutableService):
def __init__(self, configuration=None, name=None):
ExecutableService.__init__(self, configuration=configuration, name=name)
self.order = ORDER
self.definitions = CHARTS
self.command = LOGINCTL_COMMAND
Reported by Pylint.
tests/profile/statsd-stress.c
6 issues
Line: 83
Column: 16
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
if(!types[t]) t = 0;
char *type = types[t];
lengths[i] = sprintf(packet, "stress.%s.t%zu.m%zu:%zu|%s", type, data->id, i, myrand(metrics), type);
packets[i] = strdup(packet);
// printf("packet %zu, of length %zu: '%s'\n", i, lengths[i], packets[i]);
}
//printf("\n");
Reported by FlawFinder.
Line: 122
Column: 2
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
pthread_t threads[run_threads], report;
size_t i;
srand(time(NULL));
memset(&si_other, 0, sizeof(si_other));
si_other.sin_family = AF_INET;
si_other.sin_port = htons(port);
if (inet_aton(ip, &si_other.sin_addr)==0) {
Reported by FlawFinder.
Line: 70
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct thread_data *data = (struct thread_data *)__data;
int s;
char packet[1024];
if ((s = socket(AF_INET, SOCK_DGRAM, 0))==-1)
diep("socket");
char **packets = malloc(sizeof(char *) * metrics);
Reported by FlawFinder.
Line: 112
Column: 16
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
exit(-1);
}
run_threads = atoi(argv[1]);
metrics = atoi(argv[2]);
char *ip = argv[3];
int port = atoi(argv[4]);
struct thread_data data[run_threads];
Reported by FlawFinder.
Line: 113
Column: 12
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
}
run_threads = atoi(argv[1]);
metrics = atoi(argv[2]);
char *ip = argv[3];
int port = atoi(argv[4]);
struct thread_data data[run_threads];
struct sockaddr_in si_other;
Reported by FlawFinder.
Line: 115
Column: 13
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
run_threads = atoi(argv[1]);
metrics = atoi(argv[2]);
char *ip = argv[3];
int port = atoi(argv[4]);
struct thread_data data[run_threads];
struct sockaddr_in si_other;
pthread_t threads[run_threads], report;
size_t i;
Reported by FlawFinder.
collectors/python.d.plugin/example/example.chart.py
6 issues
Line: 8
Column: 1
from random import SystemRandom
from bases.FrameworkServices.SimpleService import SimpleService
priority = 90000
ORDER = [
'random',
Reported by Pylint.
Line: 1
Column: 1
# -*- coding: utf-8 -*-
# Description: example netdata python.d module
# Author: Put your name here (your github login)
# SPDX-License-Identifier: GPL-3.0-or-later
from random import SystemRandom
from bases.FrameworkServices.SimpleService import SimpleService
Reported by Pylint.
Line: 10
Column: 1
from bases.FrameworkServices.SimpleService import SimpleService
priority = 90000
ORDER = [
'random',
]
Reported by Pylint.
Line: 26
Column: 1
}
class Service(SimpleService):
def __init__(self, configuration=None, name=None):
SimpleService.__init__(self, configuration=configuration, name=name)
self.order = ORDER
self.definitions = CHARTS
self.random = SystemRandom()
Reported by Pylint.
Line: 37
Column: 5
self.upper = self.configuration.get('upper', 100)
@staticmethod
def check():
return True
def get_data(self):
data = dict()
Reported by Pylint.
Line: 40
Column: 5
def check():
return True
def get_data(self):
data = dict()
for i in range(0, self.num_lines):
dimension_id = ''.join(['random', str(i)])
Reported by Pylint.