The following issues were found
exporting/tests/system_doubles.c
3 issues
Line: 45
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
check_expected(flags);
char *mock_string = "Test recv";
strcpy(buf, mock_string);
return strlen(mock_string);
}
ssize_t __wrap_send(int sockfd, const void *buf, size_t len, int flags)
Reported by FlawFinder.
Line: 47
Column: 12
CWE codes:
126
char *mock_string = "Test recv";
strcpy(buf, mock_string);
return strlen(mock_string);
}
ssize_t __wrap_send(int sockfd, const void *buf, size_t len, int flags)
{
function_called();
Reported by FlawFinder.
Line: 60
Column: 12
CWE codes:
126
check_expected(len);
check_expected(flags);
return strlen(buf);
}
Reported by FlawFinder.
libnetdata/statistical/statistical.c
3 issues
Line: 13
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
fprintf(stderr, "%s of %zu entries [ ", msg, entries);
for(value = series; value < end ;value++) {
if(value != series) fprintf(stderr, ", ");
fprintf(stderr, "%" LONG_DOUBLE_MODIFIER, *value);
}
fprintf(stderr, " ] results in " CALCULATED_NUMBER_FORMAT "\n", result);
}
// --------------------------------------------------------------------------------------------------------------------
Reported by FlawFinder.
Line: 111
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
inline LONG_DOUBLE *copy_series(const LONG_DOUBLE *series, size_t entries) {
LONG_DOUBLE *copy = mallocz(sizeof(LONG_DOUBLE) * entries);
memcpy(copy, series, sizeof(LONG_DOUBLE) * entries);
return copy;
}
LONG_DOUBLE median_on_sorted_series(const LONG_DOUBLE *series, size_t entries) {
if(unlikely(entries == 0)) return NAN;
Reported by FlawFinder.
Line: 354
Column: 19
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* copy start values to the beginning of the vectors */
level[0] = *a;
if(beta > 0) trend[0] = *b;
if(gamma > 0) memcpy(season, s, *period * sizeof(LONG_DOUBLE));
for(i = start_time - 1; i < entries; i++) {
/* indices for period i */
i0 = i - start_time + 2;
s0 = i0 + *period - 1;
Reported by FlawFinder.
aclk/legacy/aclk_common.c
3 issues
Line: 44
Column: 22
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
error("Port specified in %s is invalid", url);
return 0;
}
*aclk_port = atoi(&url[host_end+1]);
}
if (url[host_end] == '/') {
*aclk_port = 443;
*aclk_hostname = callocz(1, host_end - pos + 1);
strncpy(*aclk_hostname, url+pos, host_end - pos);
Reported by FlawFinder.
Line: 36
Column: 9
CWE codes:
120
}
if (url[host_end] == ':') {
*aclk_hostname = callocz(host_end - pos + 1, 1);
strncpy(*aclk_hostname, url + pos, host_end - pos);
int port_end = host_end + 1;
while (url[port_end] >= '0' && url[port_end] <= '9')
port_end++;
if (port_end - host_end > 6) {
error("Port specified in %s is invalid", url);
Reported by FlawFinder.
Line: 49
Column: 9
CWE codes:
120
if (url[host_end] == '/') {
*aclk_port = 443;
*aclk_hostname = callocz(1, host_end - pos + 1);
strncpy(*aclk_hostname, url+pos, host_end - pos);
}
info("Setting ACLK target host=%s port=%d from %s", *aclk_hostname, *aclk_port, url);
return 0;
}
Reported by FlawFinder.
libnetdata/clocks/clocks.c
3 issues
Line: 214
Column: 15
CWE codes:
676
Suggestion:
Use nanosleep(2) or setitimer(2) instead
return 0;
#else
int ret = usleep(usec);
if(unlikely(ret == -1 && errno == EINVAL)) {
// on certain systems, usec has to be up to 999999
if(usec > 999999) {
int counter = usec / 999999;
while(counter--)
Reported by FlawFinder.
Line: 220
Column: 17
CWE codes:
676
Suggestion:
Use nanosleep(2) or setitimer(2) instead
if(usec > 999999) {
int counter = usec / 999999;
while(counter--)
usleep(999999);
usleep(usec % 999999);
}
else {
error("Cannot usleep() for %llu microseconds.", usec);
Reported by FlawFinder.
Line: 222
Column: 13
CWE codes:
676
Suggestion:
Use nanosleep(2) or setitimer(2) instead
while(counter--)
usleep(999999);
usleep(usec % 999999);
}
else {
error("Cannot usleep() for %llu microseconds.", usec);
return ret;
}
Reported by FlawFinder.
collectors/diskspace.plugin/plugin_diskspace.c
3 issues
Line: 119
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mount_point_metadata *m = dictionary_get(dict_mountpoints, mi->mount_point);
if(unlikely(!m)) {
char var_name[4096 + 1];
snprintfz(var_name, 4096, "plugin:proc:diskspace:%s", mi->mount_point);
int def_space = config_get_boolean_ondemand(CONFIG_SECTION_DISKSPACE, "space usage for all disks", CONFIG_BOOLEAN_AUTO);
int def_inodes = config_get_boolean_ondemand(CONFIG_SECTION_DISKSPACE, "inodes usage for all disks", CONFIG_BOOLEAN_AUTO);
Reported by FlawFinder.
Line: 259
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
m->do_space = CONFIG_BOOLEAN_YES;
m->st_space = rrdset_find_active_bytype_localhost("disk_space", disk);
if(unlikely(!m->st_space)) {
char title[4096 + 1];
snprintfz(title, 4096, "Disk Space Usage for %s [%s]", family, mi->mount_source);
m->st_space = rrdset_create_localhost(
"disk_space"
, disk
, NULL
Reported by FlawFinder.
Line: 301
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
m->do_inodes = CONFIG_BOOLEAN_YES;
m->st_inodes = rrdset_find_active_bytype_localhost("disk_inodes", disk);
if(unlikely(!m->st_inodes)) {
char title[4096 + 1];
snprintfz(title, 4096, "Disk Files (inodes) Usage for %s [%s]", family, mi->mount_source);
m->st_inodes = rrdset_create_localhost(
"disk_inodes"
, disk
, NULL
Reported by FlawFinder.
collectors/freebsd.plugin/freebsd_getmntinfo.c
3 issues
Line: 179
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
mount_points_found = 0;
for (i = 0; i < mntsize; i++) {
char title[4096 + 1];
struct mount_point *m = get_mount_point(mntbuf[i].f_mntonname);
m->updated = 1;
mount_points_found++;
Reported by FlawFinder.
Line: 186
Column: 21
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
mount_points_found++;
if (unlikely(!m->configured)) {
char var_name[4096 + 1];
// this is the first time we see this filesystem
// remember we configured it
m->configured = 1;
Reported by FlawFinder.
Line: 106
Column: 14
CWE codes:
126
m = callocz(1, sizeof(struct mount_point));
m->name = strdupz(name);
m->hash = simple_hash(m->name);
m->len = strlen(m->name);
mount_points_added++;
// link it to the end
if (mount_points_root) {
struct mount_point *e;
Reported by FlawFinder.
exporting/tests/netdata_doubles.c
3 issues
Line: 9
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
const char *__wrap_strdupz(const char *s)
{
char *duplicate = malloc(sizeof(char) * (strlen(s) + 1));
strcpy(duplicate, s);
return duplicate;
}
time_t __wrap_now_realtime_sec(void)
Reported by FlawFinder.
Line: 39
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
va_list args;
va_start(args, fmt);
vsnprintf(log_line, MAX_LOG_LINE, fmt, args);
va_end(args);
}
int __wrap_connect_to_one_of(
const char *destination,
Reported by FlawFinder.
Line: 8
Column: 46
CWE codes:
126
// Use memory allocation functions guarded by CMocka in strdupz
const char *__wrap_strdupz(const char *s)
{
char *duplicate = malloc(sizeof(char) * (strlen(s) + 1));
strcpy(duplicate, s);
return duplicate;
}
Reported by FlawFinder.
backends/mongodb/mongodb.c
3 issues
Line: 122
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int line = 0;
char filename[FILENAME_MAX + 1];
snprintfz(filename, FILENAME_MAX, "%s/mongodb.conf", path);
char buffer[CONFIG_FILE_LINE_MAX + 1], *s;
debug(D_BACKEND, "BACKEND: opening config file '%s'", filename);
Reported by FlawFinder.
Line: 125
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char filename[FILENAME_MAX + 1];
snprintfz(filename, FILENAME_MAX, "%s/mongodb.conf", path);
char buffer[CONFIG_FILE_LINE_MAX + 1], *s;
debug(D_BACKEND, "BACKEND: opening config file '%s'", filename);
FILE *fp = fopen(filename, "r");
if(!fp) {
Reported by FlawFinder.
Line: 129
Column: 16
CWE codes:
362
debug(D_BACKEND, "BACKEND: opening config file '%s'", filename);
FILE *fp = fopen(filename, "r");
if(!fp) {
return 1;
}
while(fgets(buffer, CONFIG_FILE_LINE_MAX, fp) != NULL) {
Reported by FlawFinder.
collectors/ebpf.plugin/ebpf.h
3 issues
Line: 68
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
} netdata_publish_vfs_common_t;
typedef struct netdata_error_report {
char comm[16];
__u32 pid;
int type;
int err;
} netdata_error_report_t;
Reported by FlawFinder.
Line: 137
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
extern int ebpf_nprocs;
extern int running_on_kernel;
extern char *ebpf_plugin_dir;
extern char kernel_string[64];
extern pthread_mutex_t collect_data_mutex;
extern pthread_cond_t collect_data_cond_var;
// Common functions
Reported by FlawFinder.
libnetdata/eval/eval.c
3 issues
Line: 374
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return;
}
char b[100+1], *s;
snprintfz(b, 100, CALCULATED_NUMBER_FORMAT, n);
s = &b[strlen(b) - 1];
while(s > b && *s == '0') {
*s ='\0';
Reported by FlawFinder.
Line: 912
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// parse a full operand, including its sign or other associative operator (e.g. NOT)
static inline EVAL_NODE *parse_one_full_operand(const char **string, int *error) {
char variable_buffer[EVAL_MAX_VARIABLE_NAME_LENGTH + 1];
EVAL_NODE *op1 = NULL;
calculated_number number;
*error = EVAL_ERROR_OK;
Reported by FlawFinder.
Line: 377
Column: 12
CWE codes:
126
char b[100+1], *s;
snprintfz(b, 100, CALCULATED_NUMBER_FORMAT, n);
s = &b[strlen(b) - 1];
while(s > b && *s == '0') {
*s ='\0';
s--;
}
Reported by FlawFinder.