The following issues were found
collectors/python.d.plugin/python_modules/urllib3/contrib/_securetransport/low_level.py
3 issues
Line: 19
Column: 1
import ssl
import tempfile
from .bindings import Security, CoreFoundation, CFConst
# This regular expression is used to grab PEM data out of a PEM bundle.
_PEM_CERTS_RE = re.compile(
b"-----BEGIN CERTIFICATE-----\n(.*?)\n-----END CERTIFICATE-----", re.DOTALL
Reported by Pylint.
Line: 144
Column: 12
CoreFoundation.CFArrayAppendValue(cert_array, cert)
CoreFoundation.CFRelease(cert)
except Exception:
# We need to free the array before the exception bubbles further.
# We only want to do that if an error occurs: otherwise, the caller
# should free.
CoreFoundation.CFRelease(cert_array)
Reported by Pylint.
Line: 220
Column: 30
identities = []
result_array = None
with open(path, 'rb') as f:
raw_filedata = f.read()
try:
filedata = CoreFoundation.CFDataCreate(
CoreFoundation.kCFAllocatorDefault,
Reported by Pylint.
web/api/formatters/charts2json.c
3 issues
Line: 180
Column: 13
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
.plugin = st->plugin_name ? st->plugin_name : "",
.module = st->module_name ? st->module_name : ""
};
sprintf(name, "%s:%s", col.plugin, col.module);
dictionary_set(dict, name, &col, sizeof(struct collector));
st->last_accessed_time = now;
}
}
rrdhost_unlock(host);
Reported by FlawFinder.
Line: 11
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int use_stable = -1;
if (use_stable == -1) {
char filename[FILENAME_MAX + 1];
snprintfz(filename, FILENAME_MAX, "%s/.environment", netdata_configured_user_config_dir);
procfile *ff = procfile_open(filename, "=", PROCFILE_FLAG_DEFAULT);
if(!ff) {
use_stable=1;
} else {
Reported by FlawFinder.
Line: 170
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void chartcollectors2json(RRDHOST *host, BUFFER *wb) {
DICTIONARY *dict = dictionary_create(DICTIONARY_FLAG_SINGLE_THREADED);
RRDSET *st;
char name[500];
time_t now = now_realtime_sec();
rrdhost_rdlock(host);
rrdset_foreach_read(st, host) {
if (rrdset_is_available_for_viewers(st)) {
Reported by FlawFinder.
collectors/proc.plugin/proc_net_rpc_nfs.c
2 issues
Line: 9
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define CONFIG_SECTION_PLUGIN_PROC_NFS "plugin:" PLUGIN_PROC_CONFIG_NAME ":" PLUGIN_PROC_MODULE_NFS_NAME
struct nfs_procs {
char name[30];
unsigned long long value;
int present;
RRDDIM *rd;
};
Reported by FlawFinder.
Line: 149
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int proc2_warning = 0, proc3_warning = 0, proc4_warning = 0;
if(!ff) {
char filename[FILENAME_MAX + 1];
snprintfz(filename, FILENAME_MAX, "%s%s", netdata_configured_host_prefix, "/proc/net/rpc/nfs");
ff = procfile_open(config_get(CONFIG_SECTION_PLUGIN_PROC_NFS, "filename to monitor", filename), " \t", PROCFILE_FLAG_DEFAULT);
}
if(!ff) return 1;
Reported by FlawFinder.
collectors/python.d.plugin/python_modules/urllib3/packages/__init__.py
2 issues
Line: 3
Column: 1
from __future__ import absolute_import
from . import ssl_match_hostname
__all__ = ('ssl_match_hostname', )
Reported by Pylint.
Line: 1
Column: 1
from __future__ import absolute_import
from . import ssl_match_hostname
__all__ = ('ssl_match_hostname', )
Reported by Pylint.
collectors/proc.plugin/sys_block_zram.c
2 issues
Line: 60
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
static inline void init_rrd(const char *name, ZRAM_DEVICE *d, int update_every) {
char chart_name[RRD_ID_LENGTH_MAX + 1];
snprintfz(chart_name, RRD_ID_LENGTH_MAX, "zram_usage.%s", name);
d->st_usage = rrdset_create_localhost(
"mem"
, chart_name
Reported by FlawFinder.
Line: 134
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
DIR *dir = opendir("/dev");
struct dirent *de;
struct stat st;
char filename[FILENAME_MAX + 1];
procfile *ff = NULL;
ZRAM_DEVICE device;
if (unlikely(!dir))
return 0;
Reported by FlawFinder.
collectors/python.d.plugin/python_modules/urllib3/util/wait.py
2 issues
Line: 2
Column: 1
# SPDX-License-Identifier: MIT
from .selectors import (
HAS_SELECT,
DefaultSelector,
EVENT_READ,
EVENT_WRITE
)
Reported by Pylint.
Line: 1
Column: 1
# SPDX-License-Identifier: MIT
from .selectors import (
HAS_SELECT,
DefaultSelector,
EVENT_READ,
EVENT_WRITE
)
Reported by Pylint.
collectors/proc.plugin/proc_pressure.c
2 issues
Line: 70
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int do_some = resources[i].some.enabled, do_full = resources[i].full.enabled;
if (unlikely(!ff)) {
char filename[FILENAME_MAX + 1];
char config_key[CONFIG_MAX_NAME + 1];
snprintfz(filename
, FILENAME_MAX
, "%s%s/%s"
Reported by FlawFinder.
Line: 71
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (unlikely(!ff)) {
char filename[FILENAME_MAX + 1];
char config_key[CONFIG_MAX_NAME + 1];
snprintfz(filename
, FILENAME_MAX
, "%s%s/%s"
, netdata_configured_host_prefix
Reported by FlawFinder.
collectors/proc.plugin/proc_net_sockstat6.c
2 issues
Line: 34
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int do_tcp_sockets = -1, do_udp_sockets = -1, do_udplite_sockets = -1, do_raw_sockets = -1, do_frag_sockets = -1;
static char *keys[6] = { NULL };
static uint32_t hashes[6] = { 0 };
static ARL_BASE *bases[6] = { NULL };
if(unlikely(!arl_tcp)) {
do_tcp_sockets = config_get_boolean_ondemand("plugin:proc:/proc/net/sockstat6", "ipv6 TCP sockets", CONFIG_BOOLEAN_AUTO);
Reported by FlawFinder.
Line: 75
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
if(unlikely(!ff)) {
char filename[FILENAME_MAX + 1];
snprintfz(filename, FILENAME_MAX, "%s%s", netdata_configured_host_prefix, "/proc/net/sockstat6");
ff = procfile_open(config_get("plugin:proc:/proc/net/sockstat6", "filename to monitor", filename), " \t:", PROCFILE_FLAG_DEFAULT);
if(unlikely(!ff)) return 1;
}
Reported by FlawFinder.
collectors/proc.plugin/proc_net_rpc_nfsd.c
2 issues
Line: 8
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define PLUGIN_PROC_MODULE_NFSD_NAME "/proc/net/rpc/nfsd"
struct nfsd_procs {
char name[30];
unsigned long long value;
int present;
RRDDIM *rd;
};
Reported by FlawFinder.
Line: 232
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int ra_warning = 0, th_warning = 0, proc2_warning = 0, proc3_warning = 0, proc4_warning = 0, proc4ops_warning = 0;
if(unlikely(!ff)) {
char filename[FILENAME_MAX + 1];
snprintfz(filename, FILENAME_MAX, "%s%s", netdata_configured_host_prefix, "/proc/net/rpc/nfsd");
ff = procfile_open(config_get("plugin:proc:/proc/net/rpc/nfsd", "filename to monitor", filename), " \t", PROCFILE_FLAG_DEFAULT);
if(unlikely(!ff)) return 1;
}
Reported by FlawFinder.
collectors/xenstat.plugin/xenstat_plugin.c
2 issues
Line: 412
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int i;
for(i = 0; i < node_metrics.num_domains; i++) {
xenstat_domain *domain = NULL;
char uuid[LIBXL_UUID_FMTLEN + 1];
domain = xenstat_node_domain_by_index(node, i);
// get domain UUID
unsigned int id = xenstat_domain_id(domain);
Reported by FlawFinder.
Line: 702
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct domain_metrics *d;
for(d = node_metrics.domain_root; d; d = d->next) {
char type[TYPE_LENGTH_MAX + 1];
snprintfz(type, TYPE_LENGTH_MAX, "xendomain_%s_%s", d->name, d->uuid);
if(likely(d->updated)) {
// ----------------------------------------------------------------
Reported by FlawFinder.