The following issues were found
collectors/nfacct.plugin/plugin_nfacct.c
2 issues
Line: 71
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
uint32_t portid;
struct nlattr *tb[CTA_STATS_MAX+1];
const char *attr2name[CTA_STATS_MAX+1];
kernel_uint_t metrics[CTA_STATS_MAX+1];
struct nlattr *tb_exp[CTA_STATS_EXP_MAX+1];
const char *attr2name_exp[CTA_STATS_EXP_MAX+1];
kernel_uint_t metrics_exp[CTA_STATS_EXP_MAX+1];
Reported by FlawFinder.
Line: 75
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
kernel_uint_t metrics[CTA_STATS_MAX+1];
struct nlattr *tb_exp[CTA_STATS_EXP_MAX+1];
const char *attr2name_exp[CTA_STATS_EXP_MAX+1];
kernel_uint_t metrics_exp[CTA_STATS_EXP_MAX+1];
} nfstat_root = {
.update_every = 1,
.buf = NULL,
.buf_size = 0,
Reported by FlawFinder.
database/engine/pagecache.c
2 issues
Line: 304
Column: 25
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
if (unlikely(failures > 1)) {
unsigned long slots, usecs_to_sleep;
/* exponential backoff */
slots = random() % (2LU << MIN(failures, FAILURES_CEILING));
usecs_to_sleep = slots * exp_backoff_slot_usec;
if (usecs_to_sleep >= USEC_PER_SEC)
error("Page cache is full. Sleeping for %llu second(s).", usecs_to_sleep / USEC_PER_SEC);
Reported by FlawFinder.
Line: 450
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!page_index->writers && !page_index->page_count) {
can_delete_metric = 1;
if (metric_id) {
memcpy(metric_id, page_index->id, sizeof(uuid_t));
}
}
uv_rwlock_wrunlock(&page_index->lock);
fatal_assert(1 == ret);
Reported by FlawFinder.
database/engine/rrdengine.h
2 issues
Line: 216
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct transaction_commit_log commit_log;
struct rrdengine_datafile_list datafiles;
RRDHOST *host; /* the legacy host, or NULL for multi-host DB */
char dbfiles_path[FILENAME_MAX + 1];
char machine_guid[GUID_LEN + 1]; /* the unique ID of the corresponding host, or localhost for multihost DB */
uint64_t disk_space;
uint64_t max_disk_space;
unsigned last_fileno; /* newest index of datafile and journalfile */
unsigned long max_cache_pages;
Reported by FlawFinder.
Line: 217
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct rrdengine_datafile_list datafiles;
RRDHOST *host; /* the legacy host, or NULL for multi-host DB */
char dbfiles_path[FILENAME_MAX + 1];
char machine_guid[GUID_LEN + 1]; /* the unique ID of the corresponding host, or localhost for multihost DB */
uint64_t disk_space;
uint64_t max_disk_space;
unsigned last_fileno; /* newest index of datafile and journalfile */
unsigned long max_cache_pages;
unsigned long cache_pages_low_watermark;
Reported by FlawFinder.
database/rrd.c
2 issues
Line: 145
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char *rrdset_cache_dir(RRDHOST *host, const char *id, const char *config_section) {
char *ret = NULL;
char b[FILENAME_MAX + 1];
char n[FILENAME_MAX + 1];
rrdset_strncpyz_name(b, id, FILENAME_MAX);
snprintfz(n, FILENAME_MAX, "%s/%s", host->cache_dir, b);
ret = config_get(config_section, "cache directory", n);
Reported by FlawFinder.
Line: 146
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char *ret = NULL;
char b[FILENAME_MAX + 1];
char n[FILENAME_MAX + 1];
rrdset_strncpyz_name(b, id, FILENAME_MAX);
snprintfz(n, FILENAME_MAX, "%s/%s", host->cache_dir, b);
ret = config_get(config_section, "cache directory", n);
Reported by FlawFinder.
collectors/freebsd.plugin/freebsd_getifaddrs.c
2 issues
Line: 412
Column: 21
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
network_interfaces_found++;
if (unlikely(!ifm->configured)) {
char var_name[4096 + 1];
// this is the first time we see this network interface
// remember we configured it
ifm->configured = 1;
Reported by FlawFinder.
Line: 125
Column: 16
CWE codes:
126
ifm = callocz(1, sizeof(struct cgroup_network_interface));
ifm->name = strdupz(name);
ifm->hash = simple_hash(ifm->name);
ifm->len = strlen(ifm->name);
network_interfaces_added++;
// link it to the end
if (network_interfaces_root) {
struct cgroup_network_interface *e;
Reported by FlawFinder.
exporting/aws_kinesis/aws_kinesis.c
2 issues
Line: 135
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
size_t sent = 0;
while (sent < buffer_len) {
char partition_key[KINESIS_PARTITION_KEY_MAX + 1];
snprintf(partition_key, KINESIS_PARTITION_KEY_MAX, "netdata_%llu", partition_key_seq++);
size_t partition_key_len = strnlen(partition_key, KINESIS_PARTITION_KEY_MAX);
const char *first_char = buffer_tostring(buffer) + sent;
Reported by FlawFinder.
Line: 151
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
while (record_len && *(first_char + record_len - 1) != '\n')
record_len--;
}
char error_message[ERROR_LINE_MAX + 1] = "";
debug(
D_BACKEND,
"EXPORTING: kinesis_put_record(): dest = %s, id = %s, key = %s, stream = %s, partition_key = %s, \
buffer = %zu, record = %zu",
Reported by FlawFinder.
.github/scripts/gen-docker-tags.py
2 issues
Line: 1
Column: 1
#!/usr/bin/env python3
import sys
REPO = 'netdata/netdata'
version = sys.argv[1].split('.')
MAJOR = ':'.join([REPO, version[0]])
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python3
import sys
REPO = 'netdata/netdata'
version = sys.argv[1].split('.')
MAJOR = ':'.join([REPO, version[0]])
Reported by Pylint.
exporting/pubsub/pubsub.c
2 issues
Line: 45
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct pubsub_specific_config *connector_specific_config =
(struct pubsub_specific_config *)instance->config.connector_specific_config;
char error_message[ERROR_LINE_MAX + 1] = "";
if (pubsub_init(
(void *)connector_specific_data, error_message, instance->config.destination,
connector_specific_config->credentials_file, connector_specific_config->project_id,
connector_specific_config->topic_id)) {
error(
Reported by FlawFinder.
Line: 103
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
while (!instance->engine->exit) {
struct stats *stats = &instance->stats;
char error_message[ERROR_LINE_MAX + 1] = "";
uv_mutex_lock(&instance->mutex);
while (!instance->data_is_ready)
uv_cond_wait(&instance->cond_var, &instance->mutex);
instance->data_is_ready = 0;
Reported by FlawFinder.
exporting/send_data.c
2 issues
Line: 32
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*/
int exporting_discard_response(BUFFER *buffer, struct instance *instance) {
#if NETDATA_INTERNAL_CHECKS
char sample[1024];
const char *s = buffer_tostring(buffer);
char *d = sample, *e = &sample[sizeof(sample) - 1];
for(; *s && d < e ;s++) {
char c = *s;
Reported by FlawFinder.
Line: 100
Column: 17
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
} else {
int sslerrno = SSL_get_error(connector_specific_data->conn, (int) r);
u_long sslerr = ERR_get_error();
char buf[256];
switch (sslerrno) {
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
goto endloop;
default:
Reported by FlawFinder.
collectors/ebpf.plugin/ebpf_process.c
2 issues
Line: 14
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*
*****************************************************************/
static char *process_dimension_names[NETDATA_KEY_PUBLISH_PROCESS_END] = { "open", "close", "process",
"task", "process", "thread" };
static char *process_id_names[NETDATA_KEY_PUBLISH_PROCESS_END] = { "do_sys_open", "__close_fd", "do_exit",
"release_task", "_do_fork", "sys_clone" };
static char *status[] = { "process", "zombie" };
Reported by FlawFinder.
Line: 16
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static char *process_dimension_names[NETDATA_KEY_PUBLISH_PROCESS_END] = { "open", "close", "process",
"task", "process", "thread" };
static char *process_id_names[NETDATA_KEY_PUBLISH_PROCESS_END] = { "do_sys_open", "__close_fd", "do_exit",
"release_task", "_do_fork", "sys_clone" };
static char *status[] = { "process", "zombie" };
static ebpf_local_maps_t process_maps[] = {{.name = "tbl_pid_stats", .internal_input = ND_EBPF_DEFAULT_PID_SIZE,
.user_input = 0,
Reported by FlawFinder.