The following issues were found

aclk/schema-wrappers/chart_config.cc
2 issues
strcpy - Does not check for buffer overflows when copying to destination [MS-banned]
Security

Line: 58 Column: 9 CWE codes: 120
Suggestion: Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused) 

                  // now copy them strings
    // null bytes handled by callocz
    for (int i = 0; i < hash_count; i++) {
        strcpy(dest, cfgs.config_hashes(i).c_str());
        res.hashes[i] = dest;
        dest += strlen(dest) + 1 /* end string null */;
    }

    return res;

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 60 Column: 17 CWE codes: 126 

                  for (int i = 0; i < hash_count; i++) {
        strcpy(dest, cfgs.config_hashes(i).c_str());
        res.hashes[i] = dest;
        dest += strlen(dest) + 1 /* end string null */;
    }

    return res;
}

Reported by FlawFinder.

web/api/formatters/json_wrapper.c
2 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 21 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  RRDDIM *rd;

    //info("JSONWRAPPER(): %s: BEGIN", r->st->id);
    char kq[2] = "",                    // key quote
            sq[2] = "";                     // string quote

    if( options & RRDR_OPTION_GOOGLE_JSON ) {
        kq[0] = '\0';
        sq[0] = '\'';

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 286 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              void rrdr_json_wrapper_end(RRDR *r, BUFFER *wb, uint32_t format, uint32_t options, int string_value) {
    (void)format;

    char kq[2] = "",                    // key quote
            sq[2] = "";                     // string quote

    if( options & RRDR_OPTION_GOOGLE_JSON ) {
        kq[0] = '\0';
        sq[0] = '\'';

Reported by FlawFinder.

collectors/ebpf.plugin/ebpf_sync.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 8 Column: 8 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
static ebpf_data_t sync_data;

static char *sync_counter_dimension_name[NETDATA_SYNC_IDX_END] = { "sync", "syncfs",  "msync", "fsync", "fdatasync",
                                                                   "sync_file_range" };
static netdata_syscall_stat_t sync_counter_aggregated_data[NETDATA_SYNC_IDX_END];
static netdata_publish_syscall_t sync_counter_publish_aggregated[NETDATA_SYNC_IDX_END];

static int read_thread_closed = 1;

Reported by FlawFinder.

exporting/json/json.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 133 Column: 9 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                      if (!should_send_label(instance, label))
            continue;

        char value[CONFIG_MAX_VALUE * 2 + 1];
        sanitize_json_string(value, label->value, CONFIG_MAX_VALUE);
        if (count > 0)
            buffer_strcat(instance->labels, ",");
        buffer_sprintf(instance->labels, "\"%s\":\"%s\"", label->key, value);

Reported by FlawFinder.

exporting/init_connectors.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 98 Column: 9 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                          error("EXPORTING: cannot create tread worker. uv_thread_create(): %s", uv_strerror(error));
            return 1;
        }
        char threadname[NETDATA_THREAD_NAME_MAX + 1];
        snprintfz(threadname, NETDATA_THREAD_NAME_MAX, "EXPORTING-%zu", instance->index);
        uv_thread_set_name_np(instance->thread, threadname);

        send_statistics("EXPORTING_START", "OK", instance->config.type_name);
    }

Reported by FlawFinder.

web/api/health/health_cmdapi.c
1 issues
fopen - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 95 Column: 16 CWE codes: 362 

              void health_silencers2file(BUFFER *wb) {
    if (wb->len == 0) return;

    FILE *fd = fopen(silencers_filename, "wb");
    if(fd) {
        size_t written = (size_t)fprintf(fd, "%s", wb->buffer) ;
        if (written == wb->len ) {
            info("Silencer changes written to %s", silencers_filename);
        }

Reported by FlawFinder.

exporting/exporting_engine.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 108 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              struct simple_connector_data {
    void *connector_specific_data;

    char connected_to[CONNECTED_TO_MAX];
    
    char *auth_string;

    size_t total_buffered_metrics;

Reported by FlawFinder.

database/sqlite/sqlite3.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 9513 Column: 12 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              ** the most recent version.
*/
typedef struct sqlite3_snapshot {
  unsigned char hidden[48];
} sqlite3_snapshot;

/*
** CAPI3REF: Record A Database Snapshot
** CONSTRUCTOR: sqlite3_snapshot

Reported by FlawFinder.

database/rrdsetvar.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 60 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  // ------------------------------------------------------------------------
    // KEYS

    char buffer[RRDVAR_MAX_LENGTH + 1];
    snprintfz(buffer, RRDVAR_MAX_LENGTH, "%s.%s", st->id, rs->variable);
    rs->key_fullid = strdupz(buffer);

    snprintfz(buffer, RRDVAR_MAX_LENGTH, "%s.%s", st->name, rs->variable);
    rs->key_fullname = strdupz(buffer);

Reported by FlawFinder.

libnetdata/os.h
1 issues
system - This causes a new program to execute and is difficult to use safely
Security

Line: 54 Column: 30 CWE codes: 78
Suggestion: try using a library call that implements the same functionality if available 

              // unknown O/S

#else
#error unsupported operating system
#endif


// =====================================================================================================================
// common for all O/S

Reported by FlawFinder.