The following issues were found
database/rrddimvar.c
1 issues
Line: 87
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
RRDSET *st = rd->rrdset;
RRDHOST *host = st->rrdhost;
char buffer[RRDDIMVAR_ID_MAX + 1];
// KEYS
snprintfz(buffer, RRDDIMVAR_ID_MAX, "%s%s%s", rs->prefix, rd->id, rs->suffix);
rs->key_id = strdupz(buffer);
Reported by FlawFinder.
collectors/proc.plugin/sys_devices_system_node.c
1 issues
Line: 16
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int find_all_nodes() {
int numa_node_count = 0;
char name[FILENAME_MAX + 1];
snprintfz(name, FILENAME_MAX, "%s%s", netdata_configured_host_prefix, "/sys/devices/system/node");
char *dirname = config_get("plugin:proc:/sys/devices/system/node", "directory to monitor", name);
DIR *dir = opendir(dirname);
if(!dir) {
Reported by FlawFinder.
database/rrdcalctemplate.c
1 issues
Line: 14
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
errno = 0;
struct label *move = host->labels.head;
char cmp[CONFIG_FILE_LINE_MAX+1];
int ret;
if(move) {
rrdhost_check_rdlock(host);
netdata_rwlock_rdlock(&host->labels.labels_rwlock);
Reported by FlawFinder.
database/engine/rrdengineapi.h
1 issues
Line: 35
Column: 53
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
extern void rrdeng_put_page(struct rrdengine_instance *ctx, void *handle);
extern void rrdeng_generate_legacy_uuid(const char *dim_id, char *chart_id, uuid_t *ret_uuid);
extern void rrdeng_convert_legacy_uuid_to_multihost(char machine_guid[GUID_LEN + 1], uuid_t *legacy_uuid,
uuid_t *ret_uuid);
extern void rrdeng_metric_init(RRDDIM *rd);
extern void rrdeng_store_metric_init(RRDDIM *rd);
Reported by FlawFinder.
collectors/checks.plugin/plugin_checks.c
1 issues
Line: 79
Column: 9
CWE codes:
676
Suggestion:
Use nanosleep(2) or setitimer(2) instead
now_realtime_timeval(&last);
while(!netdata_exit) {
usleep(susec);
// find the time to sleep in order to wait exactly update_every seconds
now_realtime_timeval(&now);
loop_usec = dt_usec(&now, &last);
usec = loop_usec - susec;
Reported by FlawFinder.
libnetdata/socket/socket.h
1 issues
Line: 46
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
size_t opened; // the number of sockets opened
size_t failed; // the number of sockets attempted to open, but failed
int fds[MAX_LISTEN_FDS]; // the open sockets
char *fds_names[MAX_LISTEN_FDS]; // descriptions for the open sockets
int fds_types[MAX_LISTEN_FDS]; // the socktype for the open sockets (SOCK_STREAM, SOCK_DGRAM)
int fds_families[MAX_LISTEN_FDS]; // the family of the open sockets (AF_UNIX, AF_INET, AF_INET6)
WEB_CLIENT_ACL fds_acl_flags[MAX_LISTEN_FDS]; // the acl to apply to the open sockets (dashboard, badges, streaming, netdata.conf, management)
} LISTEN_SOCKETS;
Reported by FlawFinder.
database/engine/metadata_log/metadatalogprotocol.h
1 issues
Line: 17
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* Metadata log persistent super-block
*/
struct rrdeng_metalog_sb {
char magic_number[RRDENG_MAGIC_SZ];
uint16_t version;
uint8_t padding[RRDENG_METALOG_SB_PADDING_SZ];
} __attribute__ ((packed));
/*
Reported by FlawFinder.
libnetdata/storage_number/storage_number.c
1 issues
Line: 187
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int print_calculated_number(char *str, calculated_number value) {
// info("printing number " CALCULATED_NUMBER_FORMAT, value);
char integral_str[50], fractional_str[50];
char *wstr = str;
if(unlikely(value < 0)) {
*wstr++ = '-';
Reported by FlawFinder.
libnetdata/storage_number/tests/test_storage_number.c
1 issues
Line: 12
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
(void)state;
char value[50];
print_calculated_number(value, 0);
assert_string_equal(value, "0");
print_calculated_number(value, 0.0000001);
Reported by FlawFinder.
database/engine/metadata_log/compaction.c
1 issues
Line: 80
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return 1;
}
memcpy(metalogfiles, tmp_metalogfiles, recovered_files * sizeof(*metalogfiles));
*matched_files = recovered_files;
freez(tmp_metalogfiles);
info("Finished metadata log file failure recovery procedure in \"%s\".", dbfiles_path);
return 0;
Reported by FlawFinder.