The following issues were found
libnetdata/libnetdata.c
26 issues
Line: 1294
Column: 25
CWE codes:
362
20
Suggestion:
Reconsider approach
}
else if((statbuf.st_mode & S_IFMT) == S_IFLNK) {
char buffer[FILENAME_MAX + 1];
ssize_t l = readlink(s, buffer, FILENAME_MAX);
if(l > 0) {
buffer[l] = '\0';
freez(s);
s = strdupz(buffer);
continue;
Reported by FlawFinder.
Line: 1330
Column: 25
CWE codes:
362
20
Suggestion:
Reconsider approach
}
else if((statbuf.st_mode & S_IFMT) == S_IFLNK) {
char buffer[FILENAME_MAX + 1];
ssize_t l = readlink(s, buffer, FILENAME_MAX);
if(l > 0) {
buffer[l] = '\0';
freez(s);
s = strdupz(buffer);
continue;
Reported by FlawFinder.
Line: 143
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
*n = size;
char *t = (char *)&n[1];
strcpy(t, s);
return t;
}
void freez_int(const char *file, const char *function, const unsigned long line, void *ptr) {
if(unlikely(!ptr)) return;
Reported by FlawFinder.
Line: 1101
Column: 16
CWE codes:
134
Suggestion:
Use a constant for the format specification
}
int vsnprintfz(char *dst, size_t n, const char *fmt, va_list args) {
int size = vsnprintf(dst, n, fmt, args);
if (unlikely((size_t) size > n)) {
// truncated
size = (int)n;
}
Reported by FlawFinder.
Line: 1521
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
dst += repl_len;
}
strcpy(dst, src);
return value;
}
Reported by FlawFinder.
Line: 67
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memory_statistics.free_calls_made, memory_statistics.free_calls_made - old.free_calls_made
);
memcpy(&old, &memory_statistics, sizeof(struct memory_statistics));
}
static inline void mmap_accounting(size_t size) {
if(log_thread_memory_allocations) {
memory_statistics.memory_calls_made++;
Reported by FlawFinder.
Line: 229
Column: 10
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
}
unsigned char netdata_map_chart_names[256] = {
[0] = '\0', //
[1] = '_', //
[2] = '_', //
[3] = '_', //
[4] = '_', //
Reported by FlawFinder.
Line: 494
Column: 10
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
while ((*s = netdata_map_chart_names[(unsigned char) *s])) s++;
}
unsigned char netdata_map_chart_ids[256] = {
[0] = '\0', //
[1] = '_', //
[2] = '_', //
[3] = '_', //
[4] = '_', //
Reported by FlawFinder.
Line: 927
Column: 14
CWE codes:
362
static int memory_file_open(const char *filename, size_t size) {
// info("memory_file_open('%s', %zu", filename, size);
int fd = open(filename, O_RDWR | O_CREAT | O_NOATIME, 0664);
if (fd != -1) {
if (lseek(fd, size, SEEK_SET) == (off_t) size) {
if (write(fd, "", 1) == 1) {
if (ftruncate(fd, size))
error("Cannot truncate file '%s' to size %zu. Will use the larger file.", filename, size);
Reported by FlawFinder.
Line: 1050
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
int memory_file_save(const char *filename, void *mem, size_t size) {
char tmpfilename[FILENAME_MAX + 1];
snprintfz(tmpfilename, FILENAME_MAX, "%s.%ld.tmp", filename, (long) getpid());
int fd = open(tmpfilename, O_RDWR | O_CREAT | O_NOATIME, 0664);
if (fd < 0) {
Reported by FlawFinder.
aclk/https_client.c
25 issues
Line: 58
Column: 37
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
// but in future the way this is written
// it can be extended
if (!strcmp("content-length", key)) {
parse_ctx->content_length = atoi(val);
}
}
static int parse_http_hdr(rbuf_t buf, http_parse_ctx *parse_ctx)
{
Reported by FlawFinder.
Line: 65
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int parse_http_hdr(rbuf_t buf, http_parse_ctx *parse_ctx)
{
int idx, idx_end;
char buf_key[HTTP_HDR_BUFFER_SIZE];
char buf_val[HTTP_HDR_BUFFER_SIZE];
char *ptr = buf_key;
if (!rbuf_find_bytes(buf, HTTP_LINE_TERM, strlen(HTTP_LINE_TERM), &idx_end)) {
error("CRLF expected");
return 1;
Reported by FlawFinder.
Line: 66
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
int idx, idx_end;
char buf_key[HTTP_HDR_BUFFER_SIZE];
char buf_val[HTTP_HDR_BUFFER_SIZE];
char *ptr = buf_key;
if (!rbuf_find_bytes(buf, HTTP_LINE_TERM, strlen(HTTP_LINE_TERM), &idx_end)) {
error("CRLF expected");
return 1;
}
Reported by FlawFinder.
Line: 107
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int parse_http_response(rbuf_t buf, http_parse_ctx *parse_ctx)
{
int idx;
char rc[4];
do {
if (parse_ctx->state != HTTP_PARSE_CONTENT && !rbuf_find_bytes(buf, HTTP_LINE_TERM, strlen(HTTP_LINE_TERM), &idx))
return NEED_MORE_DATA;
switch (parse_ctx->state) {
Reported by FlawFinder.
Line: 128
Column: 40
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
return PARSE_ERROR;
}
rc[3] = 0;
parse_ctx->http_code = atoi(rc);
if (parse_ctx->http_code < 100 || parse_ctx->http_code >= 600) {
error("HTTP code not in range 100 to 599");
return PARSE_ERROR;
}
Reported by FlawFinder.
Line: 426
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int https_request(https_req_t *request, https_req_response_t *response) {
int rc = 1, ret;
char connect_port_str[PORT_STR_MAX_BYTES];
const char *connect_host = request->proxy_host ? request->proxy_host : request->host;
int connect_port = request->proxy_host ? request->proxy_port : request->port;
struct timeval timeout = { .tv_sec = request->timeout_s, .tv_usec = 0 };
Reported by FlawFinder.
Line: 582
Column: 21
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
error(URL_PARSER_LOG_PREFIX "host empty after removing port");
return 1;
}
url->port = atoi (ptr + 1);
}
return 0;
}
static inline void port_by_proto(url_t *url) {
Reported by FlawFinder.
Line: 605
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
#define STRDUPZ_2PTR(dest, start, end) \
{ \
dest = mallocz(1 + end - start); \
memcpy(dest, start, end - start); \
dest[end - start] = 0; \
}
int url_parse(const char *url, url_t *parsed) {
const char *start = url;
Reported by FlawFinder.
Line: 68
Column: 47
CWE codes:
126
char buf_key[HTTP_HDR_BUFFER_SIZE];
char buf_val[HTTP_HDR_BUFFER_SIZE];
char *ptr = buf_key;
if (!rbuf_find_bytes(buf, HTTP_LINE_TERM, strlen(HTTP_LINE_TERM), &idx_end)) {
error("CRLF expected");
return 1;
}
char *separator = rbuf_find_bytes(buf, HTTP_KEYVAL_SEPARATOR, strlen(HTTP_KEYVAL_SEPARATOR), &idx);
Reported by FlawFinder.
Line: 73
Column: 67
CWE codes:
126
return 1;
}
char *separator = rbuf_find_bytes(buf, HTTP_KEYVAL_SEPARATOR, strlen(HTTP_KEYVAL_SEPARATOR), &idx);
if (!separator) {
error("Missing Key/Value separator");
return 1;
}
if (idx >= HTTP_HDR_BUFFER_SIZE) {
Reported by FlawFinder.
aclk/legacy/agent_cloud_link.c
25 issues
Line: 71
Column: 25
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
size_t len = strlen(e->data.string);
data->payload = mallocz(len+1);
if (!url_decode_r(data->payload, e->data.string, len + 1))
strcpy(data->payload, e->data.string);
}
break;
}
break;
case JSON_NUMBER:
Reported by FlawFinder.
Line: 191
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
freez(global_base_topic);
char tmp_topic[ACLK_MAX_TOPIC + 1], *tmp;
snprintf(tmp_topic, ACLK_MAX_TOPIC, ACLK_TOPIC_STRUCTURE, agent_id);
tmp = strchr(tmp_topic, '\n');
if (unlikely(tmp))
*tmp = '\0';
global_base_topic = strdupz(tmp_topic);
Reported by FlawFinder.
Line: 641
Column: 5
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
goto CLEANUP;
}
char url[1024];
sprintf(url, "/api/v1/auth/node/%s/challenge", agent_id);
info("Retrieving challenge from cloud: %s %d %s", aclk_hostname, port, url);
if(aclk_send_https_request("GET", aclk_hostname, port, url, data_buffer, NETDATA_WEB_RESPONSE_INITIAL_SIZE, NULL))
{
error("Challenge failed: %s", data_buffer);
goto CLEANUP;
Reported by FlawFinder.
Line: 676
Column: 5
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
debug(D_ACLK, "Encoded len=%zu Decryption len=%d: '%s'", encoded_len, decrypted_length, encoded);
char response_json[4096]={};
sprintf(response_json, "{\"response\":\"%s\"}", encoded);
debug(D_ACLK, "Password phase: %s",response_json);
// TODO - host
sprintf(url, "/api/v1/auth/node/%s/password", agent_id);
if(aclk_send_https_request("POST", aclk_hostname, port, url, data_buffer, NETDATA_WEB_RESPONSE_INITIAL_SIZE, response_json))
{
Reported by FlawFinder.
Line: 679
Column: 5
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
sprintf(response_json, "{\"response\":\"%s\"}", encoded);
debug(D_ACLK, "Password phase: %s",response_json);
// TODO - host
sprintf(url, "/api/v1/auth/node/%s/password", agent_id);
if(aclk_send_https_request("POST", aclk_hostname, port, url, data_buffer, NETDATA_WEB_RESPONSE_INITIAL_SIZE, response_json))
{
error("Challenge-response failed: %s", data_buffer);
goto CLEANUP;
}
Reported by FlawFinder.
Line: 156
Column: 9
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
unsigned long int delay;
if (!mode || fail == -1) {
srandom(time(NULL));
fail = mode - 1;
return 0;
}
delay = (1 << fail);
Reported by FlawFinder.
Line: 168
Column: 19
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
} else {
fail++;
delay *= 1000;
delay += (random() % (MAX(1000, delay/2)));
}
return delay;
}
Reported by FlawFinder.
Line: 108
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (aclk_private_key != NULL)
RSA_free(aclk_private_key);
aclk_private_key = NULL;
char filename[FILENAME_MAX + 1];
snprintfz(filename, FILENAME_MAX, "%s/cloud.d/private.pem", netdata_configured_varlib_dir);
long bytes_read;
char *private_key = read_by_filename(filename, &bytes_read);
if (!private_key) {
Reported by FlawFinder.
Line: 132
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
freez(private_key);
return 0;
}
char err[512];
ERR_error_string_n(ERR_get_error(), err, sizeof(err));
error("Claimed agent cannot establish ACLK - cannot create private key: %s", err);
biofailed:
freez(private_key);
Reported by FlawFinder.
Line: 189
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (global_base_topic)
freez(global_base_topic);
char tmp_topic[ACLK_MAX_TOPIC + 1], *tmp;
snprintf(tmp_topic, ACLK_MAX_TOPIC, ACLK_TOPIC_STRUCTURE, agent_id);
tmp = strchr(tmp_topic, '\n');
if (unlikely(tmp))
*tmp = '\0';
Reported by FlawFinder.
collectors/python.d.plugin/couchdb/couchdb.chart.py
25 issues
Line: 17
Column: 1
except ImportError:
from Queue import Queue
from bases.FrameworkServices.UrlService import UrlService
update_every = 1
METHODS = namedtuple('METHODS', ['get_data', 'url', 'stats'])
Reported by Pylint.
Line: 257
Column: 9
except gaierror as error:
self.error(str(error))
return False
self.url = '{scheme}://{host}:{port}'.format(scheme=self.scheme,
host=self.host,
port=self.port)
stats = self.url + '/_node/{node}/_stats'.format(node=self.node)
active_tasks = self.url + '/_active_tasks'
system = self.url + '/_node/{node}/_system'.format(node=self.node)
Reported by Pylint.
Line: 263
Column: 9
stats = self.url + '/_node/{node}/_stats'.format(node=self.node)
active_tasks = self.url + '/_active_tasks'
system = self.url + '/_node/{node}/_system'.format(node=self.node)
self.methods = [METHODS(get_data=self._get_overview_stats,
url=stats,
stats=OVERVIEW_STATS),
METHODS(get_data=self._get_active_tasks_stats,
url=active_tasks,
stats=None),
Reported by Pylint.
Line: 276
Column: 9
url=self.url,
stats=DB_STATS)]
# must initialise manager before using _get_raw_data
self._manager = self._build_manager()
self.dbs = [db for db in self.dbs
if self._get_raw_data(self.url + '/' + db)]
for db in self.dbs:
self.definitions['db_sizes_file']['lines'].append(
['db_' + db + '_sizes_file', db, 'absolute', 1, 1000]
Reported by Pylint.
Line: 1
Column: 1
# -*- coding: utf-8 -*-
# Description: couchdb netdata python.d module
# Author: wohali <wohali@apache.org>
# Thanks to ilyam8 for good examples :)
# SPDX-License-Identifier: GPL-3.0-or-later
from collections import namedtuple, defaultdict
from json import loads
from socket import gethostbyname, gaierror
Reported by Pylint.
Line: 19
Column: 1
from bases.FrameworkServices.UrlService import UrlService
update_every = 1
METHODS = namedtuple('METHODS', ['get_data', 'url', 'stats'])
OVERVIEW_STATS = [
'couchdb.database_reads.value',
Reported by Pylint.
Line: 158
Column: 1
]
},
'active_tasks': {
'options': [None, 'Active task breakdown', 'tasks', 'ops', 'couchdb.active_tasks', 'stacked'],
'lines': [
['activetasks_indexer', 'Indexer', 'absolute'],
['activetasks_database_compaction', 'DB Compaction', 'absolute'],
['activetasks_replication', 'Replication', 'absolute'],
['activetasks_view_compaction', 'View Compaction', 'absolute']
Reported by Pylint.
Line: 167
Column: 1
]
},
'replicator_jobs': {
'options': [None, 'Replicator job breakdown', 'jobs', 'ops', 'couchdb.replicator_jobs', 'stacked'],
'lines': [
['couch_replicator_jobs_running', 'Running', 'absolute'],
['couch_replicator_jobs_pending', 'Pending', 'absolute'],
['couch_replicator_jobs_crashed', 'Crashed', 'absolute'],
['internal_replication_jobs', 'Internal replication jobs',
Reported by Pylint.
Line: 177
Column: 1
]
},
'erlang_memory': {
'options': [None, 'Erlang VM memory usage', 'B', 'erlang', 'couchdb.erlang_vm_memory', 'stacked'],
'lines': [
['memory_atom', 'atom', 'absolute'],
['memory_binary', 'binaries', 'absolute'],
['memory_code', 'code', 'absolute'],
['memory_ets', 'ets', 'absolute'],
Reported by Pylint.
Line: 209
Column: 1
},
# Lines for the following are added as part of check()
'db_sizes_file': {
'options': [None, 'Database sizes (file)', 'KiB', 'perdbstats', 'couchdb.db_sizes_file', 'line'],
'lines': []
},
'db_sizes_external': {
'options': [None, 'Database sizes (external)', 'KiB', 'perdbstats', 'couchdb.db_sizes_external', 'line'],
'lines': []
Reported by Pylint.
collectors/python.d.plugin/changefinder/changefinder.chart.py
24 issues
Line: 9
Column: 1
from json import loads
import re
from bases.FrameworkServices.UrlService import UrlService
import numpy as np
import changefinder
from scipy.stats import percentileofscore
Reported by Pylint.
Line: 12
Column: 1
from bases.FrameworkServices.UrlService import UrlService
import numpy as np
import changefinder
from scipy.stats import percentileofscore
update_every = 5
disabled_by_default = True
Reported by Pylint.
Line: 13
Column: 1
import numpy as np
import changefinder
from scipy.stats import percentileofscore
update_every = 5
disabled_by_default = True
ORDER = [
Reported by Pylint.
Line: 83
Column: 16
try:
score = self.models[model].update(x)
self.scores_latest[model] = score
except Exception as _:
score = self.scores_latest.get(model, 0)
score = 0 if np.isnan(score) else score
# update sample scores used to calculate percentiles
if model in self.scores_samples:
Reported by Pylint.
Line: 1
Column: 1
# -*- coding: utf-8 -*-
# Description: changefinder netdata python.d module
# Author: andrewm4894
# SPDX-License-Identifier: GPL-3.0-or-later
from json import loads
import re
from bases.FrameworkServices.UrlService import UrlService
Reported by Pylint.
Line: 13
Column: 1
import numpy as np
import changefinder
from scipy.stats import percentileofscore
update_every = 5
disabled_by_default = True
ORDER = [
Reported by Pylint.
Line: 15
Column: 1
import changefinder
from scipy.stats import percentileofscore
update_every = 5
disabled_by_default = True
ORDER = [
'scores',
'flags'
Reported by Pylint.
Line: 16
Column: 1
from scipy.stats import percentileofscore
update_every = 5
disabled_by_default = True
ORDER = [
'scores',
'flags'
]
Reported by Pylint.
Line: 47
Column: 1
DEFAULT_SHOW_SCORES = False
class Service(UrlService):
def __init__(self, configuration=None, name=None):
UrlService.__init__(self, configuration=configuration, name=name)
self.order = ORDER
self.definitions = CHARTS
self.protocol = self.configuration.get('protocol', DEFAULT_PROTOCOL)
Reported by Pylint.
Line: 47
Column: 1
DEFAULT_SHOW_SCORES = False
class Service(UrlService):
def __init__(self, configuration=None, name=None):
UrlService.__init__(self, configuration=configuration, name=name)
self.order = ORDER
self.definitions = CHARTS
self.protocol = self.configuration.get('protocol', DEFAULT_PROTOCOL)
Reported by Pylint.
collectors/python.d.plugin/python_modules/pyyaml3/reader.py
24 issues
Line: 21
Column: 1
__all__ = ['Reader', 'ReaderError']
from .error import YAMLError, Mark
import codecs, re
class ReaderError(YAMLError):
Reported by Pylint.
Line: 165
Column: 21
position = self.stream_pointer-len(self.raw_buffer)+exc.start
else:
position = exc.start
raise ReaderError(self.name, position, character,
exc.encoding, exc.reason)
else:
data = self.raw_buffer
converted = len(data)
self.check_printable(data)
Reported by Pylint.
Line: 1
Column: 1
# SPDX-License-Identifier: MIT
# This module contains abstractions for the input stream. You don't have to
# looks further, there are no pretty code.
#
# We define two classes here.
#
# Mark(source, line, column)
# It's just a record and its only use is producing nice error messages.
# Parser does not use it for any other purposes.
Reported by Pylint.
Line: 23
Column: 1
from .error import YAMLError, Mark
import codecs, re
class ReaderError(YAMLError):
def __init__(self, name, position, character, encoding, reason):
self.name = name
Reported by Pylint.
Line: 23
Column: 1
from .error import YAMLError, Mark
import codecs, re
class ReaderError(YAMLError):
def __init__(self, name, position, character, encoding, reason):
self.name = name
Reported by Pylint.
Line: 23
Column: 1
from .error import YAMLError, Mark
import codecs, re
class ReaderError(YAMLError):
def __init__(self, name, position, character, encoding, reason):
self.name = name
Reported by Pylint.
Line: 25
Column: 1
import codecs, re
class ReaderError(YAMLError):
def __init__(self, name, position, character, encoding, reason):
self.name = name
self.character = character
self.position = position
Reported by Pylint.
Line: 25
Column: 1
import codecs, re
class ReaderError(YAMLError):
def __init__(self, name, position, character, encoding, reason):
self.name = name
self.character = character
self.position = position
Reported by Pylint.
Line: 27
Column: 5
class ReaderError(YAMLError):
def __init__(self, name, position, character, encoding, reason):
self.name = name
self.character = character
self.position = position
self.encoding = encoding
self.reason = reason
Reported by Pylint.
Line: 35
Column: 9
self.reason = reason
def __str__(self):
if isinstance(self.character, bytes):
return "'%s' codec can't decode byte #x%02x: %s\n" \
" in \"%s\", position %d" \
% (self.encoding, ord(self.character), self.reason,
self.name, self.position)
else:
Reported by Pylint.
collectors/python.d.plugin/dns_query_time/dns_query_time.chart.py
24 issues
Line: 24
Column: 1
except ImportError:
from Queue import Queue
from bases.FrameworkServices.SimpleService import SimpleService
update_every = 5
class Service(SimpleService):
Reported by Pylint.
Line: 1
Column: 1
# -*- coding: utf-8 -*-
# Description: dns_query_time netdata python.d module
# Author: ilyam8
# SPDX-License-Identifier: GPL-3.0-or-later
from random import choice
from socket import getaddrinfo, gaierror
from threading import Thread
Reported by Pylint.
Line: 26
Column: 1
from bases.FrameworkServices.SimpleService import SimpleService
update_every = 5
class Service(SimpleService):
def __init__(self, configuration=None, name=None):
SimpleService.__init__(self, configuration=configuration, name=name)
Reported by Pylint.
Line: 29
Column: 1
update_every = 5
class Service(SimpleService):
def __init__(self, configuration=None, name=None):
SimpleService.__init__(self, configuration=configuration, name=name)
self.order = list()
self.definitions = dict()
self.timeout = self.configuration.get('response_timeout', 4)
Reported by Pylint.
Line: 29
Column: 1
update_every = 5
class Service(SimpleService):
def __init__(self, configuration=None, name=None):
SimpleService.__init__(self, configuration=configuration, name=name)
self.order = list()
self.definitions = dict()
self.timeout = self.configuration.get('response_timeout', 4)
Reported by Pylint.
Line: 39
Column: 5
self.domains = self.configuration.get('domains')
self.server_list = self.configuration.get('dns_servers')
def check(self):
if not DNS_PYTHON:
self.error("'python-dnspython' package is needed to use dns_query_time.chart.py")
return False
self.timeout = self.timeout if isinstance(self.timeout, int) else 4
Reported by Pylint.
Line: 46
Column: 9
self.timeout = self.timeout if isinstance(self.timeout, int) else 4
if not all([self.domains, self.server_list,
isinstance(self.server_list, str), isinstance(self.domains, str)]):
self.error("server_list and domain_list can't be empty")
return False
else:
self.domains, self.server_list = self.domains.split(), self.server_list.split()
Reported by Pylint.
Line: 53
Column: 13
else:
self.domains, self.server_list = self.domains.split(), self.server_list.split()
for ns in self.server_list:
if not check_ns(ns):
self.info('Bad NS: %s' % ns)
self.server_list.remove(ns)
if not self.server_list:
return False
Reported by Pylint.
Line: 70
Column: 1
if not self.server_list:
return False
self.order, self.definitions = create_charts(aggregate=self.aggregate, server_list=self.server_list)
return True
def _get_data(self, timeout=None):
return dns_request(self.server_list, timeout or self.timeout, self.domains)
Reported by Pylint.
Line: 77
Column: 1
return dns_request(self.server_list, timeout or self.timeout, self.domains)
def dns_request(server_list, timeout, domains):
threads = list()
que = Queue()
result = dict()
def dns_req(ns, t, q):
Reported by Pylint.
web/api/tests/web_api.c
22 issues
Line: 141
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
size_t cur = strlen(log_buffer);
snprintf(log_buffer + cur, sizeof(log_buffer) - cur, " DEBUG: ");
cur = strlen(log_buffer);
vsnprintf(log_buffer + cur, sizeof(log_buffer) - cur, fmt, args);
cur = strlen(log_buffer);
snprintf(log_buffer + cur, sizeof(log_buffer) - cur, "\n");
va_end(args);
}
Reported by FlawFinder.
Line: 157
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
size_t cur = strlen(log_buffer);
snprintf(log_buffer + cur, sizeof(log_buffer) - cur, " INFO: ");
cur = strlen(log_buffer);
vsnprintf(log_buffer + cur, sizeof(log_buffer) - cur, fmt, args);
cur = strlen(log_buffer);
snprintf(log_buffer + cur, sizeof(log_buffer) - cur, "\n");
va_end(args);
}
Reported by FlawFinder.
Line: 175
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
size_t cur = strlen(log_buffer);
snprintf(log_buffer + cur, sizeof(log_buffer) - cur, " ERROR: ");
cur = strlen(log_buffer);
vsnprintf(log_buffer + cur, sizeof(log_buffer) - cur, fmt, args);
cur = strlen(log_buffer);
snprintf(log_buffer + cur, sizeof(log_buffer) - cur, "\n");
va_end(args);
}
Reported by FlawFinder.
Line: 189
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
va_list args;
va_start(args, fmt);
printf("FATAL: ");
vprintf(fmt, args);
printf("\n");
va_end(args);
fail();
}
Reported by FlawFinder.
Line: 87
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int __wrap_web_client_api_request_v1(RRDHOST *host, struct web_client *w, char *url)
{
char url_repr[160];
repr(url_repr, sizeof(url_repr), url, strlen(url));
info("web_client_api_request_v1(url=\"%s\")\n", url_repr);
check_expected_ptr(host);
check_expected_ptr(w);
check_expected_ptr(url_repr);
Reported by FlawFinder.
Line: 130
Column: 1
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// -------------------------------- Mocking the log - capture per-test ------------------------------------------------
char log_buffer[10240] = { 0 };
void __wrap_debug_int(const char *file, const char *function, const unsigned long line, const char *fmt, ...)
{
(void)file;
(void)function;
(void)line;
Reported by FlawFinder.
Line: 278
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct test_def {
size_t num_headers; // Index coordinate
size_t prefix_len; // Index coordinate
char name[80];
size_t full_len;
struct web_client *instance; // Used within this single test
bool completed, use_cr;
struct test_def *next, *prev;
};
Reported by FlawFinder.
Line: 304
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
build_request(def->instance->response.data, "/api/v1/info", def->use_cr, def->num_headers);
def->instance->response.data->len = def->prefix_len;
char buffer_repr[1024];
repr(buffer_repr, sizeof(buffer_repr), def->instance->response.data->buffer,def->prefix_len);
info("Buffer contains: %s [first %zu]", buffer_repr,def->prefix_len);
if (def->prefix_len == def->full_len) {
expect_value(__wrap_web_client_api_request_v1, host, localhost);
expect_value(__wrap_web_client_api_request_v1, w, def->instance);
Reported by FlawFinder.
Line: 351
Column: 13
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
current->next = NULL;
current->use_cr = true;
current->completed = false;
sprintf(
current->name, "/api/v1/info@%zu,%zu/%zu+%d", current->num_headers, current->prefix_len,
current->full_len,true);
num_tests++;
}
}
Reported by FlawFinder.
Line: 377
Column: 13
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
current->next = NULL;
current->use_cr = false;
current->completed = false;
sprintf(
current->name, "/api/v1/info@%zu,%zu/%zu+%d", current->num_headers, current->prefix_len,
current->full_len,false);
num_tests++;
}
}
Reported by FlawFinder.
collectors/python.d.plugin/ntpd/ntpd.chart.py
21 issues
Line: 10
Column: 1
import re
import struct
from bases.FrameworkServices.SocketService import SocketService
# NTP Control Message Protocol constants
MODE = 6
HEADER_FORMAT = '!BBHHHHH'
HEADER_LEN = 12
Reported by Pylint.
Line: 255
Column: 13
peer_filter = self.configuration.get('peer_filter', r'127\..*')
try:
self.peer_filter = re.compile(r'^((0\.0\.0\.0)|({0}))$'.format(peer_filter))
except re.error as error:
self.error('Compile pattern error (peer_filter) : {0}'.format(error))
return None
self.request = self.system.request
Reported by Pylint.
Line: 1
Column: 1
# -*- coding: utf-8 -*-
# Description: ntpd netdata python.d module
# Author: Sven Mäder (rda0)
# Author: Ilya Mashchenko (ilyam8)
# SPDX-License-Identifier: GPL-3.0-or-later
import re
import struct
Reported by Pylint.
Line: 67
Column: 1
]
},
'sys_frequency': {
'options': [None, 'Frequency offset relative to hardware clock', 'ppm', 'system', 'ntpd.sys_frequency', 'area'],
'lines': [
['frequency', 'frequency', 'absolute', 1, PRECISION]
]
},
'sys_wander': {
Reported by Pylint.
Line: 79
Column: 1
]
},
'sys_rootdelay': {
'options': [None, 'Total roundtrip delay to the primary reference clock', 'milliseconds', 'system',
'ntpd.sys_rootdelay', 'area'],
'lines': [
['rootdelay', 'delay', 'absolute', 1, PRECISION]
]
},
Reported by Pylint.
Line: 86
Column: 1
]
},
'sys_rootdisp': {
'options': [None, 'Total root dispersion to the primary reference clock', 'milliseconds', 'system',
'ntpd.sys_rootdisp', 'area'],
'lines': [
['rootdisp', 'dispersion', 'absolute', 1, PRECISION]
]
},
Reported by Pylint.
Line: 99
Column: 1
]
},
'sys_tc': {
'options': [None, 'Time constant and poll exponent (3-17)', 'log2 s', 'system', 'ntpd.sys_tc', 'line'],
'lines': [
['tc', 'current', 'absolute', 1, PRECISION],
['mintc', 'minimum', 'absolute', 1, PRECISION]
]
},
Reported by Pylint.
Line: 123
Column: 1
'lines': []
},
'peer_dispersion': {
'options': [None, 'Filter dispersion', 'milliseconds', 'peers', 'ntpd.peer_dispersion', 'line'],
'lines': []
},
'peer_jitter': {
'options': [None, 'Filter jitter', 'milliseconds', 'peers', 'ntpd.peer_jitter', 'line'],
'lines': []
Reported by Pylint.
Line: 135
Column: 1
'lines': []
},
'peer_rootdelay': {
'options': [None, 'Total roundtrip delay to the primary reference clock', 'milliseconds', 'peers',
'ntpd.peer_rootdelay', 'line'],
'lines': []
},
'peer_rootdisp': {
'options': [None, 'Total root dispersion to the primary reference clock', 'ms', 'peers',
Reported by Pylint.
Line: 171
Column: 1
}
class Base:
regex = re.compile(r'([a-z_]+)=((?:-)?[0-9]+(?:\.[0-9]+)?)')
@staticmethod
def get_header(associd=0, operation='readvar'):
"""
Reported by Pylint.
collectors/python.d.plugin/powerdns/powerdns.chart.py
21 issues
Line: 9
Column: 1
from json import loads
from bases.FrameworkServices.UrlService import UrlService
ORDER = [
'questions',
'cache_usage',
'cache_size',
Reported by Pylint.
Line: 130
Column: 9
self.url = configuration.get('url', 'http://127.0.0.1:8081/api/v1/servers/localhost/statistics')
def check(self):
self._manager = self._build_manager()
if not self._manager:
return None
d = self._get_data()
if not d:
Reported by Pylint.
Line: 141
Column: 13
if is_recursor(d):
self.order = RECURSOR_ORDER
self.definitions = RECURSOR_CHARTS
self.module_name = 'powerdns_recursor'
return True
def _get_data(self):
data = self._get_raw_data()
Reported by Pylint.
Line: 1
Column: 1
# -*- coding: utf-8 -*-
# Description: powerdns netdata python.d module
# Author: Ilya Mashchenko (ilyam8)
# Author: Luke Whitworth
# SPDX-License-Identifier: GPL-3.0-or-later
from json import loads
from bases.FrameworkServices.UrlService import UrlService
Reported by Pylint.
Line: 20
Column: 1
CHARTS = {
'questions': {
'options': [None, 'PowerDNS Queries and Answers', 'count', 'questions', 'powerdns.questions', 'line'],
'lines': [
['udp-queries', None, 'incremental'],
['udp-answers', None, 'incremental'],
['tcp-queries', None, 'incremental'],
['tcp-answers', None, 'incremental']
Reported by Pylint.
Line: 47
Column: 1
]
},
'latency': {
'options': [None, 'PowerDNS Latency', 'microseconds', 'latency', 'powerdns.latency', 'line'],
'lines': [
['latency', None, 'absolute']
]
}
}
Reported by Pylint.
Line: 54
Column: 1
}
}
RECURSOR_ORDER = ['questions-in', 'questions-out', 'answer-times', 'timeouts', 'drops', 'cache_usage', 'cache_size']
RECURSOR_CHARTS = {
'questions-in': {
'options': [None, 'PowerDNS Recursor Questions In', 'count', 'questions', 'powerdns_recursor.questions-in',
'line'],
Reported by Pylint.
Line: 58
Column: 1
RECURSOR_CHARTS = {
'questions-in': {
'options': [None, 'PowerDNS Recursor Questions In', 'count', 'questions', 'powerdns_recursor.questions-in',
'line'],
'lines': [
['questions', None, 'incremental'],
['ipv6-questions', None, 'incremental'],
['tcp-questions', None, 'incremental']
Reported by Pylint.
Line: 67
Column: 1
]
},
'questions-out': {
'options': [None, 'PowerDNS Recursor Questions Out', 'count', 'questions', 'powerdns_recursor.questions-out',
'line'],
'lines': [
['all-outqueries', None, 'incremental'],
['ipv6-outqueries', None, 'incremental'],
['tcp-outqueries', None, 'incremental'],
Reported by Pylint.
Line: 77
Column: 1
]
},
'answer-times': {
'options': [None, 'PowerDNS Recursor Answer Times', 'count', 'performance', 'powerdns_recursor.answer-times',
'line'],
'lines': [
['answers-slow', None, 'incremental'],
['answers0-1', None, 'incremental'],
['answers1-10', None, 'incremental'],
Reported by Pylint.