The following issues were found
tests/libtest/lib1915.c
3 issues
Line: 50
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
host = preload_hosts[s->index++];
if(host && (strlen(host) < e->namelen)) {
strcpy(e->name, host);
e->includeSubDomains = FALSE;
strcpy(e->expire, "20370320 01:02:03"); /* curl turns 39 that day
just before 31-bit time_t overflow */
fprintf(stderr, "add '%s'\n", host);
}
Reported by FlawFinder.
Line: 52
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if(host && (strlen(host) < e->namelen)) {
strcpy(e->name, host);
e->includeSubDomains = FALSE;
strcpy(e->expire, "20370320 01:02:03"); /* curl turns 39 that day
just before 31-bit time_t overflow */
fprintf(stderr, "add '%s'\n", host);
}
else
return CURLSTS_DONE;
Reported by FlawFinder.
Line: 49
Column: 15
CWE codes:
126
(void)easy;
host = preload_hosts[s->index++];
if(host && (strlen(host) < e->namelen)) {
strcpy(e->name, host);
e->includeSubDomains = FALSE;
strcpy(e->expire, "20370320 01:02:03"); /* curl turns 39 that day
just before 31-bit time_t overflow */
fprintf(stderr, "add '%s'\n", host);
Reported by FlawFinder.
tests/libtest/lib553.c
3 issues
Line: 36
Column: 10
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static size_t myreadfunc(char *ptr, size_t size, size_t nmemb, void *stream)
{
static size_t total = POSTLEN;
static char buf[1024];
(void)stream;
memset(buf, 'A', sizeof(buf));
size *= nmemb;
Reported by FlawFinder.
Line: 48
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if(size > sizeof(buf))
size = sizeof(buf);
memcpy(ptr, buf, size);
total -= size;
return size;
}
#define NUM_HEADERS 8
Reported by FlawFinder.
Line: 56
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define NUM_HEADERS 8
#define SIZE_HEADERS 5000
static char buf[SIZE_HEADERS + 100];
int test(char *URL)
{
CURL *curl;
CURLcode res = CURLE_FAILED_INIT;
Reported by FlawFinder.
tests/libtest/lib579.c
3 issues
Line: 55
Column: 17
CWE codes:
362
if((prev_ultotal != (int)ultotal) ||
(prev_ulnow != (int)ulnow)) {
FILE *moo = fopen(libtest_arg2, "ab");
if(moo) {
fprintf(moo, "Progress callback called with UL %d out of %d\n",
(int)ulnow, (int)ultotal);
fclose(moo);
}
Reported by FlawFinder.
Line: 79
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if(data) {
size_t len = strlen(data);
memcpy(ptr, data, len);
pooh->counter++; /* advance pointer */
return len;
}
return 0; /* no more data left to deliver */
}
Reported by FlawFinder.
Line: 78
Column: 18
CWE codes:
126
data = post[pooh->counter];
if(data) {
size_t len = strlen(data);
memcpy(ptr, data, len);
pooh->counter++; /* advance pointer */
return len;
}
return 0; /* no more data left to deliver */
Reported by FlawFinder.
tests/libtest/lib650.c
3 issues
Line: 64
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct curl_httppost *lastptr = NULL;
struct curl_forms formarray[3];
size_t formlength = 0;
char flbuf[32];
long contentlength = 0;
if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
fprintf(stderr, "curl_global_init() failed\n");
return TEST_ERR_MAJOR_BAD;
Reported by FlawFinder.
Line: 98
Column: 26
CWE codes:
126
goto test_cleanup;
}
contentlength = (long)(strlen(data) - 1);
/* Use a form array for the non-copy test. */
formarray[0].option = CURLFORM_PTRCONTENTS;
formarray[0].value = data;
formarray[1].option = CURLFORM_CONTENTSLENGTH;
Reported by FlawFinder.
Line: 110
Column: 46
CWE codes:
126
formrc = curl_formadd(&formpost,
&lastptr,
CURLFORM_PTRNAME, name,
CURLFORM_NAMELENGTH, strlen(name) - 1,
CURLFORM_ARRAY, formarray,
CURLFORM_FILENAME, "remotefile.txt",
CURLFORM_END);
if(formrc) {
Reported by FlawFinder.
tests/unit/unit1304.c
3 issues
Line: 28
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static char *login;
static char *password;
static char filename[64];
static CURLcode unit_setup(void)
{
password = strdup("");
login = strdup("");
Reported by FlawFinder.
Line: 54
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
bool password_changed;
static const char * const filename1 = "log/netrc1304";
memcpy(filename, filename1, strlen(filename1));
/*
* Test a non existent host in our netrc file.
*/
result = Curl_parsenetrc("test.example.com", &login, &password,
Reported by FlawFinder.
Line: 54
Column: 31
CWE codes:
126
bool password_changed;
static const char * const filename1 = "log/netrc1304";
memcpy(filename, filename1, strlen(filename1));
/*
* Test a non existent host in our netrc file.
*/
result = Curl_parsenetrc("test.example.com", &login, &password,
Reported by FlawFinder.
tests/unit/unit1601.c
3 issues
Line: 41
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifndef CURL_DISABLE_CRYPTO_AUTH
const char string1[] = "1";
const char string2[] = "hello-you-fool";
unsigned char output[MD5_DIGEST_LEN];
unsigned char *testp = output;
Curl_md5it(output, (const unsigned char *) string1, strlen(string1));
verify_memory(testp, "\xc4\xca\x42\x38\xa0\xb9\x23\x82\x0d\xcc\x50\x9a\x6f"
Reported by FlawFinder.
Line: 44
Column: 55
CWE codes:
126
unsigned char output[MD5_DIGEST_LEN];
unsigned char *testp = output;
Curl_md5it(output, (const unsigned char *) string1, strlen(string1));
verify_memory(testp, "\xc4\xca\x42\x38\xa0\xb9\x23\x82\x0d\xcc\x50\x9a\x6f"
"\x75\x84\x9b", MD5_DIGEST_LEN);
Curl_md5it(output, (const unsigned char *) string2, strlen(string2));
Reported by FlawFinder.
Line: 49
Column: 55
CWE codes:
126
verify_memory(testp, "\xc4\xca\x42\x38\xa0\xb9\x23\x82\x0d\xcc\x50\x9a\x6f"
"\x75\x84\x9b", MD5_DIGEST_LEN);
Curl_md5it(output, (const unsigned char *) string2, strlen(string2));
verify_memory(testp, "\x88\x67\x0b\x6d\x5d\x74\x2f\xad\xa5\xcd\xf9\xb6\x82"
"\x87\x5f\x22", MD5_DIGEST_LEN);
#endif
Reported by FlawFinder.
tests/unit/unit1607.c
3 issues
Line: 56
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
bool permanent;
/* 0 to 9 addresses expected from hostcache */
const char *address[10];
};
/* In builds without IPv6 support CURLOPT_RESOLVE should skip over those
addresses, so we have to do that as well. */
Reported by FlawFinder.
Line: 149
Column: 7
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
for(j = 0; j < addressnum; ++j) {
int port = 0;
char ipaddress[MAX_IPADR_LEN] = {0};
if(!addr && !tests[i].address[j])
break;
if(tests[i].address[j] == &skip)
Reported by FlawFinder.
Line: 141
Column: 57
CWE codes:
126
entry_id = (void *)aprintf("%s:%d", tests[i].host, tests[i].port);
if(!entry_id)
goto error;
dns = Curl_hash_pick(easy->dns.hostcache, entry_id, strlen(entry_id) + 1);
free(entry_id);
entry_id = NULL;
addr = dns ? dns->addr : NULL;
Reported by FlawFinder.
tests/unit/unit1609.c
3 issues
Line: 53
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int port;
/* 0 to 9 addresses expected from hostcache */
const char *address[10];
};
/* CURLOPT_RESOLVE address parsing test - to test the following defect fix:
Reported by FlawFinder.
Line: 151
Column: 7
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
for(j = 0; j < addressnum; ++j) {
int port = 0;
char ipaddress[MAX_IPADR_LEN] = {0};
if(!addr && !tests[i].address[j])
break;
if(addr && !Curl_addr2string(addr->ai_addr, addr->ai_addrlen,
Reported by FlawFinder.
Line: 143
Column: 57
CWE codes:
126
if(!entry_id)
goto error;
dns = Curl_hash_pick(easy->dns.hostcache, entry_id, strlen(entry_id) + 1);
free(entry_id);
entry_id = NULL;
addr = dns ? dns->addr : NULL;
Reported by FlawFinder.
tests/unit/unit1610.c
3 issues
Line: 41
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifndef CURL_DISABLE_CRYPTO_AUTH
const char string1[] = "1";
const char string2[] = "hello-you-fool";
unsigned char output[SHA256_DIGEST_LENGTH];
unsigned char *testp = output;
Curl_sha256it(output, (const unsigned char *) string1, strlen(string1));
verify_memory(testp,
Reported by FlawFinder.
Line: 44
Column: 58
CWE codes:
126
unsigned char output[SHA256_DIGEST_LENGTH];
unsigned char *testp = output;
Curl_sha256it(output, (const unsigned char *) string1, strlen(string1));
verify_memory(testp,
"\x6b\x86\xb2\x73\xff\x34\xfc\xe1\x9d\x6b\x80\x4e\xff\x5a\x3f"
"\x57\x47\xad\xa4\xea\xa2\x2f\x1d\x49\xc0\x1e\x52\xdd\xb7\x87"
"\x5b\x4b", SHA256_DIGEST_LENGTH);
Reported by FlawFinder.
Line: 51
Column: 58
CWE codes:
126
"\x57\x47\xad\xa4\xea\xa2\x2f\x1d\x49\xc0\x1e\x52\xdd\xb7\x87"
"\x5b\x4b", SHA256_DIGEST_LENGTH);
Curl_sha256it(output, (const unsigned char *) string2, strlen(string2));
verify_memory(testp,
"\xcb\xb1\x6a\x8a\xb9\xcb\xb9\x35\xa8\xcb\xa0\x2e\x28\xc0\x26"
"\x30\xd1\x19\x9c\x1f\x02\x17\xf4\x7c\x96\x20\xf3\xef\xe8\x27"
"\x15\xae", SHA256_DIGEST_LENGTH);
Reported by FlawFinder.
tests/unit/unit1611.c
3 issues
Line: 41
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifndef CURL_DISABLE_CRYPTO_AUTH
const char string1[] = "1";
const char string2[] = "hello-you-fool";
unsigned char output[MD4_DIGEST_LENGTH];
unsigned char *testp = output;
Curl_md4it(output, (const unsigned char *) string1, strlen(string1));
verify_memory(testp,
Reported by FlawFinder.
Line: 44
Column: 55
CWE codes:
126
unsigned char output[MD4_DIGEST_LENGTH];
unsigned char *testp = output;
Curl_md4it(output, (const unsigned char *) string1, strlen(string1));
verify_memory(testp,
"\x8b\xe1\xec\x69\x7b\x14\xad\x3a\x53\xb3\x71\x43\x61\x20\x64"
"\x1d", MD4_DIGEST_LENGTH);
Reported by FlawFinder.
Line: 50
Column: 55
CWE codes:
126
"\x8b\xe1\xec\x69\x7b\x14\xad\x3a\x53\xb3\x71\x43\x61\x20\x64"
"\x1d", MD4_DIGEST_LENGTH);
Curl_md4it(output, (const unsigned char *) string2, strlen(string2));
verify_memory(testp,
"\xa7\x16\x1c\xad\x7e\xbe\xdb\xbc\xf8\xc7\x23\x10\x2d\x2c\xe2"
"\x0b", MD4_DIGEST_LENGTH);
#endif
Reported by FlawFinder.