The following issues were found
tests/libtest/lib678.c
1 issues
Line: 33
Column: 21
CWE codes:
362
size_t datasize = 0;
void *data = NULL;
if(filename) {
FILE *fInCert = fopen(filename, "rb");
if(fInCert) {
long cert_tell = 0;
bool continue_reading = fseek(fInCert, 0, SEEK_END) == 0;
if(continue_reading)
Reported by FlawFinder.
tests/libtest/libauthretry.c
1 issues
Line: 34
Column: 16
CWE codes:
126
long auth_scheme, const char *userpwd)
{
CURLcode res;
size_t len = strlen(url) + 4 + 1;
char *full_url = malloc(len);
if(!full_url) {
fprintf(stderr, "Not enough memory for full url\n");
return CURLE_OUT_OF_MEMORY;
}
Reported by FlawFinder.
tests/libtest/libntlmconnect.c
1 issues
Line: 95
Column: 19
CWE codes:
126
int i;
int num_handles = 0;
enum HandleState state = ReadyForNewHandle;
size_t urllen = strlen(url) + 4 + 1;
char *full_url = malloc(urllen);
start_test_timing();
if(!full_url) {
Reported by FlawFinder.
tests/libtest/testtrace.c
1 issues
Line: 93
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct libtest_trace_cfg *trace_cfg = userp;
const char *text;
struct timeval tv;
char timebuf[20];
char *timestr;
time_t secs;
(void)handle;
Reported by FlawFinder.
docs/examples/httpput.c
1 issues
Line: 81
Column: 12
CWE codes:
362
/* get a FILE * of the same file, could also be made with
fdopen() from the previous descriptor, but hey this is just
an example! */
hd_src = fopen(file, "rb");
/* In windows, this will init the winsock stuff */
curl_global_init(CURL_GLOBAL_ALL);
/* get a curl handle */
Reported by FlawFinder.
docs/examples/http2-pushinmemory.c
1 issues
Line: 55
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
mem->memory = ptr;
memcpy(&(mem->memory[mem->size]), contents, realsize);
mem->size += realsize;
mem->memory[mem->size] = 0;
return realsize;
}
Reported by FlawFinder.
docs/examples/htmltitle.cpp
1 issues
Line: 65
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
//
// libcurl variables for error strings and returned data
static char errorBuffer[CURL_ERROR_SIZE];
static std::string buffer;
//
// libcurl write callback function
//
Reported by FlawFinder.
docs/examples/getinmemory.c
1 issues
Line: 53
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
mem->memory = ptr;
memcpy(&(mem->memory[mem->size]), contents, realsize);
mem->size += realsize;
mem->memory[mem->size] = 0;
return realsize;
}
Reported by FlawFinder.
docs/examples/ftpuploadresume.c
1 issues
Line: 76
Column: 7
CWE codes:
362
CURLcode r = CURLE_GOT_NOTHING;
int c;
f = fopen(localpath, "rb");
if(!f) {
perror(NULL);
return 0;
}
Reported by FlawFinder.
tests/server/tftp.h
1 issues
Line: 45
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct tftphdr {
short th_opcode; /* packet type */
unsigned short th_block; /* all sorts of things */
char th_data[1]; /* data or error string */
} PACKED_STRUCT;
#define th_stuff th_block
#define th_code th_block
#define th_msg th_data
Reported by FlawFinder.