The following issues were found
src/tool_vms.c
1 issues
Line: 56
Column: 11
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if(vms_shell >= 0)
return vms_shell;
shell = getenv("SHELL");
/* No shell, means DCL */
if(!shell) {
vms_shell = 1;
return 1;
Reported by FlawFinder.
src/tool_writeout_json.c
1 issues
Line: 36
Column: 29
CWE codes:
126
void jsonWriteString(FILE *stream, const char *in)
{
const char *i = in;
const char *in_end = in + strlen(in);
for(; i < in_end; i++) {
switch(*i) {
case '\\':
fputs("\\\\", stream);
Reported by FlawFinder.
docs/examples/fileupload.c
1 issues
Line: 39
Column: 8
CWE codes:
362
curl_off_t speed_upload, total_time;
FILE *fd;
fd = fopen("debugit", "rb"); /* open file to upload */
if(!fd)
return 1; /* can't continue */
/* to get the file size */
if(fstat(fileno(fd), &file_info) != 0)
Reported by FlawFinder.
tests/libtest/chkdecimalpoint.c
1 issues
Line: 32
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int main(void)
{
char zero[TOTAL_STR_LEN] = {'\0'};
int chars;
setlocale(LC_NUMERIC, "");
chars = msnprintf(zero, TOTAL_STR_LEN, "%.1f", 0.0);
if((chars == (TOTAL_STR_LEN - 1)) && (strcmp(zero, "0.0") == 0))
Reported by FlawFinder.
tests/libtest/chkhostname.c
1 issues
Line: 30
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int main(int argc, char *argv[])
{
char buff[HOSTNAME_MAX];
if(argc != 2) {
printf("Usage: %s EXPECTED_HOSTNAME\n", argv[0]);
return 1;
}
Reported by FlawFinder.
tests/libtest/lib1156.c
1 issues
Line: 89
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
CURLcode res;
unsigned int replyselector;
char urlbuf[256];
replyselector = (p->flags & F_CONTENTRANGE)? 1: 0;
if(p->flags & F_HTTP416)
replyselector += 2;
msnprintf(urlbuf, sizeof(urlbuf), "%s%04u", url, replyselector);
Reported by FlawFinder.
tests/libtest/lib1502.c
1 issues
Line: 48
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int still_running;
int res = 0;
char redirect[160];
/* DNS cache injection */
struct curl_slist *dns_cache_list;
res_global_init(CURL_GLOBAL_ALL);
Reported by FlawFinder.
tests/libtest/lib1522.c
1 issues
Line: 31
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#include "warnless.h"
#include "memdebug.h"
static char g_Data[40 * 1024]; /* POST 40KB */
static int sockopt_callback(void *clientp, curl_socket_t curlfd,
curlsocktype purpose)
{
#if defined(SOL_SOCKET) && defined(SO_SNDBUF)
Reported by FlawFinder.
tests/libtest/lib1523.c
1 issues
Line: 60
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
CURLcode ret;
CURL *hnd;
char buffer[CURL_ERROR_SIZE];
curl_global_init(CURL_GLOBAL_ALL);
hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_URL, URL);
curl_easy_setopt(hnd, CURLOPT_WRITEFUNCTION, write_cb);
curl_easy_setopt(hnd, CURLOPT_ERRORBUFFER, buffer);
Reported by FlawFinder.
docs/examples/smooth-gtk-thread.c
1 issues
Line: 87
Column: 23
CWE codes:
362
curl = curl_easy_init();
if(curl) {
FILE *outfile = fopen(urls[j], "wb");
/* Set the URL and transfer type */
curl_easy_setopt(curl, CURLOPT_URL, http);
/* Write to the file */
Reported by FlawFinder.