Codekhana

src/os/unix/ngx_posix_init.c

1 issues

srandom - This function is not sufficiently random for security-related functions such as key and nonce creation

Security

Line: 92 Column: 5 CWE codes: 327
Suggestion: Use a more secure technique for acquiring random values

              #endif

    tp = ngx_timeofday();
    srandom(((unsigned) ngx_pid << 16) ^ tp->sec ^ tp->msec);

    return NGX_OK;
}

Reported by FlawFinder.

src/os/unix/ngx_process.h

1 issues

usleep - This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified

Security

Line: 74 Column: 28 CWE codes: 676
Suggestion: Use nanosleep(2) or setitimer(2) instead

              #if (NGX_HAVE_SCHED_YIELD)
#define ngx_sched_yield()  sched_yield()
#else
#define ngx_sched_yield()  usleep(1)
#endif


extern int            ngx_argc;
extern char         **ngx_argv;

Reported by FlawFinder.

src/stream/ngx_stream_geo_module.c

1 issues

Dangerous assignment - the function parameter is assigned the address of a local auto-variable. Local auto-variables are reserved from the stack which is freed when the function ends. So the pointer to a local variable is invalid after the function ends.

Error

Line: 439 CWE codes: 562

              
    save = *cf;
    cf->pool = pool;
    cf->ctx = &ctx;
    cf->handler = ngx_stream_geo;
    cf->handler_conf = conf;

    rv = ngx_conf_parse(cf, NULL);

Reported by Cppcheck.

src/os/unix/ngx_readv_chain.c

1 issues

read - Check buffer boundaries if used in a loop including recursive loops

Security

Line: 23 Column: 14 CWE codes: 120 20

                  ngx_event_t   *rev;
    struct iovec  *iov, iovs[NGX_IOVS_PREALLOCATE];

    rev = c->read;

#if (NGX_HAVE_KQUEUE)

    if (ngx_event_flags & NGX_USE_KQUEUE_EVENT) {
        ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,

Reported by FlawFinder.

src/os/unix/ngx_recv.c

1 issues

read - Check buffer boundaries if used in a loop including recursive loops

Security

Line: 20 Column: 14 CWE codes: 120 20

                  ngx_err_t     err;
    ngx_event_t  *rev;

    rev = c->read;

#if (NGX_HAVE_KQUEUE)

    if (ngx_event_flags & NGX_USE_KQUEUE_EVENT) {
        ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,

Reported by FlawFinder.

src/os/unix/ngx_shmem.c

1 issues

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?

Security

Line: 47 Column: 10 CWE codes: 362

              {
    ngx_fd_t  fd;

    fd = open("/dev/zero", O_RDWR);

    if (fd == -1) {
        ngx_log_error(NGX_LOG_ALERT, shm->log, ngx_errno,
                      "open(\"/dev/zero\") failed");
        return NGX_ERROR;

Reported by FlawFinder.

src/http/modules/ngx_http_fastcgi_module.c

1 issues

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues

Security

Line: 1755 Column: 47 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                                  pattern = flcf->catch_stderr->elts;

                    for (i = 0; i < flcf->catch_stderr->nelts; i++) {
                        if (ngx_strnstr(msg, (char *) pattern[i].data,
                                        p - msg)
                            != NULL)
                        {
                            return NGX_HTTP_UPSTREAM_INVALID_HEADER;
                        }

Reported by FlawFinder.

src/core/ngx_string.c

1 issues

memcpy - Does not check for buffer overflows when copying to destination

Security

Line: 2096 Column: 12 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

                      ngx_debug_point();
    }

    return memcpy(dst, src, n);
}

#endif

Reported by FlawFinder.

src/os/unix/ngx_time.h

1 issues

usleep - This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified

Security

Line: 62 Column: 38 CWE codes: 676
Suggestion: Use nanosleep(2) or setitimer(2) instead

              void ngx_libc_gmtime(time_t s, struct tm *tm);

#define ngx_gettimeofday(tp)  (void) gettimeofday(tp, NULL);
#define ngx_msleep(ms)        (void) usleep(ms * 1000)
#define ngx_sleep(s)          (void) sleep(s)


#endif /* _NGX_TIME_H_INCLUDED_ */

Reported by FlawFinder.

src/os/unix/ngx_udp_recv.c

1 issues

read - Check buffer boundaries if used in a loop including recursive loops

Security

Line: 20 Column: 14 CWE codes: 120 20

                  ngx_err_t     err;
    ngx_event_t  *rev;

    rev = c->read;

    do {
        n = recv(c->fd, buf, size, 0);

        ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,

Reported by FlawFinder.

Modal title

The following issues were found

src/os/unix/ngx_posix_init.c

1 issues

src/os/unix/ngx_process.h

1 issues

src/stream/ngx_stream_geo_module.c

1 issues

src/os/unix/ngx_readv_chain.c

1 issues

src/os/unix/ngx_recv.c

1 issues

src/os/unix/ngx_shmem.c

1 issues

src/http/modules/ngx_http_fastcgi_module.c

1 issues

src/core/ngx_string.c

1 issues

src/os/unix/ngx_time.h

1 issues

src/os/unix/ngx_udp_recv.c

1 issues