Housekeeping #15
h0tw1r3Annotations
10 warnings and 2 notices
|
pam_shield.c:107:3 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]:
pam_shield.c#L107
Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
|
|
pam_shield.c:126:3 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]:
pam_shield.c#L126
Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
|
|
pam_shield.c:173:8 [clang-analyzer-deadcode.DeadStores]:
pam_shield.c#L173
Although the value stored to 'pwd' is used in the enclosing expression, the value is never actually read from 'pwd'
|
|
pam_shield.c:313:7 [clang-analyzer-deadcode.DeadStores]:
pam_shield.c#L313
Value stored to 'whitelisted' is never read
|
|
pam_shield.c:349:11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]:
pam_shield.c#L349
Call to function 'memmove' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memmove_s' in case of C11
|
|
pam_shield.c:369:11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]:
pam_shield.c#L369
Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
|
|
pam_shield_lib.c:72:3 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]:
pam_shield_lib.c#L72
Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
|
|
pam_shield_lib.c:183:3 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]:
pam_shield_lib.c#L183
Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
|
|
pam_shield_lib.c:184:3 [clang-analyzer-security.insecureAPI.strcpy]:
pam_shield_lib.c#L184
Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
|
|
pam_shield_lib.c:300:5 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]:
pam_shield_lib.c#L300
Call to function 'memmove' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memmove_s' in case of C11
|
|
Run clang-format on pam_shield.h:
pam_shield.h#L1
File pam_shield.h does not conform to Custom style guidelines. (lines 1, 25, 29, 30, 32, 33, 34, 35, 36, 37, 38, 40, 41, 42, 43, 44, 47, 48, 53, 54, 55, 56, 57, 58, 60, 61, 62, 63, 64, 72, 73, 78)
|
|
Run clang-format on pam_shield_lib.h:
pam_shield_lib.h#L1
File pam_shield_lib.h does not conform to Custom style guidelines. (lines 1, 24, 48, 49, 50, 52, 54, 55, 56, 57, 58, 59, 60, 61, 62, 91, 92, 99, 108, 109, 112, 115, 122, 127, 128, 129, 130, 131, 132, 133, 134, 136, 137, 142, 144, 145, 150, 151, 156, 161, 162, 167, 174)
|