merge before rewrite #29
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| serializeJson(doc, buf); | ||
| strncat(fullCmd, command, sizeof(fullCmd) - 1); | ||
| strncat(fullCmd, ":::", sizeof(fullCmd) - strlen(fullCmd) - 1); | ||
| strncat(fullCmd, buf, sizeof(fullCmd) - strlen(fullCmd) - 1); |
Check notice
Code scanning / devskim
If a string is missing a null terminator, strlen will read past the end of the buffer Note
| // target is an SSID, which should only be 32 characters at most | ||
| // Unlikely scenario but will truncate to 29 characters + "..." in case | ||
| // that gets disrespected by someone | ||
| if (strlen(target) > 32) { |
Check notice
Code scanning / devskim
If a string is missing a null terminator, strlen will read past the end of the buffer Note
| if (Config::screen == "IDEASPARK_SSD1306") { | ||
| int numCharPerLine = ssd1306_ideaspark_display->getWidth() / | ||
| ssd1306_ideaspark_display->getMaxCharWidth(); | ||
| if (strlen(data) <= numCharPerLine && |
Check notice
Code scanning / devskim
If a string is missing a null terminator, strlen will read past the end of the buffer Note
| Frame::essidLength = measureJson(doc); | ||
| Frame::headerLength = 2 + ((uint8_t)(essidLength / 255) * 2); | ||
| Frame::beaconFrame = new uint8_t[Frame::pwngridHeaderLength + Frame::essidLength + Frame::headerLength]; | ||
| memcpy(Frame::beaconFrame, Frame::header, Frame::essidLength); |
Check notice
Code scanning / devskim
There are a number of conditions in which memcpy can introduce a vulnerability (mismatched buffer sizes, null pointers, etc.). More secure alternitives perform additional validation of the source and destination buffer Note
| void Parasite::sendPwnagotchiStatus(parasite_pwnagotchi_scan_type_t status, | ||
| const char *frd) { | ||
| if (Config::parasite) { | ||
| if (frd != nullptr && strlen(frd) > 25) { |
Check notice
Code scanning / devskim
If a string is missing a null terminator, strlen will read past the end of the buffer Note
| while (Serial.available() > 0) { | ||
| String line = Serial.readStringUntil('\n'); | ||
| if (line.startsWith("chn:::")) { | ||
| int chn = atoi(line.substring(6).c_str()); |
Check warning
Code scanning / devskim
These functions are historically error-prone and have been associated with a significant number of vulnerabilities. Most of these functions have safer alternatives, such as replacing 'strcpy' with 'strlcpy' or 'strcpy_s'. Warning
Restyle merge before rewrite
| void Parasite::formatData(char *buf, const char *data, size_t bufSize) { | ||
| buf[0] = '\0'; | ||
| strncat(buf, data, bufSize - 4); | ||
| strncat(buf, "...", bufSize - strlen(buf) - 1); |
Check notice
Code scanning / devskim
If a string is missing a null terminator, strlen will read past the end of the buffer Note
No description provided.