Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add "Income Tax Form" to "Source Codes" #27

Open
wants to merge 15 commits into
base: master
Choose a base branch
from

Conversation

trevtemba
Copy link
Contributor

Fixes #

Proposed Changes

@guardrails
Copy link

guardrails bot commented Nov 25, 2021

⚠️ We detected 38 security issues in this pull request:

Insecure Use of Dangerous Function (37)
Docs Details
💡 Title: Potential OS command execution, Severity: High
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/OS/execlp.c#L43
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/pf and sf.c#L3
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Count of different characters in a String.c#L5
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Counting specific characters in a string.c#L7
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Employee salary (Structures).c#L16
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Palindrome without strrev.c#L6
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Palindrome without strrev.c#L10
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Pointer to a structure.c#L6
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Pointer to a structure.c#L7
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Search for char in string, find freq and pos.c#L5
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Shopping bill.c#L5
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/String formatting.c#L7
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/String to ASCII.c#L9
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Student structure.c#L12
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Count of different characters in a String.c#L8
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Counting specific characters in a string.c#L11
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Employee salary (Structures).c#L33
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Palindrome without strrev.c#L8
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Palindrome without strrev.c#L9
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Pointer to a structure.c#L16
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Pointer to a structure.c#L18
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Pointer to a structure.c#L20
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Search for char in string, find freq and pos.c#L8
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Shopping bill.c#L7
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Shopping bill.c#L9
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Shopping bill.c#L14
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/String formatting.c#L10
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/String to ASCII.c#L16
💡 Title: Buffer overflow, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Student structure.c#L27
💡 Title: Use of scanf, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/palindrome_pyramid_pattern.c#L10
💡 Title: Use of scanf, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/pascal triangle.c#L6
💡 Title: Use of scanf, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Income Tax Form.c#L32
💡 Title: Use of scanf, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Income Tax Form.c#L33
💡 Title: Use of scanf, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Income Tax Form.c#L34
💡 Title: Use of scanf, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Income Tax Form.c#L37
💡 Title: Use of scanf, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Income Tax Form.c#L47
💡 Title: Use of scanf, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/Multiple_Files_Example/mainMFWC.c#L15

More info on how to fix Insecure Use of Dangerous Function in C/C++.


Insecure Processing of Data (1)
Docs Details
💡 Title: Insecure use of format strings, Severity: Critical
https://github.com/aravindvnair99/C/blob/5c24cfeaa8e95948cc5df79ea4c4003f54a9c329/Source Codes/pf and sf.c#L2

More info on how to fix Insecure Processing of Data in C/C++.


👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

Copy link
Owner

@aravindvnair99 aravindvnair99 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tkatemb Take a look at the status checks. There are few things that need to be fixed in the code.

@trevtemba
Copy link
Contributor Author

Updated, no warnings and I added a limit to the amount of characters read by "scanf" to reduce buffer overflow.

Copy link
Owner

@aravindvnair99 aravindvnair99 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tkatemb One is pending

@aravindvnair99
Copy link
Owner

I've reviewed this code and the error seems to be incorrect? As seen below, the variable has been initialized:

@tkatemb Declaration isn't the same as initialization.

Read more here: https://stackoverflow.com/questions/23345554/the-differences-between-initialize-define-declare-a-variable

@trevtemba
Copy link
Contributor Author

Should be fixed!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants