Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-client-list.c
Examining data/corosync-qdevice-3.0.1/qdevices/timer-list.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-io.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-client-dpd-timer.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-disconnect-reason.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-exec-result.h
Examining data/corosync-qdevice-3.0.1/qdevices/dynar-str.c
Examining data/corosync-qdevice-3.0.1/qdevices/nss-sock.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-msg-received.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-ipc-cmd.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-cluster.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-log.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-log.h
Examining data/corosync-qdevice-3.0.1/qdevices/send-buffer-list.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-socket.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-client-send.h
Examining data/corosync-qdevice-3.0.1/qdevices/dynar-str.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-algo-utils.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-cluster-list.c
Examining data/corosync-qdevice-3.0.1/qdevices/utils.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-advanced-settings.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-cmd-str.h
Examining data/corosync-qdevice-3.0.1/qdevices/tlv.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-votequorum.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-algo-ffsplit.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-algo-test.c
Examining data/corosync-qdevice-3.0.1/qdevices/pr-poll-loop.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-worker-instance.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-client-net.h
Examining data/corosync-qdevice-3.0.1/qdevices/test-utils.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-ipc-cmd.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-client-net.c
Examining data/corosync-qdevice-3.0.1/qdevices/log-common.h
Examining data/corosync-qdevice-3.0.1/qdevices/unix-socket.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-algo-2nodelms.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-instance.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-algorithm.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-algo-ffsplit.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-algo-lms.c
Examining data/corosync-qdevice-3.0.1/qdevices/nss-sock.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-algo-2nodelms.c
Examining data/corosync-qdevice-3.0.1/qdevices/tlv.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-cast-vote-timer.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-algo-lms.c
Examining data/corosync-qdevice-3.0.1/qdevices/process-list.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-advanced-settings.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-pr-poll-loop-cb.c
Examining data/corosync-qdevice-3.0.1/qdevices/unix-socket-client.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-msg-received.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-algo-2nodelms.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-algo-test.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-cluster-list.h
Examining data/corosync-qdevice-3.0.1/qdevices/msg.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-client.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-advanced-settings.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-worker-cmd.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-model-net.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-instance.h
Examining data/corosync-qdevice-3.0.1/qdevices/dynar.c
Examining data/corosync-qdevice-3.0.1/qdevices/dynar-simple-lex.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-worker-log.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-heuristics.h
Examining data/corosync-qdevice-3.0.1/qdevices/msgio.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-advanced-settings.c
Examining data/corosync-qdevice-3.0.1/qdevices/dynar-simple-lex.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-algo-test.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-algo-test.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-votequorum.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-cmap.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnet-config.h
Examining data/corosync-qdevice-3.0.1/qdevices/pr-poll-array.c
Examining data/corosync-qdevice-3.0.1/qdevices/unix-socket-ipc.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-client.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-algo-ffsplit.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-exec-result.c
Examining data/corosync-qdevice-3.0.1/qdevices/test-log.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-cmd.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-ipc.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-ipc-cmd.h
Examining data/corosync-qdevice-3.0.1/qdevices/test-process-list.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-instance.c
Examining data/corosync-qdevice-3.0.1/qdevices/test-qnetd-cluster-list.c
Examining data/corosync-qdevice-3.0.1/qdevices/node-list.h
Examining data/corosync-qdevice-3.0.1/qdevices/unix-socket-client.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-socket.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-instance.h
Examining data/corosync-qdevice-3.0.1/qdevices/utils.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-result-notifier.c
Examining data/corosync-qdevice-3.0.1/qdevices/pr-poll-loop.c
Examining data/corosync-qdevice-3.0.1/qdevices/unix-socket.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-client-list.h
Examining data/corosync-qdevice-3.0.1/qdevices/pr-poll-array.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-client-msg-received.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-log-debug.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-exec-list.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-cluster.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-algo-ffsplit.h
Examining data/corosync-qdevice-3.0.1/qdevices/unix-socket-ipc.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-worker-cmd.h
Examining data/corosync-qdevice-3.0.1/qdevices/dynar-getopt-lex.h
Examining data/corosync-qdevice-3.0.1/qdevices/corosync-qnetd-tool.c
Examining data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c
Examining data/corosync-qdevice-3.0.1/qdevices/msg.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-ipc.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-log-debug.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-votequorum.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-algorithm.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-cmap.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-client-algo-timer.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-heuristics.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-client-send.c
Examining data/corosync-qdevice-3.0.1/qdevices/log.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-pr-poll-loop.h
Examining data/corosync-qdevice-3.0.1/qdevices/test-dynar.c
Examining data/corosync-qdevice-3.0.1/qdevices/msgio.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-worker.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-algorithm.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-ipc.h
Examining data/corosync-qdevice-3.0.1/qdevices/log.h
Examining data/corosync-qdevice-3.0.1/qdevices/corosync-qnetd.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-mode.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-send.h
Examining data/corosync-qdevice-3.0.1/qdevices/dynar.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-model-net.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-instance.h
Examining data/corosync-qdevice-3.0.1/qdevices/send-buffer-list.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-result-notifier.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-ipc.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-pr-poll-loop.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-client-algo-timer.c
Examining data/corosync-qdevice-3.0.1/qdevices/test-dynar-getopt-lex.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-model.h
Examining data/corosync-qdevice-3.0.1/qdevices/process-list.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-ipc-cmd.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-model-type.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-nss.h
Examining data/corosync-qdevice-3.0.1/qdevices/test-dynar-simple-lex.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-ipc-cmd.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-mode.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-instance.c
Examining data/corosync-qdevice-3.0.1/qdevices/unix-socket-client-list.h
Examining data/corosync-qdevice-3.0.1/qdevices/corosync-qdevice.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-algorithm.c
Examining data/corosync-qdevice-3.0.1/qdevices/test-timer-list.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-cmd.h
Examining data/corosync-qdevice-3.0.1/qdevices/log-common.c
Examining data/corosync-qdevice-3.0.1/qdevices/timer-list.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-algo-lms.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-votequorum.c
Examining data/corosync-qdevice-3.0.1/qdevices/corosync-qdevice-tool.c
Examining data/corosync-qdevice-3.0.1/qdevices/dynar-getopt-lex.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-instance.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-model.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-exec-list.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-io.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-config.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-cast-vote-timer.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-worker.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-pr-poll-loop-cb.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-instance.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-log.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-algo-lms.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-algo-2nodelms.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-echo-request-timer.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-client-dpd-timer.h
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-algo-utils.c
Examining data/corosync-qdevice-3.0.1/qdevices/unix-socket-client-list.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-nss.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-echo-request-timer.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-net-send.c
Examining data/corosync-qdevice-3.0.1/qdevices/qnetd-client-msg-received.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-ipc-cmd.h
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-log.c
Examining data/corosync-qdevice-3.0.1/qdevices/node-list.c
Examining data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-worker-log.c
FINAL RESULTS:
data/corosync-qdevice-3.0.1/qdevices/dynar-str.c:82:13: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
to_write = vsnprintf(&buf, sizeof(buf), format, ap_copy);
data/corosync-qdevice-3.0.1/qdevices/dynar-str.c:105:12: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
written = vsnprintf(p, allocated, format, ap_copy);
data/corosync-qdevice-3.0.1/qdevices/log.c:117:4: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap_copy);
data/corosync-qdevice-3.0.1/qdevices/process-list.c:290:4: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(entry->exec_argv[0], entry->exec_argv);
data/corosync-qdevice-3.0.1/qdevices/process-list.c:292:4: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(entry->exec_argv[0], entry->exec_argv);
data/corosync-qdevice-3.0.1/qdevices/qdevice-cmap.c:133:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
res = sscanf(key_name, "nodelist.node.%u.%s", &node_pos, tmp_key);
data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-cmd.c:57:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(str, QDEVICE_HEURISTICS_CMD_STR_EXEC_RESULT_ADD_SPACE "%"PRIu32" %u", &seq_number,
data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-worker-cmd.c:143:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(str, QDEVICE_HEURISTICS_CMD_STR_EXEC_ADD_SPACE "%"PRIu32" %"PRIu32, &timeout,
data/corosync-qdevice-3.0.1/qdevices/qdevice-instance.c:198:10: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
res = sscanf(key_name, "quorum.device.heuristics.exec_%[^.]%s", exec_name, tmp_key);
data/corosync-qdevice-3.0.1/qdevices/qnetd-client-net.c:299:6: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
if (snprintf(client_addr_str + strlen(client_addr_str),
data/corosync-qdevice-3.0.1/qdevices/test-log.c:72:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
res = vsnprintf(vsyslog_buf, MAX_LINE_LEN, format, ap_copy);
data/corosync-qdevice-3.0.1/qdevices/corosync-qdevice-tool.c:88:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "Hhsvp:")) != -1) {
data/corosync-qdevice-3.0.1/qdevices/corosync-qdevice.c:205:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "dfhS:")) != -1) {
data/corosync-qdevice-3.0.1/qdevices/corosync-qnetd-tool.c:90:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "Hhlsvc:p:")) != -1) {
data/corosync-qdevice-3.0.1/qdevices/corosync-qnetd.c:269:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "46dfhvc:l:m:p:S:s:")) != -1) {
data/corosync-qdevice-3.0.1/qdevices/qdevice-model-net.c:370:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
delay_before_reconnect = random() %
data/corosync-qdevice-3.0.1/qdevices/msg.c:122:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dynar_data(msg) + MSG_TYPE_LENGTH, &nlen, sizeof(nlen));
data/corosync-qdevice-3.0.1/qdevices/msg.c:134:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dynar_data(msg), &ntype, sizeof(ntype));
data/corosync-qdevice-3.0.1/qdevices/msg.c:1009:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&decoded_msg->ring_id, &ring_id, sizeof(ring_id));
data/corosync-qdevice-3.0.1/qdevices/msg.c:1070:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&decoded_msg->tie_breaker, &tie_breaker, sizeof(tie_breaker));
data/corosync-qdevice-3.0.1/qdevices/msgio.c:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_read_buffer[MSGIO_LOCAL_BUF_SIZE];
data/corosync-qdevice-3.0.1/qdevices/process-list.c:261:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
devnull = open("/dev/null", O_RDWR);
data/corosync-qdevice-3.0.1/qdevices/qdevice-cmap.c:78:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&i, &(((struct sockaddr_in *)((void *)ainfo->ai_addr))->sin_addr), sizeof(struct in_addr));
data/corosync-qdevice-3.0.1/qdevices/qdevice-cmap.c:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_name[CMAP_KEYNAME_MAXLEN + 1];
data/corosync-qdevice-3.0.1/qdevices/qdevice-cmap.c:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ring0_addr_key[CMAP_KEYNAME_MAXLEN + 1];
data/corosync-qdevice-3.0.1/qdevices/qdevice-cmap.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_key[CMAP_KEYNAME_MAXLEN + 1];
data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-io.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[QDEVICE_HEURISTICS_IO_BUFFER_SIZE];
data/corosync-qdevice-3.0.1/qdevices/qdevice-instance.c:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_name[CMAP_KEYNAME_MAXLEN + 1];
data/corosync-qdevice-3.0.1/qdevices/qdevice-instance.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exec_name[CMAP_KEYNAME_MAXLEN + 1];
data/corosync-qdevice-3.0.1/qdevices/qdevice-instance.c:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_key[CMAP_KEYNAME_MAXLEN + 1];
data/corosync-qdevice-3.0.1/qdevices/qdevice-net-instance.c:78:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&instance->tie_breaker, tie_breaker, sizeof(*tie_breaker));
data/corosync-qdevice-3.0.1/qdevices/qdevice-votequorum.c:82:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance->vq_quorum_node_list, node_list, sizeof(*node_list) * node_list_entries);
data/corosync-qdevice-3.0.1/qdevices/qdevice-votequorum.c:129:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&instance->vq_poll_ring_id, &votequorum_ring_id, sizeof(votequorum_ring_id));
data/corosync-qdevice-3.0.1/qdevices/qdevice-votequorum.c:160:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&instance->vq_node_list_ring_id, &votequorum_ring_id, sizeof(votequorum_ring_id));
data/corosync-qdevice-3.0.1/qdevices/qdevice-votequorum.c:168:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance->vq_node_list, node_list, sizeof(*node_list) * node_list_entries);
data/corosync-qdevice-3.0.1/qdevices/qnetd-algo-lms.c:234:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tb_node_ring_id, &other_client->last_ring_id, sizeof(struct tlv_ring_id));
data/corosync-qdevice-3.0.1/qdevices/qnetd-algo-lms.c:243:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tb_node_ring_id, &other_client->last_ring_id, sizeof(struct tlv_ring_id));
data/corosync-qdevice-3.0.1/qdevices/qnetd-algo-lms.c:250:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tb_node_ring_id, &other_client->last_ring_id, sizeof(struct tlv_ring_id));
data/corosync-qdevice-3.0.1/qdevices/qnetd-algo-utils.c:129:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&partition->ring_id, &other_client->last_ring_id, sizeof(*ring_id));
data/corosync-qdevice-3.0.1/qdevices/qnetd-client-msg-received.c:171:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(client->cluster_name, msg->cluster_name, msg->cluster_name_len);
data/corosync-qdevice-3.0.1/qdevices/qnetd-client-msg-received.c:355:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&client->last_ring_id, &msg->ring_id, sizeof(struct tlv_ring_id));
data/corosync-qdevice-3.0.1/qdevices/qnetd-client-msg-received.c:385:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&client->tie_breaker, &msg->tie_breaker, sizeof(msg->tie_breaker));
data/corosync-qdevice-3.0.1/qdevices/qnetd-client-msg-received.c:832:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&client->last_ring_id, &msg->ring_id, sizeof(struct tlv_ring_id));
data/corosync-qdevice-3.0.1/qdevices/qnetd-client.c:52:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&client->addr, addr, sizeof(*addr));
data/corosync-qdevice-3.0.1/qdevices/qnetd-cluster.c:52:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cluster->cluster_name, cluster_name, cluster_name_len);
data/corosync-qdevice-3.0.1/qdevices/test-log.c:46:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vsyslog_buf[MAX_LINE_LEN];
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:354:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/corosync-qdevice-3.0.1/qdevices/test-process-list.c:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ignore_sigint_cmd[PATH_MAX];
data/corosync-qdevice-3.0.1/qdevices/test-process-list.c:208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ignore_sigintterm_cmd[PATH_MAX];
data/corosync-qdevice-3.0.1/qdevices/test-qnetd-cluster-list.c:64:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_client->cluster_name, cluster_name, cluster_name_len);
data/corosync-qdevice-3.0.1/qdevices/test-utils.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/corosync-qdevice-3.0.1/qdevices/tlv.c:311:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_buf[12];
data/corosync-qdevice-3.0.1/qdevices/tlv.c:316:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_buf, &nu32, sizeof(nu32));
data/corosync-qdevice-3.0.1/qdevices/tlv.c:317:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_buf + sizeof(nu32), &nu64, sizeof(nu64));
data/corosync-qdevice-3.0.1/qdevices/tlv.c:327:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_buf[5];
data/corosync-qdevice-3.0.1/qdevices/tlv.c:333:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_buf, &u8, sizeof(u8));
data/corosync-qdevice-3.0.1/qdevices/tlv.c:334:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_buf + sizeof(u8), &nu32, sizeof(nu32));
data/corosync-qdevice-3.0.1/qdevices/tlv.c:556:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res, opt_data, sizeof(*res));
data/corosync-qdevice-3.0.1/qdevices/tlv.c:583:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_str, opt_data, opt_len);
data/corosync-qdevice-3.0.1/qdevices/tlv.c:612:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(u16a_res, tlv_iter_get_data(tlv_iter), opt_len);
data/corosync-qdevice-3.0.1/qdevices/tlv.c:781:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_buf[12];
data/corosync-qdevice-3.0.1/qdevices/tlv.c:807:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_buf[5];
data/corosync-qdevice-3.0.1/qdevices/tlv.c:909:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node_info, &tmp_node_info, sizeof(tmp_node_info));
data/corosync-qdevice-3.0.1/qdevices/unix-socket-client.c:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[UNIX_SOCKET_CLIENT_BUFFER];
data/corosync-qdevice-3.0.1/qdevices/utils.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pid_s[17];
data/corosync-qdevice-3.0.1/qdevices/utils.c:97:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lf = open(lockfile, O_WRONLY | O_CREAT, 0640);
data/corosync-qdevice-3.0.1/qdevices/utils.c:179:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
devnull = open("/dev/null", O_RDWR);
data/corosync-qdevice-3.0.1/qdevices/corosync-qdevice-tool.c:180:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc(f)) != EOF) {
data/corosync-qdevice-3.0.1/qdevices/corosync-qdevice-tool.c:253:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (res < 0 || (size_t)res != strlen(dynar_data(&send_str)) ||
data/corosync-qdevice-3.0.1/qdevices/corosync-qdevice.c:169:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dynar_init(&dynar_long_opt, strlen(long_opt) + 1);
data/corosync-qdevice-3.0.1/qdevices/corosync-qnetd-tool.c:207:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc(f)) != EOF) {
data/corosync-qdevice-3.0.1/qdevices/corosync-qnetd-tool.c:281:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (res < 0 || (size_t)res != strlen(dynar_data(&send_str)) ||
data/corosync-qdevice-3.0.1/qdevices/corosync-qnetd.c:221:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dynar_init(&dynar_long_opt, strlen(long_opt) + 1);
data/corosync-qdevice-3.0.1/qdevices/dynar-str.c:45:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > dynar_max_size(dest)) {
data/corosync-qdevice-3.0.1/qdevices/dynar-str.c:58:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (dynar_cat(dest, str, strlen(str)));
data/corosync-qdevice-3.0.1/qdevices/dynar-str.c:65:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (dynar_prepend(dest, str, strlen(str)));
data/corosync-qdevice-3.0.1/qdevices/dynar-str.c:143:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (zi = 0; zi < strlen(str); zi++) {
data/corosync-qdevice-3.0.1/qdevices/process-list.c:111:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dynar_init(&command_dstr, strlen(command) + 1);
data/corosync-qdevice-3.0.1/qdevices/qdevice-cmap.c:403:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(key_name, node_list_prefix_str, strlen(node_list_prefix_str)) == 0) {
data/corosync-qdevice-3.0.1/qdevices/qdevice-cmap.c:407:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(key_name, logging_prefix_str, strlen(logging_prefix_str)) == 0) {
data/corosync-qdevice-3.0.1/qdevices/qdevice-cmap.c:411:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(key_name, heuristics_prefix_str, strlen(heuristics_prefix_str)) == 0) {
data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-cmd.c:127:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(QDEVICE_HEURISTICS_CMD_STR_EXEC_RESULT_ADD_SPACE)) == 0) {
data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-io.c:85:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
readed = read(fd, buf, sizeof(buf));
data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-worker-cmd.c:273:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(QDEVICE_HEURISTICS_CMD_STR_EXEC_LIST_ADD)) == 0) {
data/corosync-qdevice-3.0.1/qdevices/qdevice-heuristics-worker-cmd.c:278:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(QDEVICE_HEURISTICS_CMD_STR_EXEC_ADD_SPACE)) == 0) {
data/corosync-qdevice-3.0.1/qdevices/qnetd-client-net.c:299:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (snprintf(client_addr_str + strlen(client_addr_str),
data/corosync-qdevice-3.0.1/qdevices/test-dynar-simple-lex.c:280:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(cstr) == dynar_size(output_str_ptr) - 1);
data/corosync-qdevice-3.0.1/qdevices/test-dynar-simple-lex.c:281:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(memcmp(cstr, dynar_data(output_str_ptr), strlen(cstr)) == 0);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:130:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
assert(read(fd, buf, BUF_SIZE) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:130:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(read(fd, buf, BUF_SIZE) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:131:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(memcmp(buf, READ_STR, strlen(READ_STR) + 1) == 0);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:146:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
assert(read(fd, buf, BUF_SIZE) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:146:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(read(fd, buf, BUF_SIZE) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:147:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(memcmp(buf, READ_STR, strlen(READ_STR) + 1) == 0);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:210:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(PR_Read(prfd, buf, BUF_SIZE) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:211:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(memcmp(buf, READ_STR, strlen(READ_STR) + 1) == 0);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:226:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(PR_Read(prfd, buf, BUF_SIZE) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:227:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(memcmp(buf, READ_STR, strlen(READ_STR) + 1) == 0);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:286:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
assert(read(test_complex_read_pipe1_fd, buf, BUF_SIZE) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:286:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(read(test_complex_read_pipe1_fd, buf, BUF_SIZE) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:287:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(memcmp(buf, READ_STR, strlen(READ_STR) + 1) == 0);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:361:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
assert(read(fd, buf, BUF_SIZE) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:361:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(read(fd, buf, BUF_SIZE) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:362:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(memcmp(buf, READ_STR, strlen(READ_STR) + 1) == 0);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:580:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(write(pipe_fd1[1], READ_STR, strlen(READ_STR) + 1) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:580:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(write(pipe_fd1[1], READ_STR, strlen(READ_STR) + 1) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:616:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(write(pipe_fd1[1], READ_STR, strlen(READ_STR) + 1) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:616:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(write(pipe_fd1[1], READ_STR, strlen(READ_STR) + 1) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:767:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(PR_Write(write_pipe, READ_STR, strlen(READ_STR) + 1) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:767:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(PR_Write(write_pipe, READ_STR, strlen(READ_STR) + 1) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:803:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(PR_Write(write_pipe, READ_STR, strlen(READ_STR) + 1) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:803:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(PR_Write(write_pipe, READ_STR, strlen(READ_STR) + 1) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:1008:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(write(pipe_fd1[1], READ_STR, strlen(READ_STR) + 1) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:1008:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(write(pipe_fd1[1], READ_STR, strlen(READ_STR) + 1) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:1091:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(write(pipe_fd2[1], READ_STR, strlen(READ_STR) + 1) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-pr-poll-loop.c:1091:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(write(pipe_fd2[1], READ_STR, strlen(READ_STR) + 1) == strlen(READ_STR) + 1);
data/corosync-qdevice-3.0.1/qdevices/test-qnetd-cluster-list.c:140:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
add_client(cl_name, strlen(cl_name), &client[0], &cluster[0]);
data/corosync-qdevice-3.0.1/qdevices/test-qnetd-cluster-list.c:142:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
add_client(cl_name, strlen(cl_name), &client[1], &cluster[1]);
data/corosync-qdevice-3.0.1/qdevices/test-qnetd-cluster-list.c:146:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
add_client(cl_name, strlen(cl_name), &client[2], &cluster[2]);
data/corosync-qdevice-3.0.1/qdevices/test-qnetd-cluster-list.c:148:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
add_client(cl_name, strlen(cl_name), &client[3], &cluster[3]);
data/corosync-qdevice-3.0.1/qdevices/test-qnetd-cluster-list.c:180:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
add_client(cl_name, strlen(cl_name), &client[0], &cluster[0]);
data/corosync-qdevice-3.0.1/qdevices/tlv.c:157:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (tlv_add(msg, opt_type, strlen(str), str));
data/corosync-qdevice-3.0.1/qdevices/unix-socket.c:51:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) >= sizeof(sun.sun_path)) {
data/corosync-qdevice-3.0.1/qdevices/unix-socket.c:63:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sun.sun_path, path, sizeof(sun.sun_path) - 1);
data/corosync-qdevice-3.0.1/qdevices/unix-socket.c:94:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) >= sizeof(sun.sun_path)) {
data/corosync-qdevice-3.0.1/qdevices/unix-socket.c:106:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sun.sun_path, path, sizeof(sun.sun_path) - 1);
data/corosync-qdevice-3.0.1/qdevices/utils.c:131:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(lf, pid_s, strlen(pid_s)) != (ssize_t)strlen(pid_s)) {
data/corosync-qdevice-3.0.1/qdevices/utils.c:131:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(lf, pid_s, strlen(pid_s)) != (ssize_t)strlen(pid_s)) {
ANALYSIS SUMMARY:
Hits = 133
Lines analyzed = 36642 in approximately 0.98 seconds (37458 lines/second)
Physical Source Lines of Code (SLOC) = 22218
Hits@level = [0] 33 [1] 61 [2] 56 [3] 5 [4] 11 [5] 0
Hits@level+ = [0+] 166 [1+] 133 [2+] 72 [3+] 16 [4+] 11 [5+] 0
Hits/KSLOC@level+ = [0+] 7.47142 [1+] 5.98614 [2+] 3.24062 [3+] 0.720137 [4+] 0.495094 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.