Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/crash-7.2.8/arm.c
Examining data/crash-7.2.8/vmcore.h
Examining data/crash-7.2.8/configure.c
Examining data/crash-7.2.8/xen_hyper_global_data.c
Examining data/crash-7.2.8/ia64.c
Examining data/crash-7.2.8/va_server.c
Examining data/crash-7.2.8/lkcd_v1.c
Examining data/crash-7.2.8/xendump.c
Examining data/crash-7.2.8/lkcd_vmdump_v1.h
Examining data/crash-7.2.8/lkcd_dump_v7.h
Examining data/crash-7.2.8/unwind_x86_32_64.c
Examining data/crash-7.2.8/unwind_x86_64.h
Examining data/crash-7.2.8/netdump.c
Examining data/crash-7.2.8/xen_hyper_dump_tables.c
Examining data/crash-7.2.8/rse.h
Examining data/crash-7.2.8/memory.c
Examining data/crash-7.2.8/sparc64.c
Examining data/crash-7.2.8/defs.h
Examining data/crash-7.2.8/unwind.h
Examining data/crash-7.2.8/test.c
Examining data/crash-7.2.8/kaslr_helper.c
Examining data/crash-7.2.8/tools.c
Examining data/crash-7.2.8/lkcd_fix_mem.h
Examining data/crash-7.2.8/alpha.c
Examining data/crash-7.2.8/ramdump.c
Examining data/crash-7.2.8/help.c
Examining data/crash-7.2.8/memory_driver/crash.c
Examining data/crash-7.2.8/kvmdump.c
Examining data/crash-7.2.8/symbols.c
Examining data/crash-7.2.8/s390dbf.c
Examining data/crash-7.2.8/unwind_x86.h
Examining data/crash-7.2.8/global_data.c
Examining data/crash-7.2.8/diskdump.c
Examining data/crash-7.2.8/dev.c
Examining data/crash-7.2.8/vmware_vmss.c
Examining data/crash-7.2.8/ppc.c
Examining data/crash-7.2.8/extensions/trace.c
Examining data/crash-7.2.8/extensions/snap.c
Examining data/crash-7.2.8/extensions/eppic.c
Examining data/crash-7.2.8/extensions/echo.c
Examining data/crash-7.2.8/extensions/dminfo.c
Examining data/crash-7.2.8/unwind_arm.c
Examining data/crash-7.2.8/ppc64.c
Examining data/crash-7.2.8/x86.c
Examining data/crash-7.2.8/extensions.c
Examining data/crash-7.2.8/s390.c
Examining data/crash-7.2.8/arm64.c
Examining data/crash-7.2.8/ibm_common.h
Examining data/crash-7.2.8/va_server.h
Examining data/crash-7.2.8/x86_64.c
Examining data/crash-7.2.8/lkcd_v8.c
Examining data/crash-7.2.8/task.c
Examining data/crash-7.2.8/sadump.c
Examining data/crash-7.2.8/bpf.c
Examining data/crash-7.2.8/main.c
Examining data/crash-7.2.8/lkcd_common.c
Examining data/crash-7.2.8/ipcs.c
Examining data/crash-7.2.8/gdb_interface.c
Examining data/crash-7.2.8/lkcd_fix_mem.c
Examining data/crash-7.2.8/vas_crash.h
Examining data/crash-7.2.8/xen_hyper_command.c
Examining data/crash-7.2.8/unwind_decoder.c
Examining data/crash-7.2.8/qemu-load.h
Examining data/crash-7.2.8/lkcd_x86_trace.c
Examining data/crash-7.2.8/sadump.h
Examining data/crash-7.2.8/diskdump.h
Examining data/crash-7.2.8/lkcd_x86_trace.h
Examining data/crash-7.2.8/vmware_vmss.h
Examining data/crash-7.2.8/netdump.h
Examining data/crash-7.2.8/xen_hyper_defs.h
Examining data/crash-7.2.8/s390x.c
Examining data/crash-7.2.8/xen_dom0.c
Examining data/crash-7.2.8/lkcd_v5.c
Examining data/crash-7.2.8/makedumpfile.c
Examining data/crash-7.2.8/unwind.c
Examining data/crash-7.2.8/lkcd_vmdump_v2_v3.h
Examining data/crash-7.2.8/filesys.c
Examining data/crash-7.2.8/qemu-load.c
Examining data/crash-7.2.8/qemu.c
Examining data/crash-7.2.8/kernel.c
Examining data/crash-7.2.8/xen_dom0.h
Examining data/crash-7.2.8/xendump.h
Examining data/crash-7.2.8/cmdline.c
Examining data/crash-7.2.8/kvmdump.h
Examining data/crash-7.2.8/lkcd_v2_v3.c
Examining data/crash-7.2.8/net.c
Examining data/crash-7.2.8/lkcd_dump_v8.h
Examining data/crash-7.2.8/va_server_v1.c
Examining data/crash-7.2.8/lkcd_v7.c
Examining data/crash-7.2.8/remote.c
Examining data/crash-7.2.8/makedumpfile.h
Examining data/crash-7.2.8/xen_hyper.c
Examining data/crash-7.2.8/unwind_i.h
Examining data/crash-7.2.8/lkcd_dump_v5.h
Examining data/crash-7.2.8/s390_dump.c
Examining data/crash-7.2.8/mips.c
FINAL RESULTS:
data/crash-7.2.8/configure.c:1081:13: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown("Makefile", target_data.statbuf.st_uid,
data/crash-7.2.8/alpha.c:712:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, GDB_PATCHED() ?
data/crash-7.2.8/alpha.c:1264:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor1, "<%s>", name);
data/crash-7.2.8/alpha.c:1265:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor2, "<%s+", name);
data/crash-7.2.8/alpha.c:2014:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "0x%lx <%s>%s",
data/crash-7.2.8/alpha.c:2051:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>", vaddr,
data/crash-7.2.8/alpha.c:2053:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", buf1, colon);
data/crash-7.2.8/alpha.c:2054:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inbuf, buf2);
data/crash-7.2.8/alpha.c:2057:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, inbuf);
data/crash-7.2.8/alpha.c:2073:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>\n", value,
data/crash-7.2.8/alpha.c:2076:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s", buf1);
data/crash-7.2.8/alpha.c:2499:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, arglist[0]);
data/crash-7.2.8/alpha.c:2500:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf3, arglist[2]);
data/crash-7.2.8/arm.c:490:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, machdep->cmdline_args[index]);
data/crash-7.2.8/arm.c:1588:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>", vaddr,
data/crash-7.2.8/arm.c:1590:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", buf1, colon);
data/crash-7.2.8/arm.c:1591:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inbuf, buf2);
data/crash-7.2.8/arm.c:1594:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, inbuf);
data/crash-7.2.8/arm.c:1610:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>\n", value,
data/crash-7.2.8/arm.c:1613:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s", buf1);
data/crash-7.2.8/arm64.c:790:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, machdep->cmdline_args[index]);
data/crash-7.2.8/arm64.c:3177:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofp, (*gdb_output_radix == 16) ?
data/crash-7.2.8/arm64.c:3189:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofp, (*gdb_output_radix == 16) ?
data/crash-7.2.8/arm64.c:3204:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofp, is_64_bit ? "%016lx" : "%08lx",
data/crash-7.2.8/arm64.c:3324:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, arglist[0]);
data/crash-7.2.8/arm64.c:3325:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf3, arglist[2]);
data/crash-7.2.8/arm64.c:3472:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>", vaddr,
data/crash-7.2.8/arm64.c:3474:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", buf1, colon);
data/crash-7.2.8/arm64.c:3475:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inbuf, buf2);
data/crash-7.2.8/arm64.c:3478:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, inbuf);
data/crash-7.2.8/arm64.c:3494:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>\n", value,
data/crash-7.2.8/arm64.c:3497:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s", buf1);
data/crash-7.2.8/arm64.c:3504:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, inbuf);
data/crash-7.2.8/arm64.c:3510:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, " <%s%s>\n",
data/crash-7.2.8/bpf.c:209:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(bpf->prog_hdr1, "%s %s %s %s ",
data/crash-7.2.8/bpf.c:215:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(bpf->map_hdr1, "%s %s %s MAP_FLAGS",
data/crash-7.2.8/bpf.c:473:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, strip_linefeeds(buf1));
data/crash-7.2.8/bpf.c:487:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf4, "<%s>", symbol);
data/crash-7.2.8/bpf.c:701:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retbuf, p);
data/crash-7.2.8/bpf.c:731:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retbuf, p);
data/crash-7.2.8/bpf.c:760:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&retbuf[strlen(retbuf)], "%s%ld",
data/crash-7.2.8/bpf.c:1148:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s", func_id_str);
data/crash-7.2.8/cmdline.c:91:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pc->command_line, "< %s/.%src",
data/crash-7.2.8/cmdline.c:95:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pc->command_line, "< .%src", pc->program_name);
data/crash-7.2.8/cmdline.c:99:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pc->command_line, "< %s", pc->input_file);
data/crash-7.2.8/cmdline.c:103:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pc->command_line, "%s", pc->runtime_ifile_cmd);
data/crash-7.2.8/cmdline.c:110:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pc->command_line, "< %s/.%src",
data/crash-7.2.8/cmdline.c:114:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pc->command_line, "< .%src", pc->program_name);
data/crash-7.2.8/cmdline.c:117:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pc->command_line, "< %s", pc->input_file);
data/crash-7.2.8/cmdline.c:128:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->command_line, pc->readline);
data/crash-7.2.8/cmdline.c:133:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->orig_line, pc->command_line);
data/crash-7.2.8/cmdline.c:143:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->orig_line, pc->command_line);
data/crash-7.2.8/cmdline.c:191:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(local, s);
data/crash-7.2.8/cmdline.c:194:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "* %s", &local[1]);
data/crash-7.2.8/cmdline.c:199:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "< %s", &local[1]);
data/crash-7.2.8/cmdline.c:214:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, path);
data/crash-7.2.8/cmdline.c:221:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "%s/%s", tok, filename);
data/crash-7.2.8/cmdline.c:223:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
(access(buf1, X_OK) == 0)) {
data/crash-7.2.8/cmdline.c:272:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input, entry->line);
data/crash-7.2.8/cmdline.c:304:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input, entry->line);
data/crash-7.2.8/cmdline.c:321:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input, entry->line);
data/crash-7.2.8/cmdline.c:398:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CRASHPAGER_buf, env);
data/crash-7.2.8/cmdline.c:401:40: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
!file_exists(arglist[0], NULL) || access(arglist[0], X_OK) ||
data/crash-7.2.8/cmdline.c:433:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, less_argv[0]);
data/crash-7.2.8/cmdline.c:437:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, more_argv[0]);
data/crash-7.2.8/cmdline.c:446:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%s%s",
data/crash-7.2.8/cmdline.c:496:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system("/bin/sh");
data/crash-7.2.8/cmdline.c:537:37: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(p, "w")) == NULL) {
data/crash-7.2.8/cmdline.c:558:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->pipe_command, p);
data/crash-7.2.8/cmdline.c:647:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->pipe_command, less_argv[0]);
data/crash-7.2.8/cmdline.c:650:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->pipe_command, more_argv[0]);
data/crash-7.2.8/cmdline.c:653:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->pipe_command, CRASHPAGER_argv[0]);
data/crash-7.2.8/cmdline.c:823:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor, "(%s)", comm ? ++comm : pc->pipe_command);
data/crash-7.2.8/cmdline.c:831:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "/proc/%s/stat", dp->d_name);
data/crash-7.2.8/cmdline.c:877:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "ps -ft %s", pc->my_tty);
data/crash-7.2.8/cmdline.c:880:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(buf1, "r")) == NULL) {
data/crash-7.2.8/cmdline.c:978:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(orig_prompt, "%s> ", pc->program_name);
data/crash-7.2.8/cmdline.c:1430:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->runtime_ifile_cmd, pc->orig_line);
data/crash-7.2.8/cmdline.c:1458:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->command_line, buf);
data/crash-7.2.8/cmdline.c:1460:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->orig_line, pc->command_line);
data/crash-7.2.8/cmdline.c:1516:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, inbuf);
data/crash-7.2.8/cmdline.c:1597:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, pc->command_line);
data/crash-7.2.8/cmdline.c:1601:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, &pc->command_line[args[1] - buf1]);
data/crash-7.2.8/cmdline.c:1631:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pc->command_line, remainder);
data/crash-7.2.8/cmdline.c:1745:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, ".%src", pc->program_name);
data/crash-7.2.8/cmdline.c:1750:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "$HOME/.%src", pc->program_name);
data/crash-7.2.8/cmdline.c:1775:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, ".%src", pc->program_name);
data/crash-7.2.8/cmdline.c:1778:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "$HOME/.%src", pc->program_name);
data/crash-7.2.8/cmdline.c:1869:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s ", args[i]);
data/crash-7.2.8/cmdline.c:2007:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->command_line, buf);
data/crash-7.2.8/cmdline.c:2011:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, pc->command_line);
data/crash-7.2.8/cmdline.c:2013:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bufsave, buf);
data/crash-7.2.8/cmdline.c:2045:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, bufsave);
data/crash-7.2.8/cmdline.c:2101:22: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(buf, "r")) == NULL)
data/crash-7.2.8/cmdline.c:2106:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->my_tty, strip_line_end(&buf[strlen("/dev/")]));
data/crash-7.2.8/cmdline.c:2119:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(buf, "r")) == NULL)
data/crash-7.2.8/cmdline.c:2126:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->my_tty, arglist[5]);
data/crash-7.2.8/cmdline.c:2193:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->pipe_command, less_argv[0]);
data/crash-7.2.8/cmdline.c:2196:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->pipe_command, more_argv[0]);
data/crash-7.2.8/cmdline.c:2199:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->pipe_command, CRASHPAGER_argv[0]);
data/crash-7.2.8/cmdline.c:2222:4: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(path, less_argv);
data/crash-7.2.8/cmdline.c:2227:4: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(path, more_argv);
data/crash-7.2.8/cmdline.c:2232:4: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(path, CRASHPAGER_argv);
data/crash-7.2.8/cmdline.c:2283:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(cmd, "r")) == NULL) {
data/crash-7.2.8/cmdline.c:2366:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, p2);
data/crash-7.2.8/cmdline.c:2386:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(aif->fileptr, fileptr);
data/crash-7.2.8/cmdline.c:2418:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(aif->fileptr, fileptr);
data/crash-7.2.8/cmdline.c:2447:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, p2);
data/crash-7.2.8/cmdline.c:2476:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(aif->fileptr, fileptr);
data/crash-7.2.8/cmdline.c:2492:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, pc->orig_line);
data/crash-7.2.8/cmdline.c:2493:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&buf[aif->start], inbuf);
data/crash-7.2.8/cmdline.c:2494:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, &pc->orig_line[aif->resume]);
data/crash-7.2.8/cmdline.c:2495:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->orig_line, buf);
data/crash-7.2.8/cmdline.c:2506:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new, old);
data/crash-7.2.8/cmdline.c:2507:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&new[aif->start], inbuf);
data/crash-7.2.8/cmdline.c:2508:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(new, &old[aif->resume]);
data/crash-7.2.8/cmdline.c:2534:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(orig_line, pc->orig_line);
data/crash-7.2.8/cmdline.c:2545:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(save_args[i], orig_args[i]);
data/crash-7.2.8/cmdline.c:2555:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(orig_args[i], save_args[i]);
data/crash-7.2.8/cmdline.c:2559:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->orig_line, orig_line);
data/crash-7.2.8/configure.c:556:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target_data.release, buf);
data/crash-7.2.8/configure.c:583:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target_data.release, p);
data/crash-7.2.8/configure.c:781:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(target_data.gdb_version, "%s", &sp->GDB[4]);
data/crash-7.2.8/configure.c:804:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s/gdb", gdb_version);
data/crash-7.2.8/configure.c:809:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(gdb_files, "GDB_%s_FILES",
data/crash-7.2.8/configure.c:870:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!(fp = popen("./crash -v", "r"))) {
data/crash-7.2.8/configure.c:1075:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("mv Makefile.new Makefile") != 0) {
data/crash-7.2.8/configure.c:1192:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, line);
data/crash-7.2.8/configure.c:1196:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, p);
data/crash-7.2.8/configure.c:1265:15: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
fp1 = popen("date", "r");
data/crash-7.2.8/configure.c:1266:15: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
fp2 = popen("id", "r");
data/crash-7.2.8/configure.c:1267:8: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
fp3 = popen("gcc --version", "r");
data/crash-7.2.8/configure.c:1298:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(inbuf1, "%s", target_data.release);
data/crash-7.2.8/configure.c:1456:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, inbuf);
data/crash-7.2.8/configure.c:1526:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(crash_target, "%s/crash.target",
data/crash-7.2.8/configure.c:1677:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, initial);
data/crash-7.2.8/configure.c:1690:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, inbuf);
data/crash-7.2.8/dev.c:258:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%%%dlx ",
data/crash-7.2.8/dev.c:261:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, buf, cp->ops);
data/crash-7.2.8/dev.c:334:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%%%dlx ",
data/crash-7.2.8/dev.c:337:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, buf2, cdev);
data/crash-7.2.8/dev.c:406:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%%%dlx ",
data/crash-7.2.8/dev.c:409:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, buf2, cdev);
data/crash-7.2.8/dev.c:531:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%%%dlx ",
data/crash-7.2.8/dev.c:534:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, buf, bp->ops);
data/crash-7.2.8/dev.c:663:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%%%dlx ",
data/crash-7.2.8/dev.c:666:18: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, buf, major_fops[major]);
data/crash-7.2.8/dev.c:693:26: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%%%dlx ",
data/crash-7.2.8/dev.c:696:26: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, buf, major_fops[major]);
data/crash-7.2.8/dev.c:766:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%%%dlx ",
data/crash-7.2.8/dev.c:769:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, buf, gendisk);
data/crash-7.2.8/dev.c:1003:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, fmt, entry, start, end);
data/crash-7.2.8/diskdump.c:2213:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(keybuf, "%s=", key);
data/crash-7.2.8/extensions.c:221:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ext->filename, "./%s", lib);
data/crash-7.2.8/extensions.c:223:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ext->filename, buf);
data/crash-7.2.8/extensions.c:230:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ext->filename, lib);
data/crash-7.2.8/extensions.c:256:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, dlerror());
data/crash-7.2.8/extensions.c:303:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s%s", env,
data/crash-7.2.8/extensions.c:311:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "/usr/lib64/crash/extensions/%s", lib);
data/crash-7.2.8/extensions.c:316:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "/usr/lib/crash/extensions/%s", lib);
data/crash-7.2.8/extensions.c:320:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "./extensions/%s", lib);
data/crash-7.2.8/extensions.c:337:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirbuf, env);
data/crash-7.2.8/extensions.c:381:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s%s%s", dirbuf,
data/crash-7.2.8/extensions/snap.c:146:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "/bin/ls -l %s\n", filename);
data/crash-7.2.8/extensions/snap.c:147:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(buf);
data/crash-7.2.8/extensions/trace.c:180:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, "failed to init the offset, struct:"\
data/crash-7.2.8/extensions/trace.c:268:38: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define print_offset(struct, member) fprintf(fp, \
data/crash-7.2.8/extensions/trace.c:851:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const char *system;
data/crash-7.2.8/extensions/trace.c:1169:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
free(event_types[i]->system);
data/crash-7.2.8/extensions/trace.c:1246:52: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int ftrace_get_event_type_system(ulong call, char *system, int len)
data/crash-7.2.8/extensions/trace.c:1287:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!read_string(sys_addr, system, len))
data/crash-7.2.8/extensions/trace.c:1404:19: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
char name[128], system[128], *print_fmt;
data/crash-7.2.8/extensions/trace.c:1412:42: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ftrace_get_event_type_system(call, system, 128) < 0 ||
data/crash-7.2.8/extensions/trace.c:1438:32: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
aevent_type->system = strdup(system);
data/crash-7.2.8/extensions/trace.c:1451:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!strcmp("ftrace", aevent_type->system))
data/crash-7.2.8/extensions/trace.c:1471:20: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
free(aevent_type->system);
data/crash-7.2.8/extensions/trace.c:1565:57: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
snprintf(path, sizeof(path), "%s/%s", events_path, t->system);
data/crash-7.2.8/extensions/trace.c:1570:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
t->system, t->name);
data/crash-7.2.8/extensions/trace.c:1779:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((file = popen(trace_cmd, "r"))) {
data/crash-7.2.8/extensions/trace.c:1805:15: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!(file = popen(buf, "r")))
data/crash-7.2.8/extensions/trace.c:1925:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
__pos += snprintf(__buf + __pos, tmp_file_size - __pos, fmt); \
data/crash-7.2.8/extensions/trace.c:1935:12: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
__pos += snprintf(__buf + __pos, tmp_file_size - __pos, fmt);\
data/crash-7.2.8/extensions/trace.c:2155:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!system) {
data/crash-7.2.8/extensions/trace.c:2156:30: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system = event_types[i]->system;
data/crash-7.2.8/extensions/trace.c:2160:32: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!strcmp(event_types[i]->system, system))
data/crash-7.2.8/extensions/trace.c:2160:40: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!strcmp(event_types[i]->system, system))
data/crash-7.2.8/extensions/trace.c:2163:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!system)
data/crash-7.2.8/extensions/trace.c:2182:51: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (write_and_check(fd, (void *)event_types[i]->system,
data/crash-7.2.8/extensions/trace.c:2183:28: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
strlen(event_types[i]->system) + 1))
data/crash-7.2.8/filesys.c:384:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dirbuf, "/usr/src/%s", dp->d_name);
data/crash-7.2.8/filesys.c:397:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(searchdirs[cnt], "%s/", dirbuf);
data/crash-7.2.8/filesys.c:422:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(searchdirs[cnt], "%s/", dirbuf);
data/crash-7.2.8/filesys.c:434:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(searchdirs[cnt], "%s/", dirbuf);
data/crash-7.2.8/filesys.c:446:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(searchdirs[cnt], "%s/", dirbuf);
data/crash-7.2.8/filesys.c:457:26: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(searchdirs[cnt], "%s/", dirbuf);
data/crash-7.2.8/filesys.c:563:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s/", pc->redhat_debug_loc);
data/crash-7.2.8/filesys.c:630:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(kernel, "%s%s", searchdirs[i], dp->d_name);
data/crash-7.2.8/filesys.c:658:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->namelist, kernel);
data/crash-7.2.8/filesys.c:728:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mount_points[i], arglist[1]);
data/crash-7.2.8/filesys.c:843:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(system_map, "%s%s", searchdirs[i],
data/crash-7.2.8/filesys.c:868:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->system_map, system_map);
data/crash-7.2.8/filesys.c:1026:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command,
data/crash-7.2.8/filesys.c:1030:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(command, "r")) == NULL) {
data/crash-7.2.8/filesys.c:1049:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retbuf, buf);
data/crash-7.2.8/filesys.c:1055:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retbuf, buf);
data/crash-7.2.8/filesys.c:1314:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, buf1);
data/crash-7.2.8/filesys.c:1390:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mount_files_header, "%s%s%s%sTYPE%sPATH\n",
data/crash-7.2.8/filesys.c:1504:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf3, "%-6s ", buf4);
data/crash-7.2.8/filesys.c:1509:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf4, "%s ",
data/crash-7.2.8/filesys.c:1512:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf4, "%s ",
data/crash-7.2.8/filesys.c:1515:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "%s%s", buf3, buf4);
data/crash-7.2.8/filesys.c:2201:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(header, "%s NRPAGES\n",
data/crash-7.2.8/filesys.c:2428:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(files_header, " FD%s%s%s%s%sNRPAGES%sTYPE%sPATH\n",
data/crash-7.2.8/filesys.c:2438:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(files_header, " FD%s%s%s%s%s%s%sTYPE%sPATH\n",
data/crash-7.2.8/filesys.c:2712:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, ref->refp);
data/crash-7.2.8/filesys.c:2772:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nlm_files_header,
data/crash-7.2.8/filesys.c:2847:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, nlm_header);
data/crash-7.2.8/filesys.c:2848:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, nlm_files_header);
data/crash-7.2.8/filesys.c:3124:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pathname, "%s%s%s", buf,
data/crash-7.2.8/filesys.c:3127:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pathname,
data/crash-7.2.8/filesys.c:3204:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathbuf, dentry_buf + OFFSET(dentry_d_iname));
data/crash-7.2.8/filesys.c:3408:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fuser_header, " PID %s COMM USAGE\n",
data/crash-7.2.8/filesys.c:3441:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(task_buf, buf);
data/crash-7.2.8/filesys.c:3691:22: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(MODPROBE_CMD, "r")) == NULL) {
data/crash-7.2.8/filesys.c:3696:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(modname1, "%s.o", pc->memory_module);
data/crash-7.2.8/filesys.c:3697:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(modname2, "%s.ko", pc->memory_module);
data/crash-7.2.8/filesys.c:3701:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,
data/crash-7.2.8/filesys.c:3800:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "/sbin/modprobe %s", pc->memory_module);
data/crash-7.2.8/filesys.c:3804:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(command, "r")) == NULL) {
data/crash-7.2.8/filesys.c:3985:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "/sbin/rmmod %s", pc->memory_module);
data/crash-7.2.8/filesys.c:3988:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
errors += system(command);
data/crash-7.2.8/filesys.c:4309:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "/usr/bin/strings %s", filename);
data/crash-7.2.8/filesys.c:4310:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(command, "r")) == NULL) {
data/crash-7.2.8/gdb_interface.c:555:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "GNU_GET_DATATYPE[%s]",
data/crash-7.2.8/gdb_interface.c:805:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, first_space(pc->orig_line));
data/crash-7.2.8/gdb_interface.c:808:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, pc->orig_line);
data/crash-7.2.8/gdb_interface.c:962:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "(%d buffer%s in use)\n",
data/crash-7.2.8/help.c:412:17: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(scroll = popen(scroll_command, "w")))
data/crash-7.2.8/help.c:418:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, *p, pc->program_name);
data/crash-7.2.8/help.c:7988:31: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(scroll = popen(scroll_command, "w")))
data/crash-7.2.8/help.c:8084:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, *p, pc->program_name, pc->program_name);
data/crash-7.2.8/help.c:8090:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, *p, pc->program_name);
data/crash-7.2.8/help.c:8095:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, *p, pc->program_name);
data/crash-7.2.8/help.c:8103:18: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, *p, pc->program_name, pc->program_name);
data/crash-7.2.8/help.c:8201:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, input_info[i],
data/crash-7.2.8/help.c:8244:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, output_info[i],
data/crash-7.2.8/ia64.c:320:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, machdep->cmdline_args[index]);
data/crash-7.2.8/ia64.c:1280:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, arglist[0]);
data/crash-7.2.8/ia64.c:1281:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf3, arglist[2]);
data/crash-7.2.8/ia64.c:1448:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>", vaddr,
data/crash-7.2.8/ia64.c:1450:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", buf1, colon);
data/crash-7.2.8/ia64.c:1451:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inbuf, buf2);
data/crash-7.2.8/ia64.c:1454:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, inbuf);
data/crash-7.2.8/ia64.c:1479:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>%s\n", value,
data/crash-7.2.8/ia64.c:1483:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s", buf1);
data/crash-7.2.8/ia64.c:1502:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, " <%s>;;\n",
data/crash-7.2.8/ia64.c:1507:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p2, "%s", buf1);
data/crash-7.2.8/ia64.c:1513:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, " <%s>\n",
data/crash-7.2.8/ia64.c:1518:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p2, "%s", buf1);
data/crash-7.2.8/ia64.c:3423:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s", p2);
data/crash-7.2.8/ia64.c:3427:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s%s", i ? ", " : "", buf2);
data/crash-7.2.8/ia64.c:3429:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, ",\n %s", buf2);
data/crash-7.2.8/ia64.c:3525:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, GDB_PATCHED() ?
data/crash-7.2.8/kernel.c:826:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(map_symbol, "cpu_%s_map", type);
data/crash-7.2.8/kernel.c:830:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(map_symbol, "cpu_%s_mask", type);
data/crash-7.2.8/kernel.c:836:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(map_symbol, "__cpu_%s_mask", type);
data/crash-7.2.8/kernel.c:848:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(map_symbol, "cpu_%s_map", name);
data/crash-7.2.8/kernel.c:852:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(map_symbol, "cpu_%s_mask", name);
data/crash-7.2.8/kernel.c:856:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(map_symbol, "__cpu_%s_map", name);
data/crash-7.2.8/kernel.c:860:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(map_symbol, "__cpu_%s_mask", name);
data/crash-7.2.8/kernel.c:883:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(map_symbol, "cpu_%s_map", type);
data/crash-7.2.8/kernel.c:1077:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(kt->proc_version, strip_linefeeds(buf));
data/crash-7.2.8/kernel.c:1133:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s:%s", pc->server, pc->server_memsrc);
data/crash-7.2.8/kernel.c:1135:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", ACTIVE() ? pc->live_memsrc : pc->dumpfile);
data/crash-7.2.8/kernel.c:1311:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "/usr/bin/strings %s", namelist);
data/crash-7.2.8/kernel.c:1312:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(command, "r")) == NULL) {
data/crash-7.2.8/kernel.c:1334:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer2, buffer);
data/crash-7.2.8/kernel.c:1357:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s:%s kernel",
data/crash-7.2.8/kernel.c:1360:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s kernel", ACTIVE() ?
data/crash-7.2.8/kernel.c:1362:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer5, " %s: %s\n %s: %s\n\n",
data/crash-7.2.8/kernel.c:1403:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s:%s", pc->server, pc->server_memsrc);
data/crash-7.2.8/kernel.c:1405:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s", ACTIVE() ? "live system" : pc->dumpfile);
data/crash-7.2.8/kernel.c:1407:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer5, " %s is %s -- %s is %s\n",
data/crash-7.2.8/kernel.c:1434:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "/usr/bin/ls -d %s/arch/*/include/asm 2>/dev/null",
data/crash-7.2.8/kernel.c:1436:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(command, "r"))) {
data/crash-7.2.8/kernel.c:1438:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "directory %s", buf);
data/crash-7.2.8/kernel.c:1445:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "directory %s", kt->source_tree);
data/crash-7.2.8/kernel.c:1489:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, buf1);
data/crash-7.2.8/kernel.c:1506:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, argv[argc-1]);
data/crash-7.2.8/kernel.c:1524:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf3, "%s: No such file or directory.", file);
data/crash-7.2.8/kernel.c:1572:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, buf1);
data/crash-7.2.8/kernel.c:1644:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, arg);
data/crash-7.2.8/kernel.c:2116:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf4, buf3);
data/crash-7.2.8/kernel.c:2634:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(arg_buf, optarg);
data/crash-7.2.8/kernel.c:2678:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, FRAMESIZE_DEBUG_MESSAGE);
data/crash-7.2.8/kernel.c:2696:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, FRAMESIZE_DEBUG_MESSAGE);
data/crash-7.2.8/kernel.c:3824:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, module_name);
data/crash-7.2.8/kernel.c:4129:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(treebuf, module);
data/crash-7.2.8/kernel.c:4135:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gdb_buffer, treebuf);
data/crash-7.2.8/kernel.c:4613:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, filename);
data/crash-7.2.8/kernel.c:4619:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.%s", modref, fileext[i]);
data/crash-7.2.8/kernel.c:4620:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(file, R_OK) == 0) {
data/crash-7.2.8/kernel.c:4622:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retbuf, file);
data/crash-7.2.8/kernel.c:4633:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.o", modref);
data/crash-7.2.8/kernel.c:4646:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "__insmod_%s_O/", modref);
data/crash-7.2.8/kernel.c:4657:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "/lib/%s.o", modref);
data/crash-7.2.8/kernel.c:4661:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, buf);
data/crash-7.2.8/kernel.c:4664:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retbuf, buf);
data/crash-7.2.8/kernel.c:4675:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "/lib/%s.o", modref);
data/crash-7.2.8/kernel.c:4696:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retbuf, lm->mod_namelist);
data/crash-7.2.8/kernel.c:4711:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.ko", modref);
data/crash-7.2.8/kernel.c:4714:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.ko.debug", modref);
data/crash-7.2.8/kernel.c:4722:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "%s/%s", DEFAULT_REDHAT_DEBUG_LOCATION,
data/crash-7.2.8/kernel.c:4727:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "%s", env);
data/crash-7.2.8/kernel.c:4732:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.ko", modref);
data/crash-7.2.8/kernel.c:4735:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.ko.debug", modref);
data/crash-7.2.8/kernel.c:4743:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "/lib/modules/%s/updates", kt->utsname.release);
data/crash-7.2.8/kernel.c:4748:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.ko", modref);
data/crash-7.2.8/kernel.c:4755:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "/lib/modules/%s", kt->utsname.release);
data/crash-7.2.8/kernel.c:4760:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.ko", modref);
data/crash-7.2.8/kernel.c:4767:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "%s", kt->module_tree);
data/crash-7.2.8/kernel.c:4772:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.ko", modref);
data/crash-7.2.8/kernel.c:4775:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.ko.debug", modref);
data/crash-7.2.8/kernel.c:4788:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "%s", dirname(namelist));
data/crash-7.2.8/kernel.c:4793:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.ko", modref);
data/crash-7.2.8/kernel.c:4796:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.ko.debug", modref);
data/crash-7.2.8/kernel.c:4805:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.ko", modref);
data/crash-7.2.8/kernel.c:4806:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "/usr/lib/kpatch/%s", kt->utsname.release);
data/crash-7.2.8/kernel.c:4808:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.ko.debug", modref);
data/crash-7.2.8/kernel.c:4809:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "/usr/lib/debug/usr/lib/kpatch/%s",
data/crash-7.2.8/kernel.c:5579:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "/usr/bin/strings %s", namelist);
data/crash-7.2.8/kernel.c:5581:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(command, "r")) == NULL) {
data/crash-7.2.8/kernel.c:5602:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(debug_kernel_version_string, "(%s)", arglist[2]);
data/crash-7.2.8/kernel.c:5754:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, (*gdb_output_radix == 16) ?
data/crash-7.2.8/kernel.c:5767:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, (*gdb_output_radix == 16) ? "%3x " : "%3d ", i);
data/crash-7.2.8/kernel.c:5806:18: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf3, (*gdb_output_radix == 16) ? "%lx" : "%ld",
data/crash-7.2.8/kernel.c:5811:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, buf1);
data/crash-7.2.8/kernel.c:6337:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(arg_buf, optarg);
data/crash-7.2.8/kernel.c:7102:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name_buf, buf);
data/crash-7.2.8/kernel.c:7242:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name_buf, buf2);
data/crash-7.2.8/kernel.c:10144:2: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(name, "CONFIG_%s", name);
data/crash-7.2.8/kernel.c:10218:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(name, "CONFIG_%s", name);
data/crash-7.2.8/kernel.c:10669:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, string);
data/crash-7.2.8/kernel.c:11405:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(keybuf, "%s=", key);
data/crash-7.2.8/kvmdump.c:718:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(pc->dumpfile, W_OK) != 0)
data/crash-7.2.8/kvmdump.c:847:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s.map", pc->dumpfile);
data/crash-7.2.8/kvmdump.c:903:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mapfile, "%s.map", pc->dumpfile);
data/crash-7.2.8/kvmdump.h:86:49: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define dprintf(x...) do { if (*(kvm->debug)) fprintf(kvm->ofp, x); } while (0)
data/crash-7.2.8/lkcd_common.c:132:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, lkcd->panic_string);
data/crash-7.2.8/lkcd_common.c:149:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lkcd->panic_string, buf);
data/crash-7.2.8/lkcd_common.c:172:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(errbuf, s);
data/crash-7.2.8/lkcd_common.c:1294:15: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)vsnprintf(buf, BUFSIZE, fmt, ap);
data/crash-7.2.8/lkcd_v7.c:89:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dumpfile_index_name, dumpfile);
data/crash-7.2.8/lkcd_v7.c:100:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dumpfile_index_name, dumpfile);
data/crash-7.2.8/lkcd_v8.c:282:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dumpfile_index_name, dumpfile);
data/crash-7.2.8/lkcd_v8.c:291:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dumpfile_index_name, dumpfile);
data/crash-7.2.8/lkcd_x86_trace.c:157:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "(%s)", buf);
data/crash-7.2.8/lkcd_x86_trace.c:2762:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, " (via %s)", sp->name);
data/crash-7.2.8/lkcd_x86_trace.c:2766:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, " (via %s)", sp->name);
data/crash-7.2.8/main.c:1034:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "%s", cmd);
data/crash-7.2.8/main.c:1039:26: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, args[i]);
data/crash-7.2.8/main.c:1043:26: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, args[i]);
data/crash-7.2.8/main.c:1045:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(command) == -1)
data/crash-7.2.8/main.c:1195:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->home, p1);
data/crash-7.2.8/main.c:1196:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(homerc, "%s/.%src", pc->home, pc->program_name);
data/crash-7.2.8/main.c:1211:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(localrc, ".%src", pc->program_name);
data/crash-7.2.8/main.c:1256:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sRUNTIME", others++ ? "|" : "");
data/crash-7.2.8/main.c:1258:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sLIVE_SYSTEM",
data/crash-7.2.8/main.c:1261:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sTTY", others++ ? "|" : "");
data/crash-7.2.8/main.c:1263:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sIN_FOREACH", others++ ? "|" : "");
data/crash-7.2.8/main.c:1265:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sMFD_RDWR", others++ ? "|" : "");
data/crash-7.2.8/main.c:1267:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sKVMDUMP", others++ ? "|" : "");
data/crash-7.2.8/main.c:1269:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sSILENT", others++ ? "|" : "");
data/crash-7.2.8/main.c:1271:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sHASH", others++ ? "|" : "");
data/crash-7.2.8/main.c:1273:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sSCROLL", others++ ? "|" : "");
data/crash-7.2.8/main.c:1275:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sNO_CONSOLE", others++ ? "|" : "");
data/crash-7.2.8/main.c:1277:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sMCLXCD", others++ ? "|" : "");
data/crash-7.2.8/main.c:1279:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sRUNTIME_IFILE",
data/crash-7.2.8/main.c:1282:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sCMDLINE_IFILE",
data/crash-7.2.8/main.c:1285:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sDROP_CORE", others++ ? "|" : "");
data/crash-7.2.8/main.c:1287:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sLKCD", others++ ? "|" : "");
data/crash-7.2.8/main.c:1289:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sGDB_INIT", others++ ? "|" : "");
data/crash-7.2.8/main.c:1291:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sIN_GDB", others++ ? "|" : "");
data/crash-7.2.8/main.c:1293:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sRCHOME_IFILE",
data/crash-7.2.8/main.c:1296:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sRCLOCAL_IFILE",
data/crash-7.2.8/main.c:1299:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sREADLINE", others++ ? "|" : "");
data/crash-7.2.8/main.c:1301:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1304:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sIN_RESTART", others++ ? "|" : "");
data/crash-7.2.8/main.c:1306:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1309:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1312:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1315:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1318:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1321:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1324:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1327:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1330:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1333:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1336:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1339:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1342:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1345:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1348:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1351:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1354:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1357:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1360:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1363:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1366:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1369:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1372:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1375:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1378:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1381:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1384:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1387:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1390:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1393:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1396:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1399:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1402:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1405:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1408:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1411:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1414:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1417:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1420:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1423:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1431:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "\n%s\n",
data/crash-7.2.8/main.c:1441:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, buf2);
data/crash-7.2.8/main.c:1569:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1572:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1575:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1578:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1581:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1584:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1587:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1590:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1593:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1596:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1599:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/makedumpfile.c:378:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "/usr/bin/strings -n %d %s", c, file);
data/crash-7.2.8/makedumpfile.c:380:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(buf, "r")) == NULL)
data/crash-7.2.8/memory.c:1575:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readtype, "64-bit %s", addrtype);
data/crash-7.2.8/memory.c:1585:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readtype, "32-bit %s", addrtype);
data/crash-7.2.8/memory.c:1593:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readtype, "16-bit %s", addrtype);
data/crash-7.2.8/memory.c:1601:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readtype, "8-bit %s", addrtype);
data/crash-7.2.8/memory.c:1658:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "[%llx:%s]",
data/crash-7.2.8/memory.c:1662:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "[%s]", slab);
data/crash-7.2.8/memory.c:1669:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, hex_64_fmt, LONG_LONG_PRLEN,
data/crash-7.2.8/memory.c:1675:33: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, dec_64_fmt, mem.u64);
data/crash-7.2.8/memory.c:1677:33: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, dec_u64_fmt, mem.u64);
data/crash-7.2.8/memory.c:1686:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, INT_PRLEN == 16 ?
data/crash-7.2.8/memory.c:1695:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "[%x:%s]",
data/crash-7.2.8/memory.c:1698:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "[%s]", slab);
data/crash-7.2.8/memory.c:1699:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, INT_PRLEN == 16 ?
data/crash-7.2.8/memory.c:2043:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(retbuf, INT_PRLEN == 16 ?
data/crash-7.2.8/memory.c:2047:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "[%lx:%s]", value, slab);
data/crash-7.2.8/memory.c:2049:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "[%s]", slab);
data/crash-7.2.8/memory.c:2050:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(retbuf, INT_PRLEN == 16 ?
data/crash-7.2.8/memory.c:2061:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(retbuf, "%-16s", buf);
data/crash-7.2.8/memory.c:2064:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "[%lx:%s]", value, slab);
data/crash-7.2.8/memory.c:2066:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "[%s]", slab);
data/crash-7.2.8/memory.c:2067:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(retbuf, "%-16s", buf);
data/crash-7.2.8/memory.c:2727:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(membuf, debug ? "UVADDR" : "user virtual");
data/crash-7.2.8/memory.c:2730:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(membuf, debug ? "KVADDR" : "kernel virtual");
data/crash-7.2.8/memory.c:2733:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(membuf, debug ? "PHYSADDR" : "physical");
data/crash-7.2.8/memory.c:2736:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(membuf, debug ? "XENMACHADDR" : "xen machine");
data/crash-7.2.8/memory.c:2739:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(membuf, debug ? "FILEADDR" : "dumpfile");
data/crash-7.2.8/memory.c:2766:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&ebuf[strlen(ebuf)], "%sROE", others++ ? "|" : "");
data/crash-7.2.8/memory.c:2768:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&ebuf[strlen(ebuf)], "%sFOE", others++ ? "|" : "");
data/crash-7.2.8/memory.c:2770:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&ebuf[strlen(ebuf)], "%sQ", others++ ? "|" : "");
data/crash-7.2.8/memory.c:2772:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&ebuf[strlen(ebuf)], "%sHB", others++ ? "|" : "");
data/crash-7.2.8/memory.c:2774:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&ebuf[strlen(ebuf)], "%sRP", others++ ? "|" : "");
data/crash-7.2.8/memory.c:2776:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&ebuf[strlen(ebuf)], "%sNDS", others++ ? "|" : "");
data/crash-7.2.8/memory.c:3939:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(vma_header, "%s%s%s%s%s FLAGS%sFILE\n",
data/crash-7.2.8/memory.c:4132:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf3, "%s %s\n",
data/crash-7.2.8/memory.c:4151:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf3, "%s SWAP: %s\n",
data/crash-7.2.8/memory.c:4168:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf4, buf3);
data/crash-7.2.8/memory.c:4184:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf3, "%s FILE: %s\n",
data/crash-7.2.8/memory.c:4203:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf3, "%s (not mapped)\n",
data/crash-7.2.8/memory.c:4364:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, optlist);
data/crash-7.2.8/memory.c:4491:19: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer + bufferindex,
data/crash-7.2.8/memory.c:4531:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer + bufferindex,
data/crash-7.2.8/memory.c:4534:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer + bufferindex,
data/crash-7.2.8/memory.c:4537:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer + bufferindex,
data/crash-7.2.8/memory.c:4541:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer + bufferindex,
data/crash-7.2.8/memory.c:4545:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer + bufferindex,
data/crash-7.2.8/memory.c:4548:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer + bufferindex,
data/crash-7.2.8/memory.c:4551:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer + bufferindex,
data/crash-7.2.8/memory.c:4554:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer + bufferindex,
data/crash-7.2.8/memory.c:4568:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer + bufferindex,
data/crash-7.2.8/memory.c:4577:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bufferindex += sprintf(outputbuffer + bufferindex,
data/crash-7.2.8/memory.c:4593:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bufferindex += sprintf(outputbuffer + bufferindex, "%s ",
data/crash-7.2.8/memory.c:4596:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer + bufferindex,
data/crash-7.2.8/memory.c:5414:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *)&style1, "%%lx%s%%%dllx%s%%%dlx%s%%8lx %%2d%s",
data/crash-7.2.8/memory.c:5421:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *)&style2, "%%-%dlx%s%%%dllx%s%s%s%s %2s ",
data/crash-7.2.8/memory.c:5430:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *)&style3, "%%-%dlx%s%%%dllx%s%s%s%s %%2d ",
data/crash-7.2.8/memory.c:5438:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *)&style4, "%%-%dlx%s%%%dllx%s%%%dlx%s%%8lx %%2d ",
data/crash-7.2.8/memory.c:5449:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hdr, "%s%s%s%s%s%s%s%sCNT FLAGS\n",
data/crash-7.2.8/memory.c:5460:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hdr, "%s", mkstring(buf1, VADDR_PRLEN, CENTER, "PAGE"));
data/crash-7.2.8/memory.c:5462:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&hdr[strlen(hdr)], " %s",
data/crash-7.2.8/memory.c:5466:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hdr, "%s%s%s%s%s%s%sCNT FLAGS\n",
data/crash-7.2.8/memory.c:5708:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer+bufferindex,
data/crash-7.2.8/memory.c:5719:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer+bufferindex,
data/crash-7.2.8/memory.c:5722:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer+bufferindex,
data/crash-7.2.8/memory.c:5725:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer+bufferindex,
data/crash-7.2.8/memory.c:5732:23: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define sprintflag(X) sprintf(outputbuffer + bufferindex, X, others++ ? "," : "")
data/crash-7.2.8/memory.c:5903:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *)&style1, "%%lx%s%%%dllx%s%%%dlx%s%%8lx %%2d%s",
data/crash-7.2.8/memory.c:5910:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *)&style2, "%%-%dlx%s%%%dllx%s%s%s%s %2s ",
data/crash-7.2.8/memory.c:5919:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *)&style3, "%%-%dlx%s%%%dllx%s%s%s%s %%2d ",
data/crash-7.2.8/memory.c:5927:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *)&style4, "%%-%dlx%s%%%dllx%s%%%dlx%s%%8lx %%2d ",
data/crash-7.2.8/memory.c:5938:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hdr, "%s%s%s%s%s%s%s%sCNT FLAGS\n",
data/crash-7.2.8/memory.c:5949:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hdr, "%s", mkstring(buf1, VADDR_PRLEN, CENTER, "PAGE"));
data/crash-7.2.8/memory.c:5951:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&hdr[strlen(hdr)], " %s",
data/crash-7.2.8/memory.c:5955:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hdr, "%s%s%s%s%s%s%sCNT FLAGS\n",
data/crash-7.2.8/memory.c:6159:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer+bufferindex,
data/crash-7.2.8/memory.c:6170:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer+bufferindex,
data/crash-7.2.8/memory.c:6173:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer+bufferindex,
data/crash-7.2.8/memory.c:6176:21: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
bufferindex += sprintf(outputbuffer+bufferindex,
data/crash-7.2.8/memory.c:6183:23: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define sprintflag(X) sprintf(outputbuffer + bufferindex, X, others++ ? "," : "")
data/crash-7.2.8/memory.c:6504:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nameptr, namebuf);
data/crash-7.2.8/memory.c:6567:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nameptr, arglist[0] + strlen("PG_"));
data/crash-7.2.8/memory.c:6614:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%s%s",
data/crash-7.2.8/memory.c:6620:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, buf);
data/crash-7.2.8/memory.c:6783:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hash_table, buf);
data/crash-7.2.8/memory.c:6967:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_free_hdr, buf);
data/crash-7.2.8/memory.c:6972:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_free, buf);
data/crash-7.2.8/memory.c:7180:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_area_hdr, buf);
data/crash-7.2.8/memory.c:7182:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_area, strip_linefeeds(buf));
data/crash-7.2.8/memory.c:7457:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_node, strip_linefeeds(buf));
data/crash-7.2.8/memory.c:7462:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_zone, strip_linefeeds(buf));
data/crash-7.2.8/memory.c:7466:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_area_hdr, buf);
data/crash-7.2.8/memory.c:7468:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_area, strip_linefeeds(buf));
data/crash-7.2.8/memory.c:7836:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_node, strip_linefeeds(buf));
data/crash-7.2.8/memory.c:7841:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_zone, strip_linefeeds(buf));
data/crash-7.2.8/memory.c:7845:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_area_hdr, buf);
data/crash-7.2.8/memory.c:7847:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_area, strip_linefeeds(buf));
data/crash-7.2.8/memory.c:7985:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(namebuf, "%-8s", buf1);
data/crash-7.2.8/memory.c:9463:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(slab_hdr,
data/crash-7.2.8/memory.c:9468:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(slab_hdr,
data/crash-7.2.8/memory.c:9475:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(kmem_cache_hdr,
data/crash-7.2.8/memory.c:10016:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, si->ignore);
data/crash-7.2.8/memory.c:13912:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, mbs ? "%ld GB %ld MB" : "%ld GB", gbs, mbs);
data/crash-7.2.8/memory.c:14559:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(si->buf, "(%s)", opt_string);
data/crash-7.2.8/memory.c:15789:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s OFFSET: %lld",
data/crash-7.2.8/memory.c:15792:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s OFFSET: %llx",
data/crash-7.2.8/memory.c:15977:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s OFFSET: %lx", file, offset);
data/crash-7.2.8/memory.c:16210:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf5, " %2d %s %s %s %s\n", id,
data/crash-7.2.8/memory.c:16242:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s %s START_PADDR START_MAPNR",
data/crash-7.2.8/memory.c:17271:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bufidx += sprintf(buf + bufidx, "%s", "P");
data/crash-7.2.8/memory.c:17273:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bufidx += sprintf(buf + bufidx, "%s", "M");
data/crash-7.2.8/memory.c:17275:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bufidx += sprintf(buf + bufidx, "%s", "O");
data/crash-7.2.8/memory.c:17277:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
bufidx += sprintf(buf + bufidx, "%s", "E");
data/crash-7.2.8/memory.c:17360:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", "ONLINE");
data/crash-7.2.8/memory.c:17363:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", "GOING_OFFLINE");
data/crash-7.2.8/memory.c:17366:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", "OFFLINE");
data/crash-7.2.8/memory.c:17369:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", "GOING_ONLINE");
data/crash-7.2.8/memory.c:17372:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", "CANCEL_ONLINE");
data/crash-7.2.8/memory.c:17375:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", "CANCEL_OFFLINE");
data/crash-7.2.8/memory.c:17378:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", "UNKNOWN");
data/crash-7.2.8/memory.c:17413:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(parange, "%s",
data/crash-7.2.8/memory.c:17416:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(parange, "%s - %s",
data/crash-7.2.8/memory.c:17570:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(paddr_hdr, "%s", "PHYSICAL RANGE");
data/crash-7.2.8/memory.c:17572:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(paddr_hdr, "%s", "PHYSICAL START");
data/crash-7.2.8/memory.c:17575:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mb_hdr, "\n%s %s %s %s %s %s\n",
data/crash-7.2.8/memory.c:17583:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mb_hdr, "\n%s %s %s %s %s\n",
data/crash-7.2.8/memory.c:17955:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(start, arglist[0]);
data/crash-7.2.8/memory.c:18145:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nameptr, arglist[c-1]);
data/crash-7.2.8/memory.c:18181:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", entry_list[i].name);
data/crash-7.2.8/memory.c:18310:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(start, arglist[0]);
data/crash-7.2.8/memory.c:18381:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(header, "%s BIT VALUE\n",
data/crash-7.2.8/mips.c:195:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, "%s" #flag, others++ ? "|" : "")
data/crash-7.2.8/net.c:90:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((f), "%s %s", (s), (m)); \
data/crash-7.2.8/net.c:909:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", pos ? ", " : "", inet_ntoa(ifa_address));
data/crash-7.2.8/net.c:1068:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%*s-%-*d%s",
data/crash-7.2.8/net.c:1075:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%*s-%-*d%s",
data/crash-7.2.8/net.c:1083:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], " %s-%d ",
data/crash-7.2.8/net.c:1087:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%s-%d",
data/crash-7.2.8/net.c:1121:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%*s ", BITS32() ? 22 : 12,
data/crash-7.2.8/net.c:1127:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%s", buf2);
data/crash-7.2.8/net.c:1178:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(bp, "|%s", (s)); \
data/crash-7.2.8/net.c:1180:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(bp, "%s", (s)); \
data/crash-7.2.8/netdump.c:129:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s: open", file);
data/crash-7.2.8/netdump.c:146:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s: ELF header read", file);
data/crash-7.2.8/netdump.c:498:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s: section header lseek",
data/crash-7.2.8/netdump.c:505:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s: section header read",
data/crash-7.2.8/netdump.c:532:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s: lseek", file);
data/crash-7.2.8/netdump.c:537:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s: ELF header read", file);
data/crash-7.2.8/netdump.c:582:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s: lseek", file);
data/crash-7.2.8/netdump.c:587:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s: ELF header read", file);
data/crash-7.2.8/netdump.c:610:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s: open", file);
data/crash-7.2.8/netdump.c:617:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s: read", file);
data/crash-7.2.8/netdump.c:892:15: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)vsnprintf(buf, BUFSIZE, fmt, ap);
data/crash-7.2.8/ppc.c:934:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, arglist[0]);
data/crash-7.2.8/ppc.c:935:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf3, arglist[2]);
data/crash-7.2.8/ppc.c:1726:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>", vaddr,
data/crash-7.2.8/ppc.c:1728:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", buf1, colon);
data/crash-7.2.8/ppc.c:1729:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inbuf, buf2);
data/crash-7.2.8/ppc.c:1732:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, inbuf);
data/crash-7.2.8/ppc.c:1748:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>\n", value,
data/crash-7.2.8/ppc.c:1751:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s", buf1);
data/crash-7.2.8/ppc.c:1966:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, GDB_PATCHED() ?
data/crash-7.2.8/ppc64.c:1614:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, arglist[0]);
data/crash-7.2.8/ppc64.c:1615:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf3, arglist[2]);
data/crash-7.2.8/ppc64.c:2856:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>", vaddr,
data/crash-7.2.8/ppc64.c:2858:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", buf1, colon);
data/crash-7.2.8/ppc64.c:2859:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inbuf, buf2);
data/crash-7.2.8/ppc64.c:2862:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, inbuf);
data/crash-7.2.8/ppc64.c:2878:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>\n", value,
data/crash-7.2.8/ppc64.c:2881:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s", buf1);
data/crash-7.2.8/ppc64.c:3177:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, GDB_PATCHED() ?
data/crash-7.2.8/ppc64.c:3224:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, machdep->cmdline_args[index]);
data/crash-7.2.8/ramdump.c:110:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "creating ELF dumpfile: %s", out_elf);
data/crash-7.2.8/remote.c:245:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sendbuf, recvbuf);
data/crash-7.2.8/remote.c:262:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sendbuf, buf1);
data/crash-7.2.8/remote.c:267:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sendbuf, buf1);
data/crash-7.2.8/remote.c:279:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:299:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", FAILMSG,
data/crash-7.2.8/remote.c:303:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", DONEMSG,(ulong)len);
data/crash-7.2.8/remote.c:313:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:329:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", DONEMSG,(ulong)len); console("(%ld)\n", (ulong)len);
data/crash-7.2.8/remote.c:331:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", FAILMSG,
data/crash-7.2.8/remote.c:341:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:359:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", DONEMSG,
data/crash-7.2.8/remote.c:363:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", FAILMSG,
data/crash-7.2.8/remote.c:374:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:388:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s%s", savebuf,
data/crash-7.2.8/remote.c:397:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:416:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s <FAIL>", savebuf);
data/crash-7.2.8/remote.c:428:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %s %d",
data/crash-7.2.8/remote.c:436:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:441:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s <FAIL>", savebuf);
data/crash-7.2.8/remote.c:443:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s ELF", savebuf);
data/crash-7.2.8/remote.c:445:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s DEVMEM", savebuf);
data/crash-7.2.8/remote.c:447:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s NETDUMP", savebuf);
data/crash-7.2.8/remote.c:449:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s MCLXCD", savebuf);
data/crash-7.2.8/remote.c:451:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s LKCD", savebuf);
data/crash-7.2.8/remote.c:453:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s S390D", savebuf);
data/crash-7.2.8/remote.c:455:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s UNSUPPORTED", savebuf);
data/crash-7.2.8/remote.c:464:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:468:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf,
data/crash-7.2.8/remote.c:472:23: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(readbuf, "r"))) {
data/crash-7.2.8/remote.c:476:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sendbuf, readbuf);
data/crash-7.2.8/remote.c:478:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s <FAIL>", savebuf);
data/crash-7.2.8/remote.c:481:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s <FAIL>", savebuf);
data/crash-7.2.8/remote.c:490:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:499:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "/usr/bin/gzip -c %s", file);
data/crash-7.2.8/remote.c:501:37: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(readbuf, "r")) == NULL) {
data/crash-7.2.8/remote.c:502:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", FAILMSG,
data/crash-7.2.8/remote.c:520:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld",
data/crash-7.2.8/remote.c:524:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", FAILMSG,
data/crash-7.2.8/remote.c:528:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld",
data/crash-7.2.8/remote.c:547:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s <FAIL>", recvbuf);
data/crash-7.2.8/remote.c:556:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:560:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %s", savebuf,
data/crash-7.2.8/remote.c:570:26: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %d", recvbuf,
data/crash-7.2.8/remote.c:573:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %d", recvbuf,
data/crash-7.2.8/remote.c:576:26: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %d", recvbuf,
data/crash-7.2.8/remote.c:579:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %d", recvbuf,
data/crash-7.2.8/remote.c:582:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %d", recvbuf,
data/crash-7.2.8/remote.c:593:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %s", recvbuf, readbuf);
data/crash-7.2.8/remote.c:595:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s <FAIL>", recvbuf);
data/crash-7.2.8/remote.c:603:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:611:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %s %lx",
data/crash-7.2.8/remote.c:614:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %s %lx",
data/crash-7.2.8/remote.c:618:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s <FAIL>", savebuf);
data/crash-7.2.8/remote.c:626:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:631:26: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %lx", savebuf, total);
data/crash-7.2.8/remote.c:633:26: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s <FAIL>", savebuf);
data/crash-7.2.8/remote.c:641:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:668:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %d", savebuf, retval);
data/crash-7.2.8/remote.c:675:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:685:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", FAILMSG,
data/crash-7.2.8/remote.c:717:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld",
data/crash-7.2.8/remote.c:721:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", FAILMSG,
data/crash-7.2.8/remote.c:725:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld",
data/crash-7.2.8/remote.c:740:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:754:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %s", savebuf,
data/crash-7.2.8/remote.c:759:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sendbuf, readbuf);
data/crash-7.2.8/remote.c:768:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:773:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %s", savebuf,
data/crash-7.2.8/remote.c:779:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sendbuf, readbuf);
data/crash-7.2.8/remote.c:785:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sendbuf, readbuf);
data/crash-7.2.8/remote.c:794:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:815:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", DONEMSG,(ulong)len);
data/crash-7.2.8/remote.c:818:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", FAILMSG,
data/crash-7.2.8/remote.c:828:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:842:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %s", savebuf,
data/crash-7.2.8/remote.c:847:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sendbuf, readbuf);
data/crash-7.2.8/remote.c:853:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sendbuf, readbuf);
data/crash-7.2.8/remote.c:862:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:876:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s %s", savebuf,
data/crash-7.2.8/remote.c:881:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sendbuf, readbuf);
data/crash-7.2.8/remote.c:887:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sendbuf, readbuf);
data/crash-7.2.8/remote.c:896:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:915:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", DONEMSG,(ulong)len);
data/crash-7.2.8/remote.c:918:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", FAILMSG,
data/crash-7.2.8/remote.c:928:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savebuf, recvbuf);
data/crash-7.2.8/remote.c:937:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "echo � | %s", p3);
data/crash-7.2.8/remote.c:939:37: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(readbuf, "r")) == NULL) {
data/crash-7.2.8/remote.c:941:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", FAILMSG,
data/crash-7.2.8/remote.c:959:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld",
data/crash-7.2.8/remote.c:963:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld", FAILMSG,
data/crash-7.2.8/remote.c:967:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s%07ld",
data/crash-7.2.8/remote.c:982:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s OK", recvbuf);
data/crash-7.2.8/remote.c:988:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "%s <FAIL>", recvbuf);
data/crash-7.2.8/remote.c:1052:15: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)vsnprintf(output, BUFSIZE*2, fmt, ap);
data/crash-7.2.8/remote.c:1088:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "echo 'q' | /usr/bin/gdb %s", file);
data/crash-7.2.8/remote.c:1089:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(buf, "r")) == NULL)
data/crash-7.2.8/remote.c:1115:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen("/bin/cat /proc/version", "r")) == NULL)
data/crash-7.2.8/remote.c:1191:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "/usr/bin/file -L %s", s);
data/crash-7.2.8/remote.c:1192:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(buf, "r")) == NULL) {
data/crash-7.2.8/remote.c:1312:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(kernel, "%s%s", searchdirs[i], dp->d_name);
data/crash-7.2.8/remote.c:1319:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "/usr/bin/strings %s", kernel);
data/crash-7.2.8/remote.c:1320:23: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(command, "r")) == NULL) {
data/crash-7.2.8/remote.c:1344:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(namelist, kernel);
data/crash-7.2.8/remote.c:1404:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dirbuf, "/usr/src/%s", dp->d_name);
data/crash-7.2.8/remote.c:1416:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(searchdirs[cnt], "%s/", dirbuf);
data/crash-7.2.8/remote.c:1462:22: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(cmd, "r")) == NULL)
data/crash-7.2.8/remote.c:1476:29: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(cmd, "r")) == NULL)
data/crash-7.2.8/remote.c:1487:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mount_points[i], arglist[1]);
data/crash-7.2.8/remote.c:1658:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, line);
data/crash-7.2.8/remote.c:1662:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, p);
data/crash-7.2.8/remote.c:1706:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "%s/%s", DEFAULT_REDHAT_DEBUG_LOCATION, release);
data/crash-7.2.8/remote.c:1710:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir, "/lib/modules/%s", release);
data/crash-7.2.8/remote.c:1731:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command,
data/crash-7.2.8/remote.c:1735:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(command, "r")) == NULL)
data/crash-7.2.8/remote.c:1746:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retbuf, buf);
data/crash-7.2.8/remote.c:2067:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "TYPE %s", file);
data/crash-7.2.8/remote.c:2237:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "OPEN %s", rfp->filename);
data/crash-7.2.8/remote.c:2297:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, recvbuf);
data/crash-7.2.8/remote.c:2665:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "DEBUGGING_SYMBOLS %s", rfp->filename);
data/crash-7.2.8/remote.c:2669:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s@%s", rfp->filename, pc->server);
data/crash-7.2.8/remote.c:2724:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s@%s", p1, pc->server);
data/crash-7.2.8/remote.c:2731:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s@%s_%d", p1,pc->server, i);
data/crash-7.2.8/remote.c:2739:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p1, buf);
data/crash-7.2.8/remote.c:2778:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "LINUX_VERSION %s", rfp->filename);
data/crash-7.2.8/remote.c:2786:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "/usr/bin/strings %s | grep 'Linux version'",
data/crash-7.2.8/remote.c:2788:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(readbuf, "r"))) {
data/crash-7.2.8/remote.c:2821:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "SUM %s", rfp->filename);
data/crash-7.2.8/remote.c:2869:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s@%s", pc->server_memsrc, pc->server);
data/crash-7.2.8/remote.c:2876:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "%s", pc->namelist);
data/crash-7.2.8/remote.c:2907:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(local, rfp->filename);
data/crash-7.2.8/remote.c:2923:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(local, "%s@%s", basename(rfp->filename), pc->server);
data/crash-7.2.8/remote.c:2933:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rfp->local, local);
data/crash-7.2.8/remote.c:2936:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(local, "%s@%s_%d",
data/crash-7.2.8/remote.c:2970:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rfp->local, local);
data/crash-7.2.8/remote.c:3038:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(local, "%s@%s", basename(pc->server_memsrc), pc->server);
data/crash-7.2.8/remote.c:3098:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rfp->filename, p1);
data/crash-7.2.8/remote.c:3112:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "LKCD_DUMP_INIT %d %s", pc->rmfd, pc->server_memsrc);
data/crash-7.2.8/remote.c:3150:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "S390_DUMP_INIT %d %s", pc->rmfd, pc->server_memsrc);
data/crash-7.2.8/remote.c:3186:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "NETDUMP_INIT %d %s", pc->rmfd, pc->server_memsrc);
data/crash-7.2.8/remote.c:3293:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(recvbuf, "%s:FAIL", sendbuf);
data/crash-7.2.8/remote.c:3324:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "echo -n \'%s0%%)\'",
data/crash-7.2.8/remote.c:3334:42: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
sysret = system(readbuf);
data/crash-7.2.8/remote.c:3371:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(readbuf, "/usr/bin/gunzip > %s", pc->namelist);
data/crash-7.2.8/remote.c:3372:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((pipe = popen(readbuf, "w")) == NULL)
data/crash-7.2.8/remote.c:3376:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "READ_GZIP %ld %s", pc->rcvbufsize, rfp->filename);
data/crash-7.2.8/remote.c:3469:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(local, "%s@%s", basename(module), pc->server);
data/crash-7.2.8/remote.c:3482:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(local, "%s@%s", module, pc->server);
data/crash-7.2.8/remote.c:3486:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "FIND_MODULE %s %s",
data/crash-7.2.8/remote.c:3498:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(found, strtok(NULL, " ")); /* resultant path */
data/crash-7.2.8/remote.c:3514:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retbuf, rfp->local);
data/crash-7.2.8/remote.c:3548:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "MEMORY FREE %s", type);
data/crash-7.2.8/remote.c:3584:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "MEMORY USED %s", type);
data/crash-7.2.8/remote.c:3624:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "MEMORY_DUMP %ld %s%s", pc->rcvbufsize, type,
data/crash-7.2.8/remote.c:3811:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sendbuf, "EXECUTE %ld %s", pc->rcvbufsize, command);
data/crash-7.2.8/s390.c:501:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, arglist[0]);
data/crash-7.2.8/s390.c:502:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf3, arglist[2]);
data/crash-7.2.8/s390.c:988:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>", vaddr,
data/crash-7.2.8/s390.c:990:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", buf1, colon);
data/crash-7.2.8/s390.c:991:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inbuf, buf2);
data/crash-7.2.8/s390.c:994:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, inbuf);
data/crash-7.2.8/s390.c:1010:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>\n", value,
data/crash-7.2.8/s390.c:1013:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s", buf1);
data/crash-7.2.8/s390.c:1138:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, GDB_PATCHED() ?
data/crash-7.2.8/s390dbf.c:366:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
rc += sprintf(out_buf,
data/crash-7.2.8/s390dbf.c:372:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
rc += sprintf(out_buf,
data/crash-7.2.8/s390dbf.c:506:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
rc = sprintf(out_buf + rc, "%s", buf);
data/crash-7.2.8/s390dbf.c:513:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
rc = sprintf(out_buf + rc, buf, (uaddr_t)(inbuf_cpy[0]),
data/crash-7.2.8/s390dbf.c:1295:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path_view, "%s/%s/%s", dbf_dir_name, area_name, view_name);
data/crash-7.2.8/s390dbf.c:1319:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dir_name_area, "%s/%s", dbf_dir_name, area_name);
data/crash-7.2.8/s390x.c:466:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(keybuf, "%s=", key);
data/crash-7.2.8/s390x.c:1146:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, arglist[0]);
data/crash-7.2.8/s390x.c:1147:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf3, arglist[2]);
data/crash-7.2.8/s390x.c:1834:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>", vaddr,
data/crash-7.2.8/s390x.c:1836:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", buf1, colon);
data/crash-7.2.8/s390x.c:1837:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inbuf, buf2);
data/crash-7.2.8/s390x.c:1840:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, inbuf);
data/crash-7.2.8/s390x.c:1857:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>\n", value,
data/crash-7.2.8/s390x.c:1860:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s", buf1);
data/crash-7.2.8/s390x.c:1985:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, GDB_PATCHED() ?
data/crash-7.2.8/symbols.c:304:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirname, pc->namelist);
data/crash-7.2.8/symbols.c:317:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pc->debuginfo_file, "%s", pc->namelist_debug);
data/crash-7.2.8/symbols.c:340:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pc->debuginfo_file, "%s/%s", dirname, contents);
data/crash-7.2.8/symbols.c:357:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pc->debuginfo_file, "%s/.debug/%s", dirname, contents);
data/crash-7.2.8/symbols.c:374:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pc->debuginfo_file, "/usr/lib/debug/boot/%s", contents);
data/crash-7.2.8/symbols.c:549:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, name);
data/crash-7.2.8/symbols.c:560:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, name);
data/crash-7.2.8/symbols.c:850:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, syment.name);
data/crash-7.2.8/symbols.c:1427:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rodata, "__insmod_%s_S.rodata", name);
data/crash-7.2.8/symbols.c:1435:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lm->mod_name, name);
data/crash-7.2.8/symbols.c:1450:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", "_MODULE_START_", name);
data/crash-7.2.8/symbols.c:1499:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1,
data/crash-7.2.8/symbols.c:1519:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "__insmod_%s_O/", lm->mod_name);
data/crash-7.2.8/symbols.c:1553:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", "_MODULE_END_", name);
data/crash-7.2.8/symbols.c:1582:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "_MODULE_START_%s", lm->mod_name);
data/crash-7.2.8/symbols.c:1583:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "_MODULE_END_%s", lm->mod_name);
data/crash-7.2.8/symbols.c:1784:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lm->mod_name, mod_name);
data/crash-7.2.8/symbols.c:1822:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", "_MODULE_START_", mod_name);
data/crash-7.2.8/symbols.c:1832:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf3, "%s%s", "_MODULE_INIT_START_", mod_name);
data/crash-7.2.8/symbols.c:1894:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1,
data/crash-7.2.8/symbols.c:1967:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1,
data/crash-7.2.8/symbols.c:2014:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", "_MODULE_END_", mod_name);
data/crash-7.2.8/symbols.c:2024:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf4, "%s%s", "_MODULE_INIT_END_", mod_name);
data/crash-7.2.8/symbols.c:2054:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "_MODULE_START_%s", lm->mod_name);
data/crash-7.2.8/symbols.c:2055:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "_MODULE_END_%s", lm->mod_name);
data/crash-7.2.8/symbols.c:2056:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf3, "_MODULE_INIT_START_%s", lm->mod_name);
data/crash-7.2.8/symbols.c:2057:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf4, "_MODULE_INIT_END_%s", lm->mod_name);
data/crash-7.2.8/symbols.c:2575:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, s);
data/crash-7.2.8/symbols.c:2591:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, colon+2);
data/crash-7.2.8/symbols.c:2596:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s <%s+%ld>:\t%s",
data/crash-7.2.8/symbols.c:2599:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s <%s>:\t%s",
data/crash-7.2.8/symbols.c:2611:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, s);
data/crash-7.2.8/symbols.c:2628:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "<%s+%ld>\n",
data/crash-7.2.8/symbols.c:2631:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "<%s>\n", sp->name);
data/crash-7.2.8/symbols.c:2767:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(s1->name, "_MODULE_SECTION_START [%s]", sn1);
data/crash-7.2.8/symbols.c:2769:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(s1->name, "_MODULE_SECTION_END [%s]", sn1);
data/crash-7.2.8/symbols.c:2772:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(s2->name, "_MODULE_SECTION_START [%s]", sn2);
data/crash-7.2.8/symbols.c:2774:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(s2->name, "_MODULE_SECTION_END [%s]", sn2);
data/crash-7.2.8/symbols.c:3729:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tempname, "%s/%s_XXXXXX", tmpdir, basename(file));
data/crash-7.2.8/symbols.c:3739:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message, "uncompressing %s", file);
data/crash-7.2.8/symbols.c:3744:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "%s -c %s > %s",
data/crash-7.2.8/symbols.c:3750:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "%s -c %s > %s",
data/crash-7.2.8/symbols.c:3756:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "%s -c %s > %s",
data/crash-7.2.8/symbols.c:3762:6: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(command) < 0) {
data/crash-7.2.8/symbols.c:4231:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, (radix == 16) ? "+0x%lx" : "+%ld",
data/crash-7.2.8/symbols.c:4239:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, (radix == 16) ?
data/crash-7.2.8/symbols.c:4290:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s/%s",
data/crash-7.2.8/symbols.c:4337:41: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,
data/crash-7.2.8/symbols.c:4343:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "in %s module", lm->mod_name);
data/crash-7.2.8/symbols.c:4352:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, bfd_get_section_name(st->bfd,
data/crash-7.2.8/symbols.c:4746:28: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, radix == 16 ?
data/crash-7.2.8/symbols.c:4750:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", sp->name);
data/crash-7.2.8/symbols.c:4751:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, buf);
data/crash-7.2.8/symbols.c:4757:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "(%s module)", lm->mod_name);
data/crash-7.2.8/symbols.c:4760:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, radix == 16 ?
data/crash-7.2.8/symbols.c:4762:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, buf);
data/crash-7.2.8/symbols.c:5031:25: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, radix == 16 ? "%s+0x%lx" : "%s+%ld",
data/crash-7.2.8/symbols.c:5034:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", sp->name);
data/crash-7.2.8/symbols.c:5048:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, radix == 16 ?
data/crash-7.2.8/symbols.c:5053:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, radix == 16 ?
data/crash-7.2.8/symbols.c:5059:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "(%s)", locbuf);
data/crash-7.2.8/symbols.c:5061:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", locbuf);
data/crash-7.2.8/symbols.c:5064:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", locbuf);
data/crash-7.2.8/symbols.c:5174:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, &symbol[1]);
data/crash-7.2.8/symbols.c:5275:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, &symbol[1]);
data/crash-7.2.8/symbols.c:5481:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(old, "per_cpu__%s", symbol);
data/crash-7.2.8/symbols.c:5615:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, name);
data/crash-7.2.8/symbols.c:5631:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "struct %s", name);
data/crash-7.2.8/symbols.c:5636:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "union %s", name);
data/crash-7.2.8/symbols.c:5806:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "printf \"%%p\", &((struct %s *)0x0)->%s", name, member);
data/crash-7.2.8/symbols.c:5821:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "printf \"%%p\", &((union %s *)0x0)->%s", name, member);
data/crash-7.2.8/symbols.c:5954:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, s);
data/crash-7.2.8/symbols.c:6074:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s.", dm->name);
data/crash-7.2.8/symbols.c:6075:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf3, &buf1[2]);
data/crash-7.2.8/symbols.c:6078:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf2, buf3);
data/crash-7.2.8/symbols.c:6109:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(member, " *%s;", dm->member);
data/crash-7.2.8/symbols.c:6115:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(member, "**%s;", dm->member);
data/crash-7.2.8/symbols.c:6122:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(member, "(*%s)(", dm->member);
data/crash-7.2.8/symbols.c:6129:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(member, " %s;", dm->member);
data/crash-7.2.8/symbols.c:6133:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, typeptr);
data/crash-7.2.8/symbols.c:6267:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "p %s\n", sym);
data/crash-7.2.8/symbols.c:6269:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "p *((%s)(0x%lx))\n", typeptr, target);
data/crash-7.2.8/symbols.c:6514:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(structname, args[optind]);
data/crash-7.2.8/symbols.c:6518:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(members, separator+1);
data/crash-7.2.8/symbols.c:7137:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "whatis %s", s);
data/crash-7.2.8/symbols.c:7213:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, s);
data/crash-7.2.8/symbols.c:7373:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "whatis %s", expr);
data/crash-7.2.8/symbols.c:7390:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(GETBUF(len + 1), p);
data/crash-7.2.8/symbols.c:7454:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(leader, "per_cpu(%s, %u)",
data/crash-7.2.8/symbols.c:7460:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(leader, "&per_cpu(%s, %u)",
data/crash-7.2.8/symbols.c:7533:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, args[0]);
data/crash-7.2.8/symbols.c:7648:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "output *(%s *)0x%lx", s, addr);
data/crash-7.2.8/symbols.c:7650:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "output *(struct %s *)0x%lx", s, addr);
data/crash-7.2.8/symbols.c:7671:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "output *(%s *)0x%lx", s, addr);
data/crash-7.2.8/symbols.c:7673:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "output *(union %s *)0x%lx", s, addr);
data/crash-7.2.8/symbols.c:7691:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookbuf, "ptype %s", st);
data/crash-7.2.8/symbols.c:7693:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookbuf, "ptype union %s", st);
data/crash-7.2.8/symbols.c:7695:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookbuf, "ptype struct %s", st);
data/crash-7.2.8/symbols.c:7713:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookbuf, "ptype %s", st);
data/crash-7.2.8/symbols.c:7729:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "whatis %s", sp->name);
data/crash-7.2.8/symbols.c:7862:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor1, " %s ", s);
data/crash-7.2.8/symbols.c:7863:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor2, " %s[", s);
data/crash-7.2.8/symbols.c:7915:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor1, " %s;", s);
data/crash-7.2.8/symbols.c:7916:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor2, "*%s;", s);
data/crash-7.2.8/symbols.c:7917:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor3, " %s[", s);
data/crash-7.2.8/symbols.c:7918:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor4, "*%s[", s);
data/crash-7.2.8/symbols.c:7919:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor5, " %s :", s);
data/crash-7.2.8/symbols.c:8102:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(pc->saved_fp, __VA_ARGS__); }
data/crash-7.2.8/symbols.c:8208:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(current->value, s_e);
data/crash-7.2.8/symbols.c:8285:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workbuf, inbuf);
data/crash-7.2.8/symbols.c:8339:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf1, *gdb_output_radix == 10 ?
data/crash-7.2.8/symbols.c:8342:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofp, fmt, " ");
data/crash-7.2.8/symbols.c:8360:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf1, *gdb_output_radix == 10 ? " [%ld]" : " [0x%lx]", offset);
data/crash-7.2.8/symbols.c:8362:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofp, fmt, buf1);
data/crash-7.2.8/symbols.c:8402:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(copy, s);
data/crash-7.2.8/symbols.c:8420:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "whatis %s", s);
data/crash-7.2.8/symbols.c:8436:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "ptype union %s", dm->name);
data/crash-7.2.8/symbols.c:8444:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "ptype struct %s", dm->name);
data/crash-7.2.8/symbols.c:8450:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor1, " %s[", dm->member);
data/crash-7.2.8/symbols.c:8451:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor2, "*%s[", dm->member);
data/crash-7.2.8/symbols.c:8648:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(revname, "%s_%s", pc->machine_type, uts->release);
data/crash-7.2.8/symbols.c:11167:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lm->mod_section_data[i].name, name);
data/crash-7.2.8/symbols.c:11432:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "__insmod_%s_S%s",
data/crash-7.2.8/symbols.c:11466:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "__insmod_%s_S", lm->mod_name);
data/crash-7.2.8/symbols.c:11535:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lm->mod_namelist, namelist);
data/crash-7.2.8/symbols.c:11616:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, " -s %s 0x%lx", secname,
data/crash-7.2.8/symbols.c:11628:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, " -s %s 0x%lx", secname, lm->mod_percpu);
data/crash-7.2.8/symbols.c:11666:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pbuf, " -s %s 0x%lx", secname, lm->mod_percpu);
data/crash-7.2.8/symbols.c:11671:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(req->buf, pbuf);
data/crash-7.2.8/symbols.c:11867:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "add-symbol-file %s 0x%lx %s",
data/crash-7.2.8/symbols.c:11878:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, " -s %s 0x%lx", section_name, section_vaddr);
data/crash-7.2.8/symbols.c:11883:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(req->buf, buf);
data/crash-7.2.8/symbols.c:12062:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lm->mod_namelist, namelist);
data/crash-7.2.8/symbols.c:12197:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, syminfo.name);
data/crash-7.2.8/symbols.c:12280:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "_MODULE_SECTION_START [%s]",
data/crash-7.2.8/symbols.c:12293:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "_MODULE_SECTION_END [%s]",
data/crash-7.2.8/symbols.c:12455:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(module_name, lm->mod_name);
data/crash-7.2.8/symbols.c:12897:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, (pc->flags & SILENT) || !(pc->flags & TTY) ? "" :
data/crash-7.2.8/symbols.c:12908:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, (pc->flags & SILENT) || !(pc->flags & TTY) ? "" :
data/crash-7.2.8/symbols.c:12973:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg,
data/crash-7.2.8/symbols.c:12996:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg, "invalid (optional) structure sizes: %s or %s",
data/crash-7.2.8/symbols.c:13024:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg, "invalid structure member offset: %s",
data/crash-7.2.8/symbols.c:13042:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errmsg, "invalid structure size: %s", item);
data/crash-7.2.8/symbols.c:13078:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s\n%s FILE: %s LINE: %d FUNCTION: %s()\n",
data/crash-7.2.8/symbols.c:13135:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, nm_call, thisfile);
data/crash-7.2.8/symbols.c:13136:23: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!(pipe = popen(buf, "r"))) {
data/crash-7.2.8/symbols.c:13162:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symbol, arglist[3]);
data/crash-7.2.8/symbols.c:13188:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, path);
data/crash-7.2.8/symbols.c:13195:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "%s/%s", tok, pc->program_name);
data/crash-7.2.8/symbols.c:13249:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "printm ((struct %s *)0x0).%s",
data/crash-7.2.8/symbols.c:13299:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ds->name, name);
data/crash-7.2.8/task.c:901:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, (pc->flags & SILENT) || !(pc->flags & TTY) ?
data/crash-7.2.8/task.c:948:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, (pc->flags & SILENT) || !(pc->flags & TTY) ? "" :
data/crash-7.2.8/task.c:1039:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, (pc->flags & SILENT) || !(pc->flags & TTY) ?
data/crash-7.2.8/task.c:1163:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, (pc->flags & SILENT) || !(pc->flags & TTY) ? "" :
data/crash-7.2.8/task.c:1200:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, (pc->flags & SILENT) || !(pc->flags & TTY) ?
data/crash-7.2.8/task.c:1359:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, (pc->flags & SILENT) || !(pc->flags & TTY) ? "" :
data/crash-7.2.8/task.c:3244:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ref->str, optarg);
data/crash-7.2.8/task.c:3282:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ref->str, args[optind]);
data/crash-7.2.8/task.c:3286:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ref->str, args[optind]);
data/crash-7.2.8/task.c:3347:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(refcopy, ref->str);
data/crash-7.2.8/task.c:3416:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor1, "%s %s = ",
data/crash-7.2.8/task.c:3421:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor2, "%s }},",
data/crash-7.2.8/task.c:3425:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lookfor2, "%s}", space(cnt));
data/crash-7.2.8/task.c:3928:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ps_state[s].string, buf);
data/crash-7.2.8/task.c:3955:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, pc->output_radix == 10 ? "%lld" : "%llx",
data/crash-7.2.8/task.c:3977:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, format, task_last_run(tcp->task));
data/crash-7.2.8/task.c:3984:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, format, task_last_run(tc->task));
data/crash-7.2.8/task.c:3990:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, format, task_last_run(tcp->task));
data/crash-7.2.8/task.c:4043:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, pc->output_radix == 10 ? "%lld" : "%llx",
data/crash-7.2.8/task.c:4416:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s",
data/crash-7.2.8/task.c:4421:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s",
data/crash-7.2.8/task.c:4424:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s",
data/crash-7.2.8/task.c:5383:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, pc->namelist);
data/crash-7.2.8/task.c:5730:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sTASK_INTERRUPTIBLE",
data/crash-7.2.8/task.c:5734:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sTASK_UNINTERRUPTIBLE",
data/crash-7.2.8/task.c:5738:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sTASK_STOPPED",
data/crash-7.2.8/task.c:5742:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sTASK_TRACED",
data/crash-7.2.8/task.c:5747:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sEXIT_DEAD|TASK_DEAD",
data/crash-7.2.8/task.c:5750:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sEXIT_DEAD",
data/crash-7.2.8/task.c:5755:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sEXIT_ZOMBIE",
data/crash-7.2.8/task.c:5759:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sTASK_WAKING",
data/crash-7.2.8/task.c:5763:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sTASK_WAKEKILL",
data/crash-7.2.8/task.c:5767:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sTASK_NOLOAD",
data/crash-7.2.8/task.c:5771:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sTASK_NEW",
data/crash-7.2.8/task.c:5776:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%sTASK_NONINTERACTIVE",
data/crash-7.2.8/task.c:5801:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "(unknown)" : "??");
data/crash-7.2.8/task.c:6019:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "(unknown)" : "?");
data/crash-7.2.8/task.c:7747:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7750:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7753:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7756:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7759:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7762:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7765:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7768:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7771:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7774:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7777:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7780:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7783:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7786:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7789:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7792:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7795:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7798:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7801:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7804:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:8522:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, \
data/crash-7.2.8/task.c:8532:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, \
data/crash-7.2.8/task.c:8544:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, \
data/crash-7.2.8/task.c:8783:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(arg_buf, optarg);
data/crash-7.2.8/task.c:8853:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, pc->output_radix == 10 ? "%llu" : "%llx",
data/crash-7.2.8/task.c:8878:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, format, timestamp);
data/crash-7.2.8/task.c:10186:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, buf);
data/crash-7.2.8/task.c:10454:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s", c++ ? " " : "",
data/crash-7.2.8/task.c:10458:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s%d",
data/crash-7.2.8/task.c:10461:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s%d",
data/crash-7.2.8/task.c:10464:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s", c++ ? " " : "",
data/crash-7.2.8/task.c:10531:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ref->str, optarg);
data/crash-7.2.8/task.c:10577:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ref->str, args[optind]);
data/crash-7.2.8/tools.c:53:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp_str, target);
data/crash-7.2.8/tools.c:109:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)vsnprintf(buf, BUFSIZE, fmt, ap);
data/crash-7.2.8/tools.c:452:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, line);
data/crash-7.2.8/tools.c:456:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, p);
data/crash-7.2.8/tools.c:568:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p, "%s%s", insert, where);
data/crash-7.2.8/tools.c:569:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(where, p);
data/crash-7.2.8/tools.c:1149:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, s);
data/crash-7.2.8/tools.c:1360:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, args[optind]);
data/crash-7.2.8/tools.c:1637:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, args[i]);
data/crash-7.2.8/tools.c:1724:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, opt);
data/crash-7.2.8/tools.c:2435:41: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->namelist, args[optind]);
data/crash-7.2.8/tools.c:2585:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], " in .%src file", pc->program_name);
data/crash-7.2.8/tools.c:2588:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[strlen(buf)], "%s ", args[i]);
data/crash-7.2.8/tools.c:2591:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, extra_message);
data/crash-7.2.8/tools.c:2729:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf1, args[optind]);
data/crash-7.2.8/tools.c:2772:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(work, s);
data/crash-7.2.8/tools.c:2880:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(work, p1+1);
data/crash-7.2.8/tools.c:2886:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(work, s);
data/crash-7.2.8/tools.c:3653:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(e->arg, arg);
data/crash-7.2.8/tools.c:3718:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case 1: fprintf(fp, buf, e->member[i], v.v8); break;
data/crash-7.2.8/tools.c:3719:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case 2: fprintf(fp, buf, e->member[i], v.v16); break;
data/crash-7.2.8/tools.c:3720:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case 4: fprintf(fp, buf, e->member[i], v.v32); break;
data/crash-7.2.8/tools.c:3721:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case 8: fprintf(fp, buf, e->member[i], v.v64); break;
data/crash-7.2.8/tools.c:4257:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(structname, ld->structname[idx]);
data/crash-7.2.8/tools.c:4261:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(members, p2);
data/crash-7.2.8/tools.c:4267:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(structname, arglist[i]);
data/crash-7.2.8/tools.c:4546:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(child_path, "%s/%d", path, off);
data/crash-7.2.8/tools.c:4698:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(child_path, "%s/%d", path, off);
data/crash-7.2.8/tools.c:4982:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_pos, "%s/l", pos);
data/crash-7.2.8/tools.c:5027:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_pos, "%s/l", pos);
data/crash-7.2.8/tools.c:5038:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_pos, "%s/r", pos);
data/crash-7.2.8/tools.c:5065:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(structname, td->structname[idx]);
data/crash-7.2.8/tools.c:5068:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(members, p1);
data/crash-7.2.8/tools.c:5074:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(structname, arglist[i]);
data/crash-7.2.8/tools.c:6036:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newstring, oldstring);
data/crash-7.2.8/tools.c:6161:15: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)vsnprintf(output, BUFSIZE*2, fmt, ap);
data/crash-7.2.8/tools.c:6193:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc->console, dev);
data/crash-7.2.8/tools.c:6361:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p1, p2);
data/crash-7.2.8/tools.c:6440:27: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
please_wait_len = sprintf(buf, "\rplease wait... (%s)", s);
data/crash-7.2.8/unwind.c:2342:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s",
data/crash-7.2.8/unwind.c:2349:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s%s", i ? ", " : "", buf2);
data/crash-7.2.8/unwind.c:2351:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, ",\n %s", buf2);
data/crash-7.2.8/va_server.c:433:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, fmt,
data/crash-7.2.8/vmware_vmss.c:442:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofp, LOGPRX"Memory dump is not part of this vmss file.\n");
data/crash-7.2.8/vmware_vmss.c:446:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofp, LOGPRX"Try to locate the companion vmem file ...\n");
data/crash-7.2.8/vmware_vmss.c:469:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofp, LOGPRX"vmem file: %s\n\n", vmem_filename);
data/crash-7.2.8/vmware_vmss.h:171:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf x; \
data/crash-7.2.8/x86.c:295:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "(%s)", buf1);
data/crash-7.2.8/x86.c:303:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf3, "(%s module)", name + strlen("_MODULE_START_"));
data/crash-7.2.8/x86.c:1212:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp,
data/crash-7.2.8/x86.c:1426:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, GDB_PATCHED() ?
data/crash-7.2.8/x86.c:2092:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, machdep->cmdline_args[index]);
data/crash-7.2.8/x86.c:3829:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, arglist[0]);
data/crash-7.2.8/x86.c:3830:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf3, arglist[2]);
data/crash-7.2.8/x86.c:3987:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", locbuf);
data/crash-7.2.8/x86.c:3994:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, locbuf);
data/crash-7.2.8/x86.c:4201:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>", vaddr,
data/crash-7.2.8/x86.c:4203:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", buf1, colon);
data/crash-7.2.8/x86.c:4204:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inbuf, buf2);
data/crash-7.2.8/x86.c:4207:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, inbuf);
data/crash-7.2.8/x86.c:4223:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>\n", value,
data/crash-7.2.8/x86.c:4226:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s", buf1);
data/crash-7.2.8/x86.c:4239:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, " <%s>\n",
data/crash-7.2.8/x86.c:4244:33: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s", buf1);
data/crash-7.2.8/x86.c:4584:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, arglist[i+1]);
data/crash-7.2.8/x86_64.c:2718:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, arglist[0]);
data/crash-7.2.8/x86_64.c:2719:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf3, arglist[2]);
data/crash-7.2.8/x86_64.c:3461:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofp, (*gdb_output_radix == 16) ?
data/crash-7.2.8/x86_64.c:4548:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofp,
data/crash-7.2.8/x86_64.c:4562:27: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofp, (*gdb_output_radix == 16) ?
data/crash-7.2.8/x86_64.c:5393:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", locbuf);
data/crash-7.2.8/x86_64.c:5400:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, locbuf);
data/crash-7.2.8/x86_64.c:5434:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>", vaddr,
data/crash-7.2.8/x86_64.c:5436:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf2, "%s%s", buf1, colon);
data/crash-7.2.8/x86_64.c:5437:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inbuf, buf2);
data/crash-7.2.8/x86_64.c:5440:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, inbuf);
data/crash-7.2.8/x86_64.c:5456:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "0x%lx <%s>\n", value,
data/crash-7.2.8/x86_64.c:5459:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s", buf1);
data/crash-7.2.8/x86_64.c:5475:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, " <%s>\n",
data/crash-7.2.8/x86_64.c:5478:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "%s", buf1);
data/crash-7.2.8/x86_64.c:5697:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s STACKS:\n", machdep->machspec->stkinfo.exception_stacks[i]);
data/crash-7.2.8/x86_64.c:5963:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, machdep->cmdline_args[index]);
data/crash-7.2.8/x86_64.c:6394:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(link_register, arglist[3]);
data/crash-7.2.8/x86_64.c:7776:18: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, (*gdb_output_radix == 16) ?
data/crash-7.2.8/x86_64.c:8453:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, buf);
data/crash-7.2.8/xen_hyper_command.c:226:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, " DID %s ST T ",
data/crash-7.2.8/xen_hyper_command.c:301:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf1, "%s%s%5d ", act, crash, dc->domain_id);
data/crash-7.2.8/xen_hyper_command.c:304:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf1[strlen(buf1)], "%s ",
data/crash-7.2.8/xen_hyper_command.c:306:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf1[strlen(buf1)], "%s ",
data/crash-7.2.8/xen_hyper_command.c:755:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%5d ", act, pcc->processor_id);
data/crash-7.2.8/xen_hyper_command.c:1267:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s%5d %5d ", act, crash, vcc->vcpu_id, vcc->processor);
data/crash-7.2.8/xen_hyper_command.c:1299:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "(unknown)" : "??");
data/crash-7.2.8/xen_hyper_command.c:1302:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "DOMAIN_SHUTDOWN" : "SF");
data/crash-7.2.8/xen_hyper_command.c:1304:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "DOMAIN_DYING" : "DY");
data/crash-7.2.8/xen_hyper_command.c:1306:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "DOMAIN_CTRL_PAUSE" : "CP");
data/crash-7.2.8/xen_hyper_command.c:1308:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "DOMAIN_POLLING" : "PO");
data/crash-7.2.8/xen_hyper_command.c:1310:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "DOMAIN_PAUSED" : "PA");
data/crash-7.2.8/xen_hyper_command.c:1312:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "DOMAIN_RUNNING" : "RU");
data/crash-7.2.8/xen_hyper_command.c:1316:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "DOMAIN_SHUTDOWN" : "SF");
data/crash-7.2.8/xen_hyper_command.c:1318:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "DOMAIN_SHUTTINGDOWN" : "SH");
data/crash-7.2.8/xen_hyper_command.c:1320:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "DOMAIN_DYING" : "DY");
data/crash-7.2.8/xen_hyper_command.c:1322:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "DOMAIN_CTRL_PAUSE" : "CP");
data/crash-7.2.8/xen_hyper_command.c:1324:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "DOMAIN_POLLING" : "PO");
data/crash-7.2.8/xen_hyper_command.c:1326:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "DOMAIN_RUNNING" : "RU");
data/crash-7.2.8/xen_hyper_command.c:1346:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "(unknown)" : "??");
data/crash-7.2.8/xen_hyper_command.c:1349:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "VCPU_RUNNING" : "RU");
data/crash-7.2.8/xen_hyper_command.c:1351:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "VCPU_BLOCKED" : "BL");
data/crash-7.2.8/xen_hyper_command.c:1353:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "VCPU_OFFLINE" : "OF");
data/crash-7.2.8/xen_hyper_command.c:1355:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "(unknown)" : "??");
data/crash-7.2.8/xen_hyper_command.c:1388:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "dom_io" : "O");
data/crash-7.2.8/xen_hyper_command.c:1391:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "dom_xen" : "X");
data/crash-7.2.8/xen_hyper_command.c:1394:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "idle domain" : "I");
data/crash-7.2.8/xen_hyper_command.c:1397:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "domain 0" : "0");
data/crash-7.2.8/xen_hyper_command.c:1400:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, verbose ? "domain U" : "U");
data/crash-7.2.8/xen_hyper_defs.h:826:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf args; \
data/crash-7.2.8/xendump.c:70:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s: open", file);
data/crash-7.2.8/xendump.c:1103:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, xd->xc_core.p2m_frames ? "\n" : "");
data/crash-7.2.8/xendump.c:1935:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, stack);
data/crash-7.2.8/xendump.c:1973:15: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)vsnprintf(buf, BUFSIZE, fmt, ap);
data/crash-7.2.8/alpha.c:2619:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "cxd")) != EOF) {
data/crash-7.2.8/arm.c:1647:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "cm")) != -1) {
data/crash-7.2.8/arm64.c:3529:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "cm")) != -1) {
data/crash-7.2.8/bpf.c:74:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "PMtTjsxdm:p:")) != EOF) {
data/crash-7.2.8/cmdline.c:211:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((path = getenv("PATH"))) {
data/crash-7.2.8/cmdline.c:385:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(env = getenv("CRASHPAGER")))
data/crash-7.2.8/configure.c:275:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "gsqnWwubdr:p:P:t:x:")) > 0) {
data/crash-7.2.8/configure.c:1288:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("SOURCE_DATE_EPOCH"))
data/crash-7.2.8/dev.c:115:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "dDpiVv:")) != EOF) {
data/crash-7.2.8/extensions.c:39:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "lu")) != EOF) {
data/crash-7.2.8/extensions.c:198:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env = getenv("CRASH_EXTENSIONS")))
data/crash-7.2.8/extensions.c:302:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env = getenv("CRASH_EXTENSIONS"))) {
data/crash-7.2.8/extensions.c:335:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env = getenv("CRASH_EXTENSIONS"))) {
data/crash-7.2.8/extensions/dminfo.c:1282:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "b:dlqst")) != EOF) {
data/crash-7.2.8/extensions/echo.c:57:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "")) != EOF) {
data/crash-7.2.8/extensions/snap.c:81:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "n")) != EOF) {
data/crash-7.2.8/extensions/trace.c:1692:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "smt")) != EOF) {
data/crash-7.2.8/extensions/trace.c:1769:50: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *trace_cmd = "trace-cmd", *env_trace_cmd = getenv("TRACE_CMD");
data/crash-7.2.8/filesys.c:1243:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "ifn:")) != EOF) {
data/crash-7.2.8/filesys.c:2268:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "d:R:p:c")) != EOF) {
data/crash-7.2.8/filesys.c:3391:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "")) != EOF) {
data/crash-7.2.8/help.c:536:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args,
data/crash-7.2.8/ia64.c:2319:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "cmxd")) != EOF) {
data/crash-7.2.8/ipcs.c:248:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "smMqn:")) != EOF) {
data/crash-7.2.8/kernel.c:1859:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "dxhulsrfUb:B:")) != EOF) {
data/crash-7.2.8/kernel.c:2478:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "D:fFI:S:c:aAloreEgstTdxR:Ovp")) != EOF) {
data/crash-7.2.8/kernel.c:3946:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "Rd:Ds:Sot")) != EOF) {
data/crash-7.2.8/kernel.c:4726:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!retbuf && (env = getenv("CRASH_MODULE_PATH"))) {
data/crash-7.2.8/kernel.c:4786:18: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
(namelist = realpath(pc->namelist_orig ?
data/crash-7.2.8/kernel.c:4915:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "tdma")) != EOF) {
data/crash-7.2.8/kernel.c:5307:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "ctip:")) != EOF) {
data/crash-7.2.8/kernel.c:6261:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "dbuasc:")) != EOF) {
data/crash-7.2.8/kernel.c:7478:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "rC:")) != EOF) {
data/crash-7.2.8/kvmdump.c:874:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "af")) != EOF) {
data/crash-7.2.8/main.c:91:13: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt_long(argc, argv, "Lkgh::e:i:sSvc:d:tfp:m:xo:",
data/crash-7.2.8/main.c:1172:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((p1 = getenv("EDITOR"))) {
data/crash-7.2.8/main.c:1189:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((p1 = getenv("HOME"))) {
data/crash-7.2.8/main.c:1559:43: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
fprintf(fp, "SCROLL_CRASHPAGER (%s)\n", getenv("CRASHPAGER"));
data/crash-7.2.8/memory.c:78:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ulong random;
data/crash-7.2.8/memory.c:1231:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "Raxme:r:pfudDusSNo:81:3:6:")) != EOF) {
data/crash-7.2.8/memory.c:1878:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "fukp81:3:6:")) != EOF) {
data/crash-7.2.8/memory.c:3061:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "ukc:")) != EOF) {
data/crash-7.2.8/memory.c:3308:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "")) != EOF) {
data/crash-7.2.8/memory.c:3447:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "f:pmvR:P:xdM:")) != EOF) {
data/crash-7.2.8/memory.c:4826:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "gI:sSrFfm:pvczCinl:L:PVoh")) != EOF) {
data/crash-7.2.8/memory.c:14074:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "Ttl:ukKVps:e:v:m:hwcx:")) != EOF) {
data/crash-7.2.8/memory.c:15529:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "")) != EOF) {
data/crash-7.2.8/memory.c:15994:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "")) != EOF) {
data/crash-7.2.8/memory.c:19230:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (si->random)
data/crash-7.2.8/memory.c:19232:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return (ptr ^ si->random ^ ptr_addr);
data/crash-7.2.8/mips.c:95:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "")) != EOF) {
data/crash-7.2.8/net.c:350:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, NETOPTS)) != EOF) {
data/crash-7.2.8/ppc.c:1777:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "")) != EOF) {
data/crash-7.2.8/ppc64.c:2986:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "cmo")) != EOF) {
data/crash-7.2.8/remote.c:82:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "vd:")) > 0) {
data/crash-7.2.8/s390.c:1038:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "cm")) != EOF) {
data/crash-7.2.8/s390dbf.c:1478:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "vs")) != EOF) {
data/crash-7.2.8/s390x.c:1885:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "cm")) != EOF) {
data/crash-7.2.8/sparc64.c:142:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "cdmx")) != EOF) {
data/crash-7.2.8/symbols.c:3723:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(tmpdir = getenv("TMPDIR")))
data/crash-7.2.8/symbols.c:4066:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "lLQ:q:npsMm:")) != EOF) {
data/crash-7.2.8/symbols.c:6346:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "pxdhfuc:rvol:")) != EOF) {
data/crash-7.2.8/symbols.c:7047:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "om:r:")) != EOF) {
data/crash-7.2.8/symbols.c:7248:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "dhxu")) != EOF) {
data/crash-7.2.8/symbols.c:13187:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((path = getenv("PATH"))) {
data/crash-7.2.8/task.c:3223:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "xdhR:")) != EOF) {
data/crash-7.2.8/task.c:3462:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "ASgstcpkuGlmarC:y:")) != EOF) {
data/crash-7.2.8/task.c:6383:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "R:vomlgersStTpukcfFxhdaGy:")) != EOF) {
data/crash-7.2.8/task.c:8754:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "dtTgmc:")) != EOF) {
data/crash-7.2.8/task.c:10520:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "lR:s:g")) != EOF) {
data/crash-7.2.8/test.c:37:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argcnt, args, "",
data/crash-7.2.8/test.c:82:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "")) != EOF) {
data/crash-7.2.8/tools.c:1842:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "pvc:a:")) != EOF) {
data/crash-7.2.8/tools.c:2143:40: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
fprintf(fp, "(CRASHPAGER: %s)\n", getenv("CRASHPAGER"));
data/crash-7.2.8/tools.c:2621:37: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
fprintf(fp, "(CRASHPAGER: %s)\n", getenv("CRASHPAGER"));
data/crash-7.2.8/tools.c:3351:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "BHhrs:S:e:o:xdl:")) != EOF) {
data/crash-7.2.8/tools.c:4296:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "xdt:r:o:s:S:plN")) != EOF) {
data/crash-7.2.8/x86.c:4305:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "cmxd")) != EOF) {
data/crash-7.2.8/x86_64.c:5595:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "cmxd")) != EOF) {
data/crash-7.2.8/xen_hyper_command.c:95:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "")) != EOF) {
data/crash-7.2.8/xen_hyper_command.c:171:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "")) != EOF) {
data/crash-7.2.8/xen_hyper_command.c:359:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "rt")) != EOF) {
data/crash-7.2.8/xen_hyper_command.c:570:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "")) != EOF) {
data/crash-7.2.8/xen_hyper_command.c:653:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "rt")) != EOF) {
data/crash-7.2.8/xen_hyper_command.c:788:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "v")) != EOF) {
data/crash-7.2.8/xen_hyper_command.c:925:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "c")) != EOF) {
data/crash-7.2.8/xen_hyper_command.c:1068:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "i")) != EOF) {
data/crash-7.2.8/xen_hyper_command.c:1157:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args, "i")) != EOF) {
data/crash-7.2.8/xen_hyper_dump_tables.c:55:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argcnt, args,
data/crash-7.2.8/alpha.c:205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/alpha.c:226:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(req->buf, "backtrace");
data/crash-7.2.8/alpha.c:276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/alpha.c:697:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p;
data/crash-7.2.8/alpha.c:923:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char regs[30][30];
data/crash-7.2.8/alpha.c:934:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/alpha.c:952:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/alpha.c:953:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/alpha.c:963:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r0_], " V0/R0: %016lx", value);
data/crash-7.2.8/alpha.c:967:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r1_], " T0/R1: %016lx", value);
data/crash-7.2.8/alpha.c:971:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r2_], " T1/R2: %016lx", value);
data/crash-7.2.8/alpha.c:975:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r3_], " T2/R3: %016lx", value);
data/crash-7.2.8/alpha.c:979:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r4_], " T3/R4: %016lx", value);
data/crash-7.2.8/alpha.c:983:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r5_], " T4/R5: %016lx", value);
data/crash-7.2.8/alpha.c:987:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r6_], " T5/R6: %016lx", value);
data/crash-7.2.8/alpha.c:991:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r7_], " T6/R7: %016lx", value);
data/crash-7.2.8/alpha.c:995:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r8_], " T7/R8: %016lx", value);
data/crash-7.2.8/alpha.c:999:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r19_], " A3/R19: %016lx", value);
data/crash-7.2.8/alpha.c:1003:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r20_], " A4/R20: %016lx", value);
data/crash-7.2.8/alpha.c:1007:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r21_], " A5/R21: %016lx", value);
data/crash-7.2.8/alpha.c:1011:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r22_], " T8/R22: %016lx", value);
data/crash-7.2.8/alpha.c:1015:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r23_], " T9/R23: %016lx", value);
data/crash-7.2.8/alpha.c:1019:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r24_], "T10/R24: %016lx", value);
data/crash-7.2.8/alpha.c:1023:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r25_], "T11/R25: %016lx", value);
data/crash-7.2.8/alpha.c:1027:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r26_], " RA/R26: %016lx", value);
data/crash-7.2.8/alpha.c:1031:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r27_], "T12/R27: %016lx", value);
data/crash-7.2.8/alpha.c:1035:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r28_], " AT/R28: %016lx", value);
data/crash-7.2.8/alpha.c:1039:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_hae_], " HAE: %016lx", value);
data/crash-7.2.8/alpha.c:1043:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_trap_a0_], "TRAP_A0: %016lx",
data/crash-7.2.8/alpha.c:1048:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_trap_a1_], "TRAP_A1: %016lx",
data/crash-7.2.8/alpha.c:1053:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_trap_a2_], "TRAP_A2: %016lx",
data/crash-7.2.8/alpha.c:1058:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_ps_], " PS: %016lx", value);
data/crash-7.2.8/alpha.c:1062:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_pc_], " PC: %016lx", value);
data/crash-7.2.8/alpha.c:1066:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_gp_], " GP/R29: %016lx", value);
data/crash-7.2.8/alpha.c:1070:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r16_], " A0/R16: %016lx", value);
data/crash-7.2.8/alpha.c:1074:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r17_], " A1/R17: %016lx", value);
data/crash-7.2.8/alpha.c:1078:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eframe.regs[_r18_], " A2/R18: %016lx", value);
data/crash-7.2.8/alpha.c:1237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[BUFSIZE];
data/crash-7.2.8/alpha.c:1238:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/alpha.c:1239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookfor1[BUFSIZE];
data/crash-7.2.8/alpha.c:1240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookfor2[BUFSIZE];
data/crash-7.2.8/alpha.c:1387:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(addr, "0x%lx", req->addr);
data/crash-7.2.8/alpha.c:1389:18: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
req->fp = pc->tmpfile;
data/crash-7.2.8/alpha.c:1391:15: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/alpha.c:1392:35: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/alpha.c:1401:12: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
pc->tmpfile);
data/crash-7.2.8/alpha.c:1454:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/alpha.c:1461:10: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (pc->tmpfile)
data/crash-7.2.8/alpha.c:1576:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/alpha.c:1577:41: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/alpha.c:1961:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE], *p1;
data/crash-7.2.8/alpha.c:2039:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/alpha.c:2040:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/alpha.c:2043:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAXARGS];
data/crash-7.2.8/alpha.c:2092:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/alpha.c:2094:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/alpha.c:2124:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/alpha.c:2125:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/alpha.c:2270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/alpha.c:2467:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/alpha.c:2468:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/alpha.c:2469:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/alpha.c:2470:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptebuf[BUFSIZE];
data/crash-7.2.8/alpha.c:2471:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char physbuf[BUFSIZE];
data/crash-7.2.8/alpha.c:2472:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/alpha.c:2483:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%lx", pte);
data/crash-7.2.8/alpha.c:2509:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(physbuf, "%llx", paddr);
data/crash-7.2.8/alpha.c:2662:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm.c:475:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/arm.c:476:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm.c:893:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptebuf[BUFSIZE];
data/crash-7.2.8/arm.c:894:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char physbuf[BUFSIZE];
data/crash-7.2.8/arm.c:895:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm.c:902:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%llx", lpae_pte);
data/crash-7.2.8/arm.c:906:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%lx", pte);
data/crash-7.2.8/arm.c:925:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(physbuf, "%llx", paddr);
data/crash-7.2.8/arm.c:971:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm.c:1120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm.c:1396:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/crash-7.2.8/arm.c:1436:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm.c:1483:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm.c:1510:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm.c:1569:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/arm.c:1570:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/arm.c:1573:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAXARGS];
data/crash-7.2.8/arm.c:1670:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm.c:1739:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm.c:1744:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen("/proc/iomem", "r")) == NULL)
data/crash-7.2.8/arm64.c:152:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
machdep->pagesize = atoi(string);
data/crash-7.2.8/arm64.c:382:33: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
machdep->max_physmem_bits = atol(string);
data/crash-7.2.8/arm64.c:776:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/arm64.c:777:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm64.c:886:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm64.c:901:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((iomem = fopen("/proc/iomem", "r")) == NULL)
data/crash-7.2.8/arm64.c:977:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm64.c:1009:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((iomem = fopen("/proc/iomem", "r")) == NULL)
data/crash-7.2.8/arm64.c:1069:32: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
machdep->section_size_bits = atol(string);
data/crash-7.2.8/arm64.c:1074:34: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
machdep->section_size_bits = atol(string);
data/crash-7.2.8/arm64.c:1919:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm64.c:1980:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm64.c:2032:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm64.c:2079:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm64.c:2801:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/arm64.c:2802:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/arm64.c:3001:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm64.c:3137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm64.c:3292:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/arm64.c:3293:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/arm64.c:3294:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/arm64.c:3295:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptebuf[BUFSIZE];
data/crash-7.2.8/arm64.c:3296:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char physbuf[BUFSIZE];
data/crash-7.2.8/arm64.c:3297:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/arm64.c:3308:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%lx", pte);
data/crash-7.2.8/arm64.c:3333:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(physbuf, "%lx", paddr);
data/crash-7.2.8/arm64.c:3457:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/arm64.c:3458:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/arm64.c:3461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAXARGS];
data/crash-7.2.8/arm64.c:3553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/arm64.c:3855:11: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atol(string);
data/crash-7.2.8/arm64.c:3976:12: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atol(string);
data/crash-7.2.8/bpf.c:34:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prog_hdr1[81];
data/crash-7.2.8/bpf.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map_hdr1[81];
data/crash-7.2.8/bpf.c:144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/bpf.c:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/bpf.c:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/bpf.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/bpf.c:214:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(bpf->prog_hdr1, " TAG USED_MAPS");
data/crash-7.2.8/bpf.c:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/bpf.c:335:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/bpf.c:336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/bpf.c:337:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/bpf.c:338:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/bpf.c:339:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE/2];
data/crash-7.2.8/bpf.c:469:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "x/%di 0x%lx", jited_len, bpf_func);
data/crash-7.2.8/bpf.c:471:16: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/bpf.c:472:37: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf1, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/bpf.c:632:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/bpf.c:633:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/bpf.c:639:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/bpf.c:640:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/bpf.c:662:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/bpf.c:663:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/bpf.c:686:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/bpf.c:687:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/bpf.c:693:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/bpf.c:694:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/bpf.c:698:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(arglist[2]) == type) {
data/crash-7.2.8/bpf.c:716:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/bpf.c:717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/bpf.c:723:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/bpf.c:724:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/bpf.c:728:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(arglist[2]) == map_type) {
data/crash-7.2.8/bpf.c:777:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], "%02x", (unsigned char)tag[i]);
data/crash-7.2.8/bpf.c:785:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/bpf.c:787:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(retbuf, "(unknown)");
data/crash-7.2.8/bpf.c:790:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "p (*(struct bpf_prog *)0x%lx).gpl_compatible", bpf_prog);
data/crash-7.2.8/bpf.c:792:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/bpf.c:793:33: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/bpf.c:795:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(retbuf, "yes");
data/crash-7.2.8/bpf.c:798:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(retbuf, "no");
data/crash-7.2.8/bpf.c:1051:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const bpf_class_string[8] = {
data/crash-7.2.8/bpf.c:1062:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const bpf_alu_string[16] = {
data/crash-7.2.8/bpf.c:1086:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const bpf_jmp_string[16] = {
data/crash-7.2.8/bpf.c:1114:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "map[id:%ld]",
data/crash-7.2.8/bpf.c:1117:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buff[strlen(buff)], " (%lx)",
data/crash-7.2.8/bpf.c:1131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char func_id_str[BUFSIZE];
data/crash-7.2.8/bpf.c:1251:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/crash-7.2.8/bpf.c:1268:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/crash-7.2.8/bpf.c:1276:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp, "unknown");
data/crash-7.2.8/bpf.c:1332:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(unknown)");
data/crash-7.2.8/cmdline.c:189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local[BUFSIZE];
data/crash-7.2.8/cmdline.c:297:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = atoi(p);
data/crash-7.2.8/cmdline.c:360:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *less_argv[5] = {
data/crash-7.2.8/cmdline.c:368:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *more_argv[2] = {
data/crash-7.2.8/cmdline.c:380:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/cmdline.c:599:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fopen(p, append ? "a+" : "w+")) == NULL) {
data/crash-7.2.8/cmdline.c:810:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/cmdline.c:811:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/cmdline.c:812:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookfor[BUFSIZE+2];
data/crash-7.2.8/cmdline.c:814:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/cmdline.c:833:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
(stp = fopen(buf1, "r"))) {
data/crash-7.2.8/cmdline.c:841:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(p_pid) == getpid())) {
data/crash-7.2.8/cmdline.c:842:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pc->pipe_shell_pid = atoi(pid);
data/crash-7.2.8/cmdline.c:847:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((atoi(p_pid) == getpid()) ||
data/crash-7.2.8/cmdline.c:848:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(p_pid) == pc->pipe_shell_pid)
data/crash-7.2.8/cmdline.c:849:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
|| (atoi(pgrp) == getpid()))) {
data/crash-7.2.8/cmdline.c:850:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pc->pipe_pid = atoi(pid);
data/crash-7.2.8/cmdline.c:890:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pc->pipe_pid = atoi(arglist[1]);
data/crash-7.2.8/cmdline.c:929:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (isatty(fileno(stdin)) && ((fd = open("/dev/tty", O_RDONLY)) >= 0)) {
data/crash-7.2.8/cmdline.c:1064:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sigbuf[20];
data/crash-7.2.8/cmdline.c:1069:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sigbuf, "SIGINT-%d", pc->sigint_cnt+1);
data/crash-7.2.8/cmdline.c:1076:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sigbuf, "%d", sig);
data/crash-7.2.8/cmdline.c:1167:10: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (pc->tmpfile)
data/crash-7.2.8/cmdline.c:1177:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/dev/tty", O_RDONLY)) < 0) {
data/crash-7.2.8/cmdline.c:1269:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/dev/tty", O_RDONLY)) < 0) {
data/crash-7.2.8/cmdline.c:1320:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char interp[2];
data/crash-7.2.8/cmdline.c:1323:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(s, O_RDONLY)) < 0)
data/crash-7.2.8/cmdline.c:1365:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/cmdline.c:1409:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->ifile = fopen(file, "r")) == NULL) {
data/crash-7.2.8/cmdline.c:1513:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/cmdline.c:1522:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias man help");
data/crash-7.2.8/cmdline.c:1526:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias ? help");
data/crash-7.2.8/cmdline.c:1530:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias quit q");
data/crash-7.2.8/cmdline.c:1534:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias sf set scroll off");
data/crash-7.2.8/cmdline.c:1538:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias sn set scroll on");
data/crash-7.2.8/cmdline.c:1542:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias hex set radix 16");
data/crash-7.2.8/cmdline.c:1546:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias dec set radix 10");
data/crash-7.2.8/cmdline.c:1550:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias g gdb");
data/crash-7.2.8/cmdline.c:1554:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias px p -x");
data/crash-7.2.8/cmdline.c:1558:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias pd p -d");
data/crash-7.2.8/cmdline.c:1562:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias for foreach");
data/crash-7.2.8/cmdline.c:1566:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias size *");
data/crash-7.2.8/cmdline.c:1570:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias dmesg log");
data/crash-7.2.8/cmdline.c:1574:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias lsmod mod");
data/crash-7.2.8/cmdline.c:1591:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/cmdline.c:1592:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/cmdline.c:1730:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/cmdline.c:1772:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "runtime");
data/crash-7.2.8/cmdline.c:1781:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "builtin");
data/crash-7.2.8/cmdline.c:1972:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/cmdline.c:1973:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufsave[BUFSIZE];
data/crash-7.2.8/cmdline.c:2092:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/cmdline.c:2093:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/cmdline.c:2100:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "/usr/bin/tty");
data/crash-7.2.8/cmdline.c:2114:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "ps -ef | grep ' %d '", getpid());
data/crash-7.2.8/cmdline.c:2124:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((argc >= 8) && (atoi(arglist[1]) == getpid())) {
data/crash-7.2.8/cmdline.c:2281:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/cmdline.c:2331:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/cmdline.c:2490:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/cmdline.c:2520:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/cmdline.c:2523:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *aif_args[MAXARGS];
data/crash-7.2.8/cmdline.c:2524:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *new_args[MAXARGS];
data/crash-7.2.8/cmdline.c:2525:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *orig_args[MAXARGS];
data/crash-7.2.8/cmdline.c:2526:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char orig_line[BUFSIZE];
data/crash-7.2.8/cmdline.c:2527:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *save_args[MAXARGS];
data/crash-7.2.8/cmdline.c:2528:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char save_line[BUFSIZE];
data/crash-7.2.8/cmdline.c:2530:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->args_ifile = fopen(aif->fileptr, "r")) == NULL)
data/crash-7.2.8/configure.c:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char program[MAXSTRLEN];
data/crash-7.2.8/configure.c:261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gdb_version[MAXSTRLEN];
data/crash-7.2.8/configure.c:262:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char release[MAXSTRLEN];
data/crash-7.2.8/configure.c:349:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[512];
data/crash-7.2.8/configure.c:526:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen("Makefile", "r")) == NULL) {
data/crash-7.2.8/configure.c:549:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(".rh_rpm_package", "r")) == NULL) {
data/crash-7.2.8/configure.c:572:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen("defs.h", "r")) == NULL) {
data/crash-7.2.8/configure.c:658:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/crash-7.2.8/configure.c:799:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/crash-7.2.8/configure.c:800:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gdb_files[MAXSTRLEN];
data/crash-7.2.8/configure.c:849:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/crash-7.2.8/configure.c:896:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(".rh_rpm_package", "w")) == NULL) {
data/crash-7.2.8/configure.c:911:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/crash-7.2.8/configure.c:932:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/crash-7.2.8/configure.c:982:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/crash-7.2.8/configure.c:1055:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((*fp1 = fopen("Makefile", "r")) == NULL) {
data/crash-7.2.8/configure.c:1062:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((*fp2 = fopen("Makefile.new", "w+")) == NULL) {
data/crash-7.2.8/configure.c:1186:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXSTRLEN];
data/crash-7.2.8/configure.c:1256:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[MAXSTRLEN];
data/crash-7.2.8/configure.c:1257:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char progname[MAXSTRLEN];
data/crash-7.2.8/configure.c:1258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf1[MAXSTRLEN];
data/crash-7.2.8/configure.c:1259:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf2[MAXSTRLEN];
data/crash-7.2.8/configure.c:1260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf3[MAXSTRLEN];
data/crash-7.2.8/configure.c:1269:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp4 = fopen("build_data.c", "w")) == NULL) {
data/crash-7.2.8/configure.c:1317:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/crash-7.2.8/configure.c:1437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[512];
data/crash-7.2.8/configure.c:1438:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/crash-7.2.8/configure.c:1447:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(".gdb", "r")) == NULL) {
data/crash-7.2.8/configure.c:1521:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crash_target[512];
data/crash-7.2.8/configure.c:1522:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/crash-7.2.8/configure.c:1541:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(crash_target, "r")) == NULL) {
data/crash-7.2.8/configure.c:1665:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[512];
data/crash-7.2.8/configure.c:1666:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/crash-7.2.8/configure.c:1671:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "r")) == NULL) {
data/crash-7.2.8/configure.c:1722:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[512];
data/crash-7.2.8/configure.c:1753:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_cflags = fopen("CFLAGS.extra", mode)) == NULL) {
data/crash-7.2.8/configure.c:1759:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp_ldflags = fopen("LDFLAGS.extra", mode)) == NULL) {
data/crash-7.2.8/defs.h:172:27: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define BCOPY(S, D, C) (memcpy(D, S, C))
data/crash-7.2.8/defs.h:438:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command_line[BUFSIZE]; /* possibly parsed input command line */
data/crash-7.2.8/defs.h:439:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char orig_line[BUFSIZE]; /* original input line */
data/crash-7.2.8/defs.h:441:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_tty[10]; /* real tty name (shown by ps -ef) */
data/crash-7.2.8/defs.h:456:8: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
FILE *tmpfile; /* tmpfile for selective data output */
data/crash-7.2.8/defs.h:471:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pipe_command[BUFSIZE]; /* pipe command line */
data/crash-7.2.8/defs.h:603:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysname[65];
data/crash-7.2.8/defs.h:604:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodename[65];
data/crash-7.2.8/defs.h:605:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char release[65];
data/crash-7.2.8/defs.h:606:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[65];
data/crash-7.2.8/defs.h:607:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char machine[65];
data/crash-7.2.8/defs.h:608:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domainname[65];
data/crash-7.2.8/defs.h:692:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_version[BUFSIZE];
data/crash-7.2.8/defs.h:805:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comm[TASK_COMM_LEN+1];
data/crash-7.2.8/defs.h:959:38: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define GET_STACK_DATA(OFF, LOC, SZ) memcpy((void *)(LOC), \
data/crash-7.2.8/defs.h:1030:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cmdline_args[MAX_MACHDEP_ARGS];
data/crash-7.2.8/defs.h:1170:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *comm_array[MAX_FOREACH_COMMS];
data/crash-7.2.8/defs.h:2575:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[MAXARGS];
data/crash-7.2.8/defs.h:2576:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argbuf[1];
data/crash-7.2.8/defs.h:2750:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_MOD_SEC_NAME];
data/crash-7.2.8/defs.h:2761:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mod_namelist[MAX_MOD_NAMELIST];
data/crash-7.2.8/defs.h:2762:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mod_name[MAX_MOD_NAME];
data/crash-7.2.8/defs.h:4770:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comm[MAX_PS_ARGS][TASK_COMM_LEN+1];
data/crash-7.2.8/defs.h:4801:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *args[MAXARGS];
data/crash-7.2.8/defs.h:5875:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *exception_stacks[MAX_EXCEPTION_STACKS];
data/crash-7.2.8/dev.c:155:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dd_index = atoi(optarg);
data/crash-7.2.8/dev.c:214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/dev.c:215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/dev.c:370:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(unknown)");
data/crash-7.2.8/dev.c:490:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/dev.c:556:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/dev.c:717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/dev.c:860:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/dev.c:861:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/dev.c:909:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "(unknown)");
data/crash-7.2.8/dev.c:972:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/dev.c:1001:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "(unknown)");
data/crash-7.2.8/dev.c:2334:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(id, "%x:%x", vendor, device);
data/crash-7.2.8/dev.c:2348:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(c, "%04x", class);
data/crash-7.2.8/dev.c:2385:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufidx = sprintf(t, "ENDPOINT");
data/crash-7.2.8/dev.c:2387:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufidx = sprintf(t, "LEG_END");
data/crash-7.2.8/dev.c:2389:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufidx = sprintf(t, "ROOT_PORT");
data/crash-7.2.8/dev.c:2391:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufidx = sprintf(t, "UPSTREAM");
data/crash-7.2.8/dev.c:2393:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufidx = sprintf(t, "DOWNSTREAM");
data/crash-7.2.8/dev.c:2395:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufidx = sprintf(t, "PCI_BRIDGE");
data/crash-7.2.8/dev.c:2397:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufidx = sprintf(t, "PCIE_BRIDGE");
data/crash-7.2.8/dev.c:2399:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufidx = sprintf(t, "RC_END");
data/crash-7.2.8/dev.c:2401:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufidx = sprintf(t, "RC_EC");
data/crash-7.2.8/dev.c:2405:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t + bufidx, " [BRIDGE]");
data/crash-7.2.8/dev.c:2414:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BUFSIZE], class[BUFSIZE], id[BUFSIZE], type[BUFSIZE];
data/crash-7.2.8/dev.c:2415:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcidev_hdr[BUFSIZE];
data/crash-7.2.8/dev.c:2416:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/dev.c:2417:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/dev.c:2418:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/dev.c:2419:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/dev.c:2420:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/dev.c:2494:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcibus_hdr[BUFSIZE];
data/crash-7.2.8/dev.c:2495:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/dev.c:2496:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/dev.c:2545:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BUFSIZE];
data/crash-7.2.8/dev.c:2546:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcirootbus_hdr[BUFSIZE];
data/crash-7.2.8/dev.c:2547:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/dev.c:2548:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/dev.c:2594:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/dev.c:2595:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/dev.c:2596:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/dev.c:3511:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "[PCI_CLASS %x]", class);
data/crash-7.2.8/dev.c:3942:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "[PCI_VENDOR %x]", vendor);
data/crash-7.2.8/dev.c:3959:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "[PCI_DEVICE %x]", device);
data/crash-7.2.8/dev.c:4431:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char disk_name[BUFSIZE + 1];
data/crash-7.2.8/dev.c:4432:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf0[BUFSIZE];
data/crash-7.2.8/dev.c:4433:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/dev.c:4434:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/dev.c:4435:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/dev.c:4436:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/dev.c:4437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/dev.c:4493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf0[BUFSIZE];
data/crash-7.2.8/dev.c:4494:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/dev.c:4495:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/dev.c:4496:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/dev.c:4497:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/dev.c:4498:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/dev.c:4607:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmpfp = fopen(dump_file, "w");
data/crash-7.2.8/dev.c:4631:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/diskdump.c:202:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, dd_list, sz*num_dd);
data/crash-7.2.8/diskdump.c:265:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file, O_RDONLY);
data/crash-7.2.8/diskdump.c:741:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dd->dumpable_bitmap, dd->bitmap + bitmap_len/2,
data/crash-7.2.8/diskdump.c:744:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dd->dumpable_bitmap, dd->bitmap, bitmap_len);
data/crash-7.2.8/diskdump.c:1230:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dd->page_cache_hdr[i].pg_bufptr,
data/crash-7.2.8/diskdump.c:1343:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bufptr, dd->curbufptr + page_offset, cnt);
data/crash-7.2.8/diskdump.c:2204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[BUFSIZE];
data/crash-7.2.8/diskdump.c:2568:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/diskdump.h:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[SIG_LEN]; /* = "DISKDUMP" */
data/crash-7.2.8/extensions.c:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/extensions.c:193:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/extensions.c:343:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dirbuf, "/usr/lib64/crash/extensions");
data/crash-7.2.8/extensions.c:348:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dirbuf, "/usr/lib/crash/extensions");
data/crash-7.2.8/extensions.c:352:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dirbuf, "./extensions");
data/crash-7.2.8/extensions.c:365:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirbuf[BUFSIZE];
data/crash-7.2.8/extensions.c:366:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[BUFSIZE*2];
data/crash-7.2.8/extensions.c:411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/extensions/dminfo.c:379:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devt[BUFSIZE];
data/crash-7.2.8/extensions/dminfo.c:441:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/extensions/dminfo.c:485:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/extensions/dminfo.c:591:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BUFSIZE];
data/crash-7.2.8/extensions/dminfo.c:605:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "none");
data/crash-7.2.8/extensions/dminfo.c:666:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], path_status;
data/crash-7.2.8/extensions/dminfo.c:680:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "none");
data/crash-7.2.8/extensions/dminfo.c:702:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "disabled");
data/crash-7.2.8/extensions/dminfo.c:706:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "active");
data/crash-7.2.8/extensions/dminfo.c:708:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "enabled");
data/crash-7.2.8/extensions/dminfo.c:795:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *chainmode;
data/crash-7.2.8/extensions/dminfo.c:901:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/extensions/dminfo.c:980:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char orig_name[BUFSIZE], cow_name[BUFSIZE], type;
data/crash-7.2.8/extensions/dminfo.c:1039:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/extensions/dminfo.c:1102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/extensions/dminfo.c:1134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/extensions/dminfo.c:1192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/extensions/dminfo.c:1254:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/extensions/snap.c:105:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ((fd = open(args[optind], O_RDWR|O_CREAT, 0644)) < 0)
data/crash-7.2.8/extensions/snap.c:192:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pr_fname[16]; /* filename of executable */
data/crash-7.2.8/extensions/snap.c:193:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pr_psargs[ELF_PRARGSZ]; /* initial part of arg list */
data/crash-7.2.8/extensions/snap.c:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[72];
data/crash-7.2.8/extensions/snap.c:234:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[112];
data/crash-7.2.8/extensions/snap.c:262:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[112];
data/crash-7.2.8/extensions/snap.c:352:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[112];
data/crash-7.2.8/extensions/snap.c:375:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[112];
data/crash-7.2.8/extensions/snap.c:401:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + len, name, note->n_namesz);
data/crash-7.2.8/extensions/snap.c:404:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + len, desc, note->n_descsz);
data/crash-7.2.8/extensions/snap.c:462:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(elf->e_ident, ELFMAG, SELFMAG);
data/crash-7.2.8/extensions/snap.c:603:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prpsinfo.pr_fname, "vmlinux");
data/crash-7.2.8/extensions/snap.c:668:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p1, *p2;
data/crash-7.2.8/extensions/snap.c:671:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((iomem = fopen("/proc/iomem", "r")) == NULL)
data/crash-7.2.8/extensions/trace.c:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NAME_MAX + 1];
data/crash-7.2.8/extensions/trace.c:627:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[128];
data/crash-7.2.8/extensions/trace.c:804:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/crash-7.2.8/extensions/trace.c:823:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, O_WRONLY | O_CREAT, 0644);
data/crash-7.2.8/extensions/trace.c:1067:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_name[128], field_type[128];
data/crash-7.2.8/extensions/trace.c:1295:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[MIN_PAGE_SIZE], *ret_buf = NULL;
data/crash-7.2.8/extensions/trace.c:1312:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_buf + size, strbuf, cnt2);
data/crash-7.2.8/extensions/trace.c:1404:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128], system[128], *print_fmt;
data/crash-7.2.8/extensions/trace.c:1484:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format_path[PATH_MAX];
data/crash-7.2.8/extensions/trace.c:1491:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(format_path, "w");
data/crash-7.2.8/extensions/trace.c:1562:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/crash-7.2.8/extensions/trace.c:1588:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/crash-7.2.8/extensions/trace.c:1594:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(path, "w");
data/crash-7.2.8/extensions/trace.c:1608:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/crash-7.2.8/extensions/trace.c:1614:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(path, "w");
data/crash-7.2.8/extensions/trace.c:1645:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/crash-7.2.8/extensions/trace.c:1690:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char instance_path[PATH_MAX];
data/crash-7.2.8/extensions/trace.c:1714:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(trace_dat, O_WRONLY | O_CREAT
data/crash-7.2.8/extensions/trace.c:1767:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/crash-7.2.8/extensions/trace.c:1797:7: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(tmp);
data/crash-7.2.8/extensions/trace.c:1973:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/crash-7.2.8/extensions/trace.c:2225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[4096];
data/crash-7.2.8/filesys.c:90:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->nullfp = fopen("/dev/null", "w+")) == NULL)
data/crash-7.2.8/filesys.c:128:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->nfd = open(pc->namelist, O_RDONLY)) < 0)
data/crash-7.2.8/filesys.c:191:33: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->mfd = open("/dev/mem", O_RDWR)) < 0) {
data/crash-7.2.8/filesys.c:192:41: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->mfd = open("/dev/mem", O_RDONLY)) < 0)
data/crash-7.2.8/filesys.c:198:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->mfd = open("/proc/kcore", O_RDONLY)) < 0)
data/crash-7.2.8/filesys.c:245:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->dfd = open(pc->dumpfile, O_RDONLY)) < 0)
data/crash-7.2.8/filesys.c:271:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZE], *p1, *p2;
data/crash-7.2.8/filesys.c:326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirbuf[BUFSIZE];
data/crash-7.2.8/filesys.c:328:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *default_searchdirs[DEFAULT_SEARCHDIRS+1] = {
data/crash-7.2.8/filesys.c:492:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "/lib/modules/");
data/crash-7.2.8/filesys.c:500:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "/build");
data/crash-7.2.8/filesys.c:513:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "/usr/src/redhat/BUILD/kernel-");
data/crash-7.2.8/filesys.c:521:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "/linux");
data/crash-7.2.8/filesys.c:534:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "/usr/src/redhat/BUILD/kernel-");
data/crash-7.2.8/filesys.c:542:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "/linux-");
data/crash-7.2.8/filesys.c:583:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kernel[BUFSIZE];
data/crash-7.2.8/filesys.c:584:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZE];
data/crash-7.2.8/filesys.c:683:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/filesys.c:684:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/filesys.c:685:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mntfile[BUFSIZE];
data/crash-7.2.8/filesys.c:697:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mntfile, "/proc/mounts");
data/crash-7.2.8/filesys.c:699:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mntfile, "/etc/mtab");
data/crash-7.2.8/filesys.c:703:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((mp = fopen(mntfile, "r")) == NULL)
data/crash-7.2.8/filesys.c:717:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((mp = fopen(mntfile, "r")) == NULL)
data/crash-7.2.8/filesys.c:726:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((mount_points[i] = (char *)
data/crash-7.2.8/filesys.c:778:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((version = fopen("/proc/version", "r")) == NULL)
data/crash-7.2.8/filesys.c:802:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char system_map[BUFSIZE];
data/crash-7.2.8/filesys.c:828:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(system_map, "/boot/System.map");
data/crash-7.2.8/filesys.c:887:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZE];
data/crash-7.2.8/filesys.c:946:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file, O_RDONLY)) < 0)
data/crash-7.2.8/filesys.c:967:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MIN_PAGE_SIZE];
data/crash-7.2.8/filesys.c:971:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file, O_RDONLY)) < 0)
data/crash-7.2.8/filesys.c:1013:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[BUFSIZE];
data/crash-7.2.8/filesys.c:1014:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/filesys.c:1076:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(filename, O_RDONLY)) < 0)
data/crash-7.2.8/filesys.c:1102:17: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (pc->tmpfile)
data/crash-7.2.8/filesys.c:1106:28: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if ((pc->tmp_fp = tmpfile()) == NULL)
data/crash-7.2.8/filesys.c:1110:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fflush(pc->tmpfile);
data/crash-7.2.8/filesys.c:1116:11: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fp = pc->tmpfile;
data/crash-7.2.8/filesys.c:1122:17: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (pc->tmpfile)
data/crash-7.2.8/filesys.c:1125:28: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if ((pc->tmpfile = tmpfile()) == NULL) {
data/crash-7.2.8/filesys.c:1129:26: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fp = pc->tmpfile;
data/crash-7.2.8/filesys.c:1144:10: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (pc->tmpfile) {
data/crash-7.2.8/filesys.c:1145:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fflush(pc->tmpfile);
data/crash-7.2.8/filesys.c:1146:30: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
ret = ftruncate(fileno(pc->tmpfile), 0);
data/crash-7.2.8/filesys.c:1147:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/filesys.c:1157:17: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (pc->tmpfile) {
data/crash-7.2.8/filesys.c:1159:28: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fclose(pc->tmpfile);
data/crash-7.2.8/filesys.c:1182:29: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if ((pc->tmpfile2 = tmpfile()) == NULL)
data/crash-7.2.8/filesys.c:1220:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mount_hdr[BUFSIZE] = { 0 };
data/crash-7.2.8/filesys.c:1230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/filesys.c:1231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/filesys.c:1232:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS*2];
data/crash-7.2.8/filesys.c:1305:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/filesys.c:1308:35: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf1, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/filesys.c:1355:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fp = pc->tmpfile;
data/crash-7.2.8/filesys.c:1375:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE*2];
data/crash-7.2.8/filesys.c:1376:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/filesys.c:1377:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/filesys.c:1378:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE/2];
data/crash-7.2.8/filesys.c:1387:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mount_files_header[BUFSIZE];
data/crash-7.2.8/filesys.c:1506:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf3, "unknown ");
data/crash-7.2.8/filesys.c:1676:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[BUFSIZE];
data/crash-7.2.8/filesys.c:1677:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/filesys.c:1678:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/filesys.c:1679:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/filesys.c:2190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[BUFSIZE];
data/crash-7.2.8/filesys.c:2191:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/filesys.c:2192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/filesys.c:2409:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char root_pathname[BUFSIZE];
data/crash-7.2.8/filesys.c:2410:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd_pathname[BUFSIZE];
data/crash-7.2.8/filesys.c:2411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char files_header[BUFSIZE];
data/crash-7.2.8/filesys.c:2412:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/filesys.c:2413:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/filesys.c:2414:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/filesys.c:2415:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/filesys.c:2416:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char root_pwd[BUFSIZE*4];
data/crash-7.2.8/filesys.c:2665:18: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/filesys.c:2667:12: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
pc->tmpfile);
data/crash-7.2.8/filesys.c:2707:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/filesys.c:2708:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/filesys.c:2753:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nlm_files_header[BUFSIZE] = { 0 };
data/crash-7.2.8/filesys.c:2768:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/filesys.c:2769:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/filesys.c:2872:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[BUFSIZE];
data/crash-7.2.8/filesys.c:2874:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/filesys.c:2875:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/filesys.c:2876:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/filesys.c:3070:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/filesys.c:3071:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[BUFSIZE];
data/crash-7.2.8/filesys.c:3384:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char task_buf[BUFSIZE];
data/crash-7.2.8/filesys.c:3385:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/filesys.c:3386:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uses[20];
data/crash-7.2.8/filesys.c:3387:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fuser_header[BUFSIZE];
data/crash-7.2.8/filesys.c:3427:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/filesys.c:3429:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/filesys.c:3449:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(uses, "root ");
data/crash-7.2.8/filesys.c:3454:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(uses, "cwd ");
data/crash-7.2.8/filesys.c:3457:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(uses, "cwd ");
data/crash-7.2.8/filesys.c:3478:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(uses, "fd ");
data/crash-7.2.8/filesys.c:3482:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(uses, "mmap ");
data/crash-7.2.8/filesys.c:3507:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pid[10];
data/crash-7.2.8/filesys.c:3508:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char task[20];
data/crash-7.2.8/filesys.c:3509:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[20];
data/crash-7.2.8/filesys.c:3558:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/filesys.c:3559:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/filesys.c:3567:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((mp = fopen("/proc/meminfo", "r")) == NULL)
data/crash-7.2.8/filesys.c:3578:17: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freeswap = (atol(arglist[1]) * 1024)/PAGESIZE();
data/crash-7.2.8/filesys.c:3585:44: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freemem = (atol(arglist[1]) * 1024)/PAGESIZE();
data/crash-7.2.8/filesys.c:3592:45: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
memtotal = (atol(arglist[1]) * 1024)/PAGESIZE();
data/crash-7.2.8/filesys.c:3599:45: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
swaptotal = (atol(arglist[1]) * 1024)/PAGESIZE();
data/crash-7.2.8/filesys.c:3650:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/filesys.c:3651:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modname1[BUFSIZE/2];
data/crash-7.2.8/filesys.c:3652:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modname2[BUFSIZE/2];
data/crash-7.2.8/filesys.c:3707:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, ".xz");
data/crash-7.2.8/filesys.c:3758:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/filesys.c:3759:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/filesys.c:3761:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((modules = fopen("/proc/modules", "r")) == NULL) {
data/crash-7.2.8/filesys.c:3780:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*count = atoi(arglist[2]);
data/crash-7.2.8/filesys.c:3797:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/filesys.c:3798:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[BUFSIZE];
data/crash-7.2.8/filesys.c:3829:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/filesys.c:3830:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/filesys.c:3838:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((misc = fopen("/proc/misc", "r")) == NULL) {
data/crash-7.2.8/filesys.c:3845:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
minor = atoi(arglist[0]);
data/crash-7.2.8/filesys.c:3953:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->mfd = open(pc->memory_device, O_RDONLY)) < 0) {
data/crash-7.2.8/filesys.c:3969:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[BUFSIZE];
data/crash-7.2.8/filesys.c:4292:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(filename, O_RDONLY)) < 0) {
data/crash-7.2.8/filesys.c:4305:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[BUFSIZE];
data/crash-7.2.8/filesys.c:4355:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/filesys.c:4356:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/gdb_interface.c:261:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(req->buf, "print sysfs_mount, init_mm.mmap");
data/crash-7.2.8/gdb_interface.c:263:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(req->buf, "print init_mm.mmap");
data/crash-7.2.8/gdb_interface.c:286:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(req->buf, "set height 0");
data/crash-7.2.8/gdb_interface.c:291:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(req->buf, "set width 0");
data/crash-7.2.8/gdb_interface.c:440:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/gdb_interface.c:467:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (req->fp == pc->tmpfile)
data/crash-7.2.8/gdb_interface.c:542:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_PASS_THROUGH");
data/crash-7.2.8/gdb_interface.c:545:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_DATATYPE_INIT");
data/crash-7.2.8/gdb_interface.c:548:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_DISASSEMBLE");
data/crash-7.2.8/gdb_interface.c:551:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_GET_LINE_NUMBER");
data/crash-7.2.8/gdb_interface.c:558:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_GET_DATATYPE");
data/crash-7.2.8/gdb_interface.c:561:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_STACK_TRACE");
data/crash-7.2.8/gdb_interface.c:564:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_ALPHA_FRAME_OFFSET");
data/crash-7.2.8/gdb_interface.c:567:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_COMMAND_EXISTS");
data/crash-7.2.8/gdb_interface.c:570:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_FUNCTION_NUMARGS");
data/crash-7.2.8/gdb_interface.c:573:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_RESOLVE_TEXT_ADDR");
data/crash-7.2.8/gdb_interface.c:576:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_DEBUG_COMMAND");
data/crash-7.2.8/gdb_interface.c:579:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_ADD_SYMBOL_FILE");
data/crash-7.2.8/gdb_interface.c:582:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_DELETE_SYMBOL_FILE");
data/crash-7.2.8/gdb_interface.c:585:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_VERSION");
data/crash-7.2.8/gdb_interface.c:588:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_GET_SYMBOL_TYPE");
data/crash-7.2.8/gdb_interface.c:591:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_PATCH_SYMBOL_VALUES");
data/crash-7.2.8/gdb_interface.c:594:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_USER_PRINT_OPTION");
data/crash-7.2.8/gdb_interface.c:597:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_SET_CRASH_BLOCK");
data/crash-7.2.8/gdb_interface.c:600:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "GNU_GET_FUNCTION_RANGE");
data/crash-7.2.8/gdb_interface.c:606:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(?)\n");
data/crash-7.2.8/gdb_interface.c:779:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/gdb_interface.c:826:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locbuf[SIZEOF_32BIT], *p1;
data/crash-7.2.8/gdb_interface.c:954:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/gdb_interface.c:955:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/gdb_interface.c:1012:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BUFSIZE];
data/crash-7.2.8/global_data.c:63:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[MAXARGS]; /* argument array */
data/crash-7.2.8/help.c:7982:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ia64.c:292:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ia64.c:293:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/ia64.c:1247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ia64.c:1248:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/ia64.c:1249:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/ia64.c:1250:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptebuf[BUFSIZE];
data/crash-7.2.8/ia64.c:1251:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char physbuf[BUFSIZE];
data/crash-7.2.8/ia64.c:1252:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/ia64.c:1264:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%lx", pte);
data/crash-7.2.8/ia64.c:1290:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(physbuf, "%lx", paddr);
data/crash-7.2.8/ia64.c:1427:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/ia64.c:1428:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/ia64.c:1432:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAXARGS];
data/crash-7.2.8/ia64.c:1552:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p, *p1;
data/crash-7.2.8/ia64.c:1570:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/ia64.c:1573:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/ia64.c:1941:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p;
data/crash-7.2.8/ia64.c:1952:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/ia64.c:1955:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/ia64.c:2364:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ia64.c:3366:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ia64.c:3391:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE], buf2[BUFSIZE], *p1, *p2;
data/crash-7.2.8/ia64.c:3416:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, " (");
data/crash-7.2.8/ia64.c:3420:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2, "[NAT]");
data/crash-7.2.8/ia64.c:3425:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2, "%lx", arglist[i]);
data/crash-7.2.8/ia64.c:3431:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf1, ")\n");
data/crash-7.2.8/ia64.c:3510:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p;
data/crash-7.2.8/ia64.c:3861:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ia64.c:3876:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((iomem = fopen("/proc/iomem", "r")) == NULL)
data/crash-7.2.8/ibm_common.h:87:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char end_pad[0x1000-0x054]; /* 0x054 */
data/crash-7.2.8/ibm_common.h:98:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char end_string[8];
data/crash-7.2.8/ipcs.c:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *specified_value[MAXARGS];
data/crash-7.2.8/ipcs.c:238:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ipcs.c:346:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf0[BUFSIZE];
data/crash-7.2.8/ipcs.c:347:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/ipcs.c:348:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/ipcs.c:349:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/ipcs.c:350:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/ipcs.c:351:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/ipcs.c:352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf6[BUFSIZE];
data/crash-7.2.8/ipcs.c:353:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf7[BUFSIZE];
data/crash-7.2.8/ipcs.c:425:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf0[BUFSIZE];
data/crash-7.2.8/ipcs.c:426:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/ipcs.c:427:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/ipcs.c:428:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/ipcs.c:429:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/ipcs.c:430:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/ipcs.c:482:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf0[BUFSIZE];
data/crash-7.2.8/ipcs.c:483:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/ipcs.c:484:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/ipcs.c:485:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/ipcs.c:486:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/ipcs.c:487:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/ipcs.c:488:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf6[BUFSIZE];
data/crash-7.2.8/ipcs.c:714:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ipcs.c:715:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf0[BUFSIZE];
data/crash-7.2.8/ipcs.c:716:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/ipcs.c:717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/ipcs.c:718:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/ipcs.c:719:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/ipcs.c:720:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/ipcs.c:721:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf6[BUFSIZE];
data/crash-7.2.8/ipcs.c:722:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf7[BUFSIZE];
data/crash-7.2.8/ipcs.c:780:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ipcs.c:781:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf0[BUFSIZE];
data/crash-7.2.8/ipcs.c:782:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/ipcs.c:783:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/ipcs.c:784:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/ipcs.c:785:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/ipcs.c:786:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/ipcs.c:832:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ipcs.c:833:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf0[BUFSIZE];
data/crash-7.2.8/ipcs.c:834:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/ipcs.c:835:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/ipcs.c:836:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/ipcs.c:837:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/ipcs.c:838:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/ipcs.c:839:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf6[BUFSIZE];
data/crash-7.2.8/ipcs.c:882:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ipcs.c:941:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ipcs.c:986:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kaslr_helper.c:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[BUFSIZE], *ptr;
data/crash-7.2.8/kaslr_helper.c:161:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char e_ident[EI_NIDENT];
data/crash-7.2.8/kaslr_helper.c:198:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/crash-7.2.8/kernel.c:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p1, *p2, buf[BUFSIZE];
data/crash-7.2.8/kernel.c:272:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kt->kernel_version[0] = atoi(p1);
data/crash-7.2.8/kernel.c:278:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kt->kernel_version[1] = atoi(p1);
data/crash-7.2.8/kernel.c:285:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kt->kernel_version[2] = atoi(p1);
data/crash-7.2.8/kernel.c:414:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (kt->cpus_override && (c = atoi(kt->cpus_override))) {
data/crash-7.2.8/kernel.c:422:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kt->cpus_override && atoi(kt->cpus_override) ?
data/crash-7.2.8/kernel.c:823:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map_symbol[32];
data/crash-7.2.8/kernel.c:846:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map_symbol[32];
data/crash-7.2.8/kernel.c:874:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map_symbol[32];
data/crash-7.2.8/kernel.c:1027:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:1030:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/kernel.c:1115:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kt->gcc_version[0] = atoi(arglist[0]);
data/crash-7.2.8/kernel.c:1116:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kt->gcc_version[1] = atoi(arglist[1]);
data/crash-7.2.8/kernel.c:1119:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kt->gcc_version[0] = atoi(arglist[0]);
data/crash-7.2.8/kernel.c:1120:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kt->gcc_version[1] = atoi(arglist[1]);
data/crash-7.2.8/kernel.c:1121:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kt->gcc_version[2] = atoi(arglist[2]);
data/crash-7.2.8/kernel.c:1151:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:1161:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "ptype spinlock_t");
data/crash-7.2.8/kernel.c:1284:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[BUFSIZE];
data/crash-7.2.8/kernel.c:1285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZE/2];
data/crash-7.2.8/kernel.c:1286:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer2[BUFSIZE/2];
data/crash-7.2.8/kernel.c:1287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer3[BUFSIZE/2];
data/crash-7.2.8/kernel.c:1288:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer4[BUFSIZE/2];
data/crash-7.2.8/kernel.c:1289:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer5[BUFSIZE*2];
data/crash-7.2.8/kernel.c:1318:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer3, "(unknown)");
data/crash-7.2.8/kernel.c:1424:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[BUFSIZE*2];
data/crash-7.2.8/kernel.c:1425:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:1455:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:1456:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:1457:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE*2];
data/crash-7.2.8/kernel.c:1458:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[BUFSIZE];
data/crash-7.2.8/kernel.c:1459:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAXARGS];
data/crash-7.2.8/kernel.c:1476:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "list *0x%lx", req->addr);
data/crash-7.2.8/kernel.c:1478:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (!gdb_pass_through(buf1, pc->tmpfile, GNU_RETURN_ON_ERROR)) {
data/crash-7.2.8/kernel.c:1487:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/kernel.c:1488:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf1, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/kernel.c:1507:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
line = atoi(p1+1);
data/crash-7.2.8/kernel.c:1536:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
last = atoi(argv[0]);
data/crash-7.2.8/kernel.c:1570:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/kernel.c:1571:35: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf1, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/kernel.c:1576:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
line = atoi(argv[0]);
data/crash-7.2.8/kernel.c:1639:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:1763:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:1767:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/kernel.c:1769:44: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
tmpfile_offsets[index] = ftell(pc->tmpfile);
data/crash-7.2.8/kernel.c:1771:33: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/kernel.c:1779:52: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
tmpfile_offsets[index] = ftell(pc->tmpfile);
data/crash-7.2.8/kernel.c:1787:16: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (fseek(pc->tmpfile, tmpfile_offsets[index], SEEK_SET) < 0) {
data/crash-7.2.8/kernel.c:1789:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/kernel.c:1834:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:1835:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:1836:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/kernel.c:1837:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/kernel.c:1838:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/kernel.c:1933:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kt->BUG_bytes = atoi(optarg);
data/crash-7.2.8/kernel.c:2004:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "x/%ldi 0x%lx",
data/crash-7.2.8/kernel.c:2015:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "x/%ldi 0x%lx",
data/crash-7.2.8/kernel.c:2062:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf5, "x/%ldi 0x%lx",
data/crash-7.2.8/kernel.c:2066:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf5, "x/%ldi 0x%lx",
data/crash-7.2.8/kernel.c:2082:15: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/kernel.c:2084:35: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf2, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/kernel.c:2126:37: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
ret = fgets(buf2, BUFSIZE, pc->tmpfile);
data/crash-7.2.8/kernel.c:2172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:2173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:2174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/kernel.c:2240:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "x/%ldi 0x%lx", spn->value - sp->value, sp->value);
data/crash-7.2.8/kernel.c:2245:29: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
gdb_pass_through(buf1, pc->tmpfile, GNU_RETURN_ON_ERROR);
data/crash-7.2.8/kernel.c:2246:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/kernel.c:2247:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf2, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/kernel.c:2465:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg_buf[BUFSIZE];
data/crash-7.2.8/kernel.c:2870:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:2871:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:2953:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:3077:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "/proc/%ld", bt->tc->pid);
data/crash-7.2.8/kernel.c:3305:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p1;
data/crash-7.2.8/kernel.c:3746:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:3879:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:4133:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(treebuf, ".debug");
data/crash-7.2.8/kernel.c:4151:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:4152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:4253:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:4254:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:4407:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:4408:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:4409:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/kernel.c:4425:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%ld", lm->mod_size);
data/crash-7.2.8/kernel.c:4598:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:4599:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[BUFSIZE];
data/crash-7.2.8/kernel.c:4600:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[BUFSIZE];
data/crash-7.2.8/kernel.c:4832:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpref[BUFSIZE];
data/crash-7.2.8/kernel.c:5123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:5157:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "[%5lld.%06ld] ", nanos, rem/1000);
data/crash-7.2.8/kernel.c:5163:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "<%x>", level);
data/crash-7.2.8/kernel.c:5303:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:5363:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:5385:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:5572:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:5573:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[BUFSIZE];
data/crash-7.2.8/kernel.c:5574:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/kernel.c:5600:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((argc >= 3) && (debug_kernel_version_string = (char *)
data/crash-7.2.8/kernel.c:5665:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d.%02d, %d.%02d, %d.%02d",
data/crash-7.2.8/kernel.c:5713:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE], *scp;
data/crash-7.2.8/kernel.c:5714:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE], *p;
data/crash-7.2.8/kernel.c:5715:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/kernel.c:5716:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/kernel.c:5802:28: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/kernel.c:5809:49: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf1, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/kernel.c:6254:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[15];
data/crash-7.2.8/kernel.c:6255:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg_buf[BUFSIZE];
data/crash-7.2.8/kernel.c:6376:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "CPU%d", i);
data/crash-7.2.8/kernel.c:6537:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:6538:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:6539:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:6540:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/kernel.c:7055:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:7056:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buf[BUFSIZE];
data/crash-7.2.8/kernel.c:7128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:7129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:7130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:7131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buf[BUFSIZE];
data/crash-7.2.8/kernel.c:7262:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:7297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:7354:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:7429:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:7584:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:7611:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:7635:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:7636:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:7637:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/kernel.c:7638:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/kernel.c:7639:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/kernel.c:7716:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%lld", now);
data/crash-7.2.8/kernel.c:7728:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%lld", now);
data/crash-7.2.8/kernel.c:7754:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:7776:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%lld", softexpires);
data/crash-7.2.8/kernel.c:7786:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%lld", getsoft ? expires - now : expires);
data/crash-7.2.8/kernel.c:7802:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:7803:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:7804:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/kernel.c:7805:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/kernel.c:7823:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%lld-%lld", softexpires, expires);
data/crash-7.2.8/kernel.c:7828:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%lld", softexpires);
data/crash-7.2.8/kernel.c:7833:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%lld", expires);
data/crash-7.2.8/kernel.c:7913:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:7914:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:7915:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/kernel.c:8034:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%ld", highest);
data/crash-7.2.8/kernel.c:8040:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf4, "%ld", highest_tte);
data/crash-7.2.8/kernel.c:8055:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "timer_table[%ld]", td[i].address);
data/crash-7.2.8/kernel.c:8098:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:8099:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:8100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/kernel.c:8101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/kernel.c:8163:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%ld", highest);
data/crash-7.2.8/kernel.c:8170:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf4, "%ld", highest_tte);
data/crash-7.2.8/kernel.c:8231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:8232:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:8233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/kernel.c:8234:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/kernel.c:8326:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%ld", highest);
data/crash-7.2.8/kernel.c:8333:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf4, "%ld", highest_tte);
data/crash-7.2.8/kernel.c:8393:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:8394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:8395:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/kernel.c:8396:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/kernel.c:8482:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%ld", highest);
data/crash-7.2.8/kernel.c:8489:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf4, "%ld", highest_tte);
data/crash-7.2.8/kernel.c:9003:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:9004:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:9005:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/kernel.c:9018:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%ld", jiffies);
data/crash-7.2.8/kernel.c:9090:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf4, "%ld", highest_tte);
data/crash-7.2.8/kernel.c:10260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[512];
data/crash-7.2.8/kernel.c:10459:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kt->kernel_NR_CPUS = atoi(val);
data/crash-7.2.8/kernel.c:10471:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
machdep->hz = atoi(val);
data/crash-7.2.8/kernel.c:10608:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p1;
data/crash-7.2.8/kernel.c:10656:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/kernel.c:10674:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kt->kernel_version[0] = atoi(p1);
data/crash-7.2.8/kernel.c:10679:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kt->kernel_version[1] = atoi(p1);
data/crash-7.2.8/kernel.c:10684:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kt->kernel_version[2] = atoi(p1);
data/crash-7.2.8/kernel.c:10696:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
machdep->pagesize = atoi(string);
data/crash-7.2.8/kernel.c:11183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/kernel.c:11184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/kernel.c:11185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/kernel.c:11197:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/kernel.c:11198:35: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf1, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/kernel.c:11202:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(arglist[2]) >= array_len))
data/crash-7.2.8/kernel.c:11209:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/kernel.c:11210:35: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf1, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/kernel.c:11215:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((i = atoi(arglist[2])) >= array_len))
data/crash-7.2.8/kernel.c:11387:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[BUFSIZE];
data/crash-7.2.8/kvmdump.c:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CHKSUM_SIZE];
data/crash-7.2.8/kvmdump.c:120:16: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if ((tmpfp = tmpfile()) == NULL)
data/crash-7.2.8/kvmdump.c:185:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bufptr, kvm->un.curbufptr + PAGEOFFSET(paddr), cnt);
data/crash-7.2.8/kvmdump.c:665:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/crash-7.2.8/kvmdump.c:678:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fdmem = open(filename, O_CREAT|O_RDWR, 0644)) < 0) {
data/crash-7.2.8/kvmdump.c:712:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/crash-7.2.8/kvmdump.c:730:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fdcore = open(pc->dumpfile, O_WRONLY)) < 0)
data/crash-7.2.8/kvmdump.c:803:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(filename, O_RDONLY)) < 0) {
data/crash-7.2.8/lkcd_common.c:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[BUFSIZE];
data/crash-7.2.8/lkcd_common.c:171:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tmpfd = open(s, O_RDONLY)) < 0) {
data/crash-7.2.8/lkcd_common.c:499:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/lkcd_common.c:536:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%llx@",
data/crash-7.2.8/lkcd_common.c:538:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/lkcd_common.c:727:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zones, lkcd->zones,
data/crash-7.2.8/lkcd_common.c:1287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/lkcd_dump_v5.h:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_panic_string[DUMP_PANIC_LEN];
data/crash-7.2.8/lkcd_dump_v5.h:172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_sysname[65];
data/crash-7.2.8/lkcd_dump_v5.h:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_nodename[65];
data/crash-7.2.8/lkcd_dump_v5.h:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_release[65];
data/crash-7.2.8/lkcd_dump_v5.h:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_version[65];
data/crash-7.2.8/lkcd_dump_v5.h:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_machine[65];
data/crash-7.2.8/lkcd_dump_v5.h:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_domainname[65];
data/crash-7.2.8/lkcd_dump_v7.h:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_panic_string[DUMP_PANIC_LEN];
data/crash-7.2.8/lkcd_dump_v7.h:172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_sysname[65];
data/crash-7.2.8/lkcd_dump_v7.h:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_nodename[65];
data/crash-7.2.8/lkcd_dump_v7.h:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_release[65];
data/crash-7.2.8/lkcd_dump_v7.h:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_version[65];
data/crash-7.2.8/lkcd_dump_v7.h:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_machine[65];
data/crash-7.2.8/lkcd_dump_v7.h:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_domainname[65];
data/crash-7.2.8/lkcd_dump_v8.h:165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_panic_string[DUMP_PANIC_LEN];
data/crash-7.2.8/lkcd_dump_v8.h:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_sysname[65];
data/crash-7.2.8/lkcd_dump_v8.h:178:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_nodename[65];
data/crash-7.2.8/lkcd_dump_v8.h:179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_release[65];
data/crash-7.2.8/lkcd_dump_v8.h:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_version[65];
data/crash-7.2.8/lkcd_dump_v8.h:181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_machine[65];
data/crash-7.2.8/lkcd_dump_v8.h:182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_domainname[65];
data/crash-7.2.8/lkcd_fix_mem.h:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_panic_string[DUMP_PANIC_LEN];
data/crash-7.2.8/lkcd_fix_mem.h:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_sysname[65];
data/crash-7.2.8/lkcd_fix_mem.h:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_nodename[65];
data/crash-7.2.8/lkcd_fix_mem.h:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_release[65];
data/crash-7.2.8/lkcd_fix_mem.h:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_version[65];
data/crash-7.2.8/lkcd_fix_mem.h:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_machine[65];
data/crash-7.2.8/lkcd_fix_mem.h:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_utsname_domainname[65];
data/crash-7.2.8/lkcd_v7.c:41:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dumpfile_index_name[128];
data/crash-7.2.8/lkcd_v7.c:101:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
lkcd->dumpfile_index = strcat(dumpfile_index_name, ".index");
data/crash-7.2.8/lkcd_v7.c:102:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifd = open(lkcd->dumpfile_index, O_RDWR, 0644);
data/crash-7.2.8/lkcd_v7.c:106:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifd = open(lkcd->dumpfile_index, (O_RDWR | O_CREAT), 0644);
data/crash-7.2.8/lkcd_v8.c:150:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&arch_hdr, (void *)hdr_buf, offset);
data/crash-7.2.8/lkcd_v8.c:153:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&arch_hdr.dha_smp_regs, (void *)&hdr_buf[offset],
data/crash-7.2.8/lkcd_v8.c:158:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&arch_hdr.dha_smp_current_task, (void *)&hdr_buf[offset],
data/crash-7.2.8/lkcd_v8.c:163:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&arch_hdr.dha_stack, (void *)&hdr_buf[offset],
data/crash-7.2.8/lkcd_v8.c:168:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&arch_hdr.dha_stack_ptr, (void *)&hdr_buf[offset],
data/crash-7.2.8/lkcd_v8.c:182:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&arch_hdr.dha_kernel_addr, (void *)&hdr_buf[offset], sizeof(uint64_t));
data/crash-7.2.8/lkcd_v8.c:185:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dump_header_asm_v8, &arch_hdr, sizeof(dump_header_asm_t));
data/crash-7.2.8/lkcd_v8.c:221:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dumpfile_index_name[128];
data/crash-7.2.8/lkcd_v8.c:292:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
lkcd->dumpfile_index = strcat(dumpfile_index_name, ".index");
data/crash-7.2.8/lkcd_v8.c:293:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifd = open(lkcd->dumpfile_index, O_RDWR, 0644);
data/crash-7.2.8/lkcd_v8.c:297:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifd = open(lkcd->dumpfile_index, (O_RDWR | O_CREAT), 0644);
data/crash-7.2.8/lkcd_vmdump_v1.h:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_panic_string[DUMP_PANIC_LEN];
data/crash-7.2.8/lkcd_vmdump_v2_v3.h:204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dh_panic_string[DUMP_PANIC_LEN];
data/crash-7.2.8/lkcd_x86_trace.c:300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/lkcd_x86_trace.c:301:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/lkcd_x86_trace.c:313:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "x/2i 0x%x", ra - len);
data/crash-7.2.8/lkcd_x86_trace.c:2004:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/lkcd_x86_trace.c:2755:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/lkcd_x86_trace.c:2756:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/lkcd_x86_trace.c:2961:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char block[TEXT_BLOCK_SIZE];
data/crash-7.2.8/lkcd_x86_trace.c:4349:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char onebyte_has_modrm[256] = {
data/crash-7.2.8/lkcd_x86_trace.c:4368:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char twobyte_has_modrm[256] = {
data/crash-7.2.8/lkcd_x86_trace.c:4617:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cp, *np, name_str[100];
data/crash-7.2.8/lkcd_x86_trace.h:106:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256];
data/crash-7.2.8/main.c:382:16: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pc->debug = atol(optarg);
data/crash-7.2.8/main.c:1022:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[BUFSIZE];
data/crash-7.2.8/main.c:1074:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/main.c:1075:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char homerc[BUFSIZE];
data/crash-7.2.8/main.c:1076:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localrc[BUFSIZE];
data/crash-7.2.8/main.c:1198:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((afp = fopen(homerc, "r")) == NULL)
data/crash-7.2.8/main.c:1214:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((afp = fopen(localrc, "r")) == NULL)
data/crash-7.2.8/main.c:1242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/main.c:1243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/main.c:1628:53: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fprintf(fp, " tmpfile: %lx\n", (ulong)pc->tmpfile);
data/crash-7.2.8/main.c:1871:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *untrusted_file_list[4] = { 0 };
data/crash-7.2.8/makedumpfile.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/makedumpfile.c:74:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file, O_RDONLY);
data/crash-7.2.8/makedumpfile.c:148:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "sorting flat format data: %lld%%", (ulonglong)pct);
data/crash-7.2.8/makedumpfile.c:215:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file, O_RDONLY);
data/crash-7.2.8/makedumpfile.c:375:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p1, *p2;
data/crash-7.2.8/makedumpfile.h:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[SIG_LEN_MDF]; /* = "makedumpfile" */
data/crash-7.2.8/memory.c:109:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *opt_string[MAXARGS];
data/crash-7.2.8/memory.c:116:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *opt_string[MAXARGS];
data/crash-7.2.8/memory.c:123:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *opt_string[MAXARGS];
data/crash-7.2.8/memory.c:129:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *value[MAXARGS];
data/crash-7.2.8/memory.c:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:355:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:1134:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%llx", (ulonglong)
data/crash-7.2.8/memory.c:1289:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tmpfp = fopen(outputfile, "w")) == NULL)
data/crash-7.2.8/memory.c:1503:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readtype[20];
data/crash-7.2.8/memory.c:1508:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexchars[MAX_HEXCHARS_PER_LINE+1];
data/crash-7.2.8/memory.c:1511:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE*2];
data/crash-7.2.8/memory.c:1512:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slab[BUFSIZE];
data/crash-7.2.8/memory.c:1608:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(readtype, "ascii");
data/crash-7.2.8/memory.c:2035:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE*2];
data/crash-7.2.8/memory.c:2036:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slab[BUFSIZE];
data/crash-7.2.8/memory.c:2053:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(retbuf, "%08lx", value);
data/crash-7.2.8/memory.c:2055:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(retbuf, "%08lx", value);
data/crash-7.2.8/memory.c:2069:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(retbuf, "%016lx", value);
data/crash-7.2.8/memory.c:2071:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(retbuf, "%016lx", value);
data/crash-7.2.8/memory.c:2564:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->mfd = open("/proc/kcore", O_RDONLY)) < 0) {
data/crash-7.2.8/memory.c:2722:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char membuf[40];
data/crash-7.2.8/memory.c:2743:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(membuf, "0x%x (?)", memtype);
data/crash-7.2.8/memory.c:2745:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(membuf, "unknown");
data/crash-7.2.8/memory.c:2759:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ebuf[20];
data/crash-7.2.8/memory.c:2926:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->kfd = open("/dev/kmem", O_RDONLY)) < 0)
data/crash-7.2.8/memory.c:2957:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(pc->dumpfile, O_RDONLY)) < 0)
data/crash-7.2.8/memory.c:2990:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(pc->dumpfile, O_WRONLY)) < 0)
data/crash-7.2.8/memory.c:3150:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:3151:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:3302:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:3303:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:3338:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "[%d]", kt->cpus-1);
data/crash-7.2.8/memory.c:3350:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "[%d]", c);
data/crash-7.2.8/memory.c:3759:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[BUFSIZE];
data/crash-7.2.8/memory.c:3813:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf4, "%ldk", (tm->rss * PAGESIZE())/1024); \
data/crash-7.2.8/memory.c:3814:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf5, "%ldk", (tm->total_vm * PAGESIZE())/1024); \
data/crash-7.2.8/memory.c:3866:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:3867:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:3868:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/memory.c:3869:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/memory.c:3870:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/memory.c:3871:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vma_header[BUFSIZE];
data/crash-7.2.8/memory.c:4099:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:4100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:4101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE*2];
data/crash-7.2.8/memory.c:4102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/memory.c:4354:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:4355:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *memberlist[MAXARGS];
data/crash-7.2.8/memory.c:4483:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufferindex += sprintf(outputbuffer + bufferindex, "%lx ", pp);
data/crash-7.2.8/memory.c:4562:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufferindex += sprintf(outputbuffer + bufferindex,
data/crash-7.2.8/memory.c:4572:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufferindex += sprintf(outputbuffer + bufferindex, " ");
data/crash-7.2.8/memory.c:4583:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufferindex += sprintf(outputbuffer + bufferindex,
data/crash-7.2.8/memory.c:4813:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:5255:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE]; /* safe for a page struct */
data/crash-7.2.8/memory.c:5394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdr[BUFSIZE];
data/crash-7.2.8/memory.c:5395:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:5396:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:5397:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/memory.c:5398:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/memory.c:5409:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char style1[100];
data/crash-7.2.8/memory.c:5410:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char style2[100];
data/crash-7.2.8/memory.c:5411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char style3[100];
data/crash-7.2.8/memory.c:5412:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char style4[100];
data/crash-7.2.8/memory.c:5766:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufferindex += sprintf(outputbuffer+bufferindex, "%lx\n", flags);
data/crash-7.2.8/memory.c:5880:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdr[BUFSIZE];
data/crash-7.2.8/memory.c:5881:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:5882:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:5883:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/memory.c:5884:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/memory.c:5890:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char style1[100];
data/crash-7.2.8/memory.c:5891:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char style2[100];
data/crash-7.2.8/memory.c:5892:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char style3[100];
data/crash-7.2.8/memory.c:5893:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char style4[100];
data/crash-7.2.8/memory.c:6217:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
bufferindex += sprintf(outputbuffer+bufferindex, "%lx\n", flags);
data/crash-7.2.8/memory.c:6374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:6375:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:6415:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%ld", free);
data/crash-7.2.8/memory.c:6419:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%ld", nr);
data/crash-7.2.8/memory.c:6444:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[BUFSIZE];
data/crash-7.2.8/memory.c:6534:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:6535:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/memory.c:6548:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:6549:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:6556:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(arglist[2]);
data/crash-7.2.8/memory.c:6563:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (!(nameptr = (char *)malloc(strlen(arglist[0])))) {
data/crash-7.2.8/memory.c:6569:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vt->pageflags_data[p].mask = 1 << atoi(arglist[2]);
data/crash-7.2.8/memory.c:6606:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:6609:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%lx", flags);
data/crash-7.2.8/memory.c:6665:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:6666:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash_table[BUFSIZE];
data/crash-7.2.8/memory.c:6776:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:6778:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:6836:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:6837:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_free[BUFSIZE];
data/crash-7.2.8/memory.c:6838:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_free_hdr[BUFSIZE];
data/crash-7.2.8/memory.c:6920:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%ldk", (chunk_size * PAGESIZE())/1024);
data/crash-7.2.8/memory.c:6955:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:6958:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:7050:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:7051:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_area[BUFSIZE];
data/crash-7.2.8/memory.c:7052:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_area_hdr[BUFSIZE];
data/crash-7.2.8/memory.c:7125:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "[%d][%d]", i, j);
data/crash-7.2.8/memory.c:7130:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%ldk", (chunk_size * PAGESIZE())/1024);
data/crash-7.2.8/memory.c:7169:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:7172:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:7181:53: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
p = fgets(buf, BUFSIZE, pc->tmpfile);
data/crash-7.2.8/memory.c:7187:17: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chunk_size = atol(p+1) * 1024;
data/crash-7.2.8/memory.c:7263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p;
data/crash-7.2.8/memory.c:7264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:7265:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:7266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/memory.c:7267:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_node[BUFSIZE];
data/crash-7.2.8/memory.c:7268:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_zone[BUFSIZE];
data/crash-7.2.8/memory.c:7269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_area[BUFSIZE];
data/crash-7.2.8/memory.c:7270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_area_hdr[BUFSIZE];
data/crash-7.2.8/memory.c:7440:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:7448:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:7456:32: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
p = fgets(buf, BUFSIZE, pc->tmpfile);
data/crash-7.2.8/memory.c:7461:32: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
p = fgets(buf, BUFSIZE, pc->tmpfile);
data/crash-7.2.8/memory.c:7467:53: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
p = fgets(buf, BUFSIZE, pc->tmpfile);
data/crash-7.2.8/memory.c:7473:17: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chunk_size = atol(p+1) * 1024;
data/crash-7.2.8/memory.c:7589:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p;
data/crash-7.2.8/memory.c:7590:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:7591:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:7592:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/memory.c:7593:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_node[BUFSIZE];
data/crash-7.2.8/memory.c:7594:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_zone[BUFSIZE];
data/crash-7.2.8/memory.c:7595:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_area[BUFSIZE];
data/crash-7.2.8/memory.c:7596:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_area_hdr[BUFSIZE];
data/crash-7.2.8/memory.c:7819:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:7827:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:7835:32: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
p = fgets(buf, BUFSIZE, pc->tmpfile);
data/crash-7.2.8/memory.c:7840:32: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
p = fgets(buf, BUFSIZE, pc->tmpfile);
data/crash-7.2.8/memory.c:7846:53: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
p = fgets(buf, BUFSIZE, pc->tmpfile);
data/crash-7.2.8/memory.c:7852:17: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chunk_size = atol(p+1) * 1024;
data/crash-7.2.8/memory.c:7929:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[BUFSIZE];
data/crash-7.2.8/memory.c:7930:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:7931:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:7932:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/memory.c:7987:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(namebuf, "(unknown)");
data/crash-7.2.8/memory.c:7989:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2, "%ld/%ld/%ld",
data/crash-7.2.8/memory.c:8022:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:8072:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%ldk", (chunk_size * PAGESIZE())/1024);
data/crash-7.2.8/memory.c:8137:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%ldk", (chunk_size * PAGESIZE())/1024);
data/crash-7.2.8/memory.c:8236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:8624:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:8625:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:8626:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:8751:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:8752:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:8753:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/memory.c:8754:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/memory.c:8902:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:9074:34: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(unknown) ");
data/crash-7.2.8/memory.c:9193:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(kbuf, "(unknown)");
data/crash-7.2.8/memory.c:9222:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:9270:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(unknown)");
data/crash-7.2.8/memory.c:9439:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slab_hdr[100] = { 0 };
data/crash-7.2.8/memory.c:9440:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kmem_cache_hdr[100] = { 0 };
data/crash-7.2.8/memory.c:9441:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char free_inuse_hdr[100] = { 0 };
data/crash-7.2.8/memory.c:9480:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(free_inuse_hdr, "FREE / [ALLOCATED]\n");
data/crash-7.2.8/memory.c:10010:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/memory.c:10011:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:10069:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b1[BUFSIZE];
data/crash-7.2.8/memory.c:10098:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b1[BUFSIZE], b2[BUFSIZE]; \
data/crash-7.2.8/memory.c:10122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:10123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[BUFSIZE];
data/crash-7.2.8/memory.c:10187:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(unknown)");
data/crash-7.2.8/memory.c:10327:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:10328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[BUFSIZE];
data/crash-7.2.8/memory.c:10396:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(unknown)");
data/crash-7.2.8/memory.c:10547:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:10548:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[BUFSIZE];
data/crash-7.2.8/memory.c:10640:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(unknown)");
data/crash-7.2.8/memory.c:11149:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slab_s_buf[BUFSIZE];
data/crash-7.2.8/memory.c:11946:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slab_buf[BUFSIZE];
data/crash-7.2.8/memory.c:13273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:13914:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%ld MB", mbs);
data/crash-7.2.8/memory.c:14572:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:14798:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hit[BUFSIZE]; /* array of hit locations in the crossing match zone */
data/crash-7.2.8/memory.c:15566:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:15567:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:15568:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:15569:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/memory.c:15570:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/memory.c:15571:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/memory.c:15671:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(unknown)");
data/crash-7.2.8/memory.c:15713:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%lx", (vt->flags & SWAPINFO_V2) ?
data/crash-7.2.8/memory.c:15715:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2, "%ldk", pages);
data/crash-7.2.8/memory.c:15716:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf3, "%ldk", usedswap);
data/crash-7.2.8/memory.c:15717:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf4, "%2ld%%", pct);
data/crash-7.2.8/memory.c:15718:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf5, "%d", prio);
data/crash-7.2.8/memory.c:15780:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char swapdev[BUFSIZE];
data/crash-7.2.8/memory.c:15809:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:15837:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(unknown swap location)");
data/crash-7.2.8/memory.c:15927:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[BUFSIZE];
data/crash-7.2.8/memory.c:16039:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:16040:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:16041:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/memory.c:16042:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/memory.c:16043:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/memory.c:16281:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "(unknown) ");
data/crash-7.2.8/memory.c:16451:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:16481:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "(unknown) ");
data/crash-7.2.8/memory.c:17286:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statebuf[BUFSIZE];
data/crash-7.2.8/memory.c:17287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:17288:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:17289:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/memory.c:17290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/memory.c:17291:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/memory.c:17407:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:17408:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:17426:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(srange, "%lu", start_sec);
data/crash-7.2.8/memory.c:17434:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statebuf[BUFSIZE];
data/crash-7.2.8/memory.c:17435:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srangebuf[BUFSIZE];
data/crash-7.2.8/memory.c:17436:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parangebuf[BUFSIZE];
data/crash-7.2.8/memory.c:17437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BUFSIZE];
data/crash-7.2.8/memory.c:17438:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:17439:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:17440:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/memory.c:17441:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf6[BUFSIZE];
data/crash-7.2.8/memory.c:17442:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf7[BUFSIZE];
data/crash-7.2.8/memory.c:17550:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mb_hdr[BUFSIZE];
data/crash-7.2.8/memory.c:17551:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char paddr_hdr[BUFSIZE];
data/crash-7.2.8/memory.c:17552:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:17553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:17554:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/memory.c:17555:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/memory.c:17556:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf5[BUFSIZE];
data/crash-7.2.8/memory.c:17557:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf6[BUFSIZE];
data/crash-7.2.8/memory.c:17723:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:17741:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "whatis node_data");
data/crash-7.2.8/memory.c:17746:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:17747:41: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:17776:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "whatis pgdat_list");
data/crash-7.2.8/memory.c:17781:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:17782:41: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:17815:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:17816:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/memory.c:17897:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:17898:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:17911:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
MAX(atoi(arglist[2]), count);
data/crash-7.2.8/memory.c:17934:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:17935:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:18094:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:18095:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/memory.c:18112:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "ptype struct page_state");
data/crash-7.2.8/memory.c:18120:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fflush(pc->tmpfile);
data/crash-7.2.8/memory.c:18121:18: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fd = fileno(pc->tmpfile);
data/crash-7.2.8/memory.c:18126:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:18127:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:18137:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:18139:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:18162:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:18163:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:18249:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/memory.c:18250:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:18275:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:18276:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:18297:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:18298:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:18332:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:18337:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "CPU %d", c);
data/crash-7.2.8/memory.c:18356:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/memory.c:18357:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:18358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[BUFSIZE];
data/crash-7.2.8/memory.c:18359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/memory.c:18366:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:18367:35: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf1, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:18373:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((val = atoi(arglist[2])) > largest))
data/crash-7.2.8/memory.c:18384:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/memory.c:18391:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf1, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/memory.c:18394:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = atoi(arglist[2]);
data/crash-7.2.8/memory.c:18445:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:18460:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(unknown)\n");
data/crash-7.2.8/memory.c:18475:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kbuf[BUFSIZE];
data/crash-7.2.8/memory.c:18476:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/memory.c:18530:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(unknown)");
data/crash-7.2.8/memory.c:18575:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/memory.c:18578:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mi, si, sizeof(struct meminfo));
data/crash-7.2.8/memory.c:18597:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2, "(unknown)");
data/crash-7.2.8/memory.c:19044:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b1[BUFSIZE], b2[BUFSIZE]; \
data/crash-7.2.8/memory.c:19369:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(kbuf, "(unknown)");
data/crash-7.2.8/memory.c:19776:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/mips.c:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptebuf[BUFSIZE];
data/crash-7.2.8/mips.c:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char physbuf[BUFSIZE];
data/crash-7.2.8/mips.c:161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/mips.c:174:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%lx", pte);
data/crash-7.2.8/mips.c:181:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(physbuf, "%lx", paddr);
data/crash-7.2.8/mips.c:348:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/mips.c:385:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/mips.c:428:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/mips.c:452:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/mips.c:460:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pt_regs[SIZE(pt_regs)];
data/crash-7.2.8/mips.c:616:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pt_regs[SIZE(pt_regs)];
data/crash-7.2.8/net.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev_name[DEV_NAME_MAX];
data/crash-7.2.8/net.c:888:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/net.c:939:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/net.c:991:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "UNSPEC:"); break;
data/crash-7.2.8/net.c:993:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "UNIX:"); break;
data/crash-7.2.8/net.c:995:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "INET:"); break;
data/crash-7.2.8/net.c:997:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "AX25:"); break;
data/crash-7.2.8/net.c:999:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "IPX:"); break;
data/crash-7.2.8/net.c:1001:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "APPLETALK:"); break;
data/crash-7.2.8/net.c:1003:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "NETROM:"); break;
data/crash-7.2.8/net.c:1005:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "BRIDGE:"); break;
data/crash-7.2.8/net.c:1007:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "ATMPVC:"); break;
data/crash-7.2.8/net.c:1009:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "X25:"); break;
data/crash-7.2.8/net.c:1011:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "INET6:"); break;
data/crash-7.2.8/net.c:1013:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "ROSE:"); break;
data/crash-7.2.8/net.c:1015:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "DECnet:"); break;
data/crash-7.2.8/net.c:1017:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "NETBEUI:"); break;
data/crash-7.2.8/net.c:1019:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "SECURITY/KEY:"); break;
data/crash-7.2.8/net.c:1021:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "NETLINK/ROUTE:"); break;
data/crash-7.2.8/net.c:1023:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "PACKET:"); break;
data/crash-7.2.8/net.c:1025:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "ASH:"); break;
data/crash-7.2.8/net.c:1027:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "ECONET:"); break;
data/crash-7.2.8/net.c:1029:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "ATMSVC:"); break;
data/crash-7.2.8/net.c:1031:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "SNA:"); break;
data/crash-7.2.8/net.c:1033:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "IRDA:"); break;
data/crash-7.2.8/net.c:1038:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "PPPOX:"); break;
data/crash-7.2.8/net.c:1040:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d:", family); break;
data/crash-7.2.8/net.c:1046:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], "STREAM"); break;
data/crash-7.2.8/net.c:1048:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], "DGRAM "); break;
data/crash-7.2.8/net.c:1050:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], "RAW"); break;
data/crash-7.2.8/net.c:1052:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], "RDM"); break;
data/crash-7.2.8/net.c:1054:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], "SEQPACKET"); break;
data/crash-7.2.8/net.c:1056:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], "PACKET"); break;
data/crash-7.2.8/net.c:1058:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], "%d", type); break;
data/crash-7.2.8/net.c:1136:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%x:%x:%x:%x:%x:%x:%x:%x-%d",
data/crash-7.2.8/net.c:1192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flag_buffer[FLAGBUF_SIZE];
data/crash-7.2.8/net.c:1545:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/net.c:1546:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/netdump.c:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/netdump.c:127:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file, O_RDWR)) < 0) {
data/crash-7.2.8/netdump.c:128:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file, O_RDONLY)) < 0) {
data/crash-7.2.8/netdump.c:451:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/netdump.c:606:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[MIN_NETDUMP_ELF_HEADER_SIZE];
data/crash-7.2.8/netdump.c:607:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/netdump.c:609:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file, O_RDONLY)) < 0) {
data/crash-7.2.8/netdump.c:885:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/netdump.c:1329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/netdump.c:1479:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/netdump.c:1880:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(value, "%lx", nd->arch_data1);
data/crash-7.2.8/netdump.c:1887:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(value, "%ld", nd->arch_data2 & 0xffffffff);
data/crash-7.2.8/netdump.c:1892:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(value, "%lld", ((ulonglong)nd->arch_data2 >> 32) & 0xffffffff);
data/crash-7.2.8/netdump.c:1898:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(value, "%lx", nd->arch_data1);
data/crash-7.2.8/netdump.c:1973:12: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
retval = atol(string);
data/crash-7.2.8/netdump.c:2005:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/netdump.c:2241:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/netdump.c:4434:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eheader[MAX_KCORE_ELF_HEADER_SIZE];
data/crash-7.2.8/netdump.c:4435:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/netdump.c:4439:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/proc/kcore", O_RDONLY)) < 0) {
data/crash-7.2.8/netdump.c:4447:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "/proc/kcore: read");
data/crash-7.2.8/netdump.c:4453:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "/proc/kcore: lseek");
data/crash-7.2.8/netdump.c:4504:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eheader[MAX_KCORE_ELF_HEADER_SIZE];
data/crash-7.2.8/netdump.c:4505:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/netdump.c:4509:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/proc/kcore", O_RDONLY)) < 0) {
data/crash-7.2.8/netdump.c:4517:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "/proc/kcore: read");
data/crash-7.2.8/netdump.c:4523:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "/proc/kcore: lseek");
data/crash-7.2.8/netdump.c:4577:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name, *ptr, buf[BUFSIZE];
data/crash-7.2.8/netdump.c:4921:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/netdump.c:4934:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typename[BUFSIZE];
data/crash-7.2.8/netdump.c:4943:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(typename, "sadump");
data/crash-7.2.8/netdump.c:4950:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(typename, "qemu mem dump");
data/crash-7.2.8/netdump.c:4980:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char e_ident[EI_NIDENT];
data/crash-7.2.8/netdump.c:5108:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char backup_buf[BUFSIZE];
data/crash-7.2.8/netdump.c:5231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ppc.c:265:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char platform_name[MAX_PLATFORM_LEN];
data/crash-7.2.8/ppc.c:272:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(platform_name, "(unknown)");
data/crash-7.2.8/ppc.c:720:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_buf[32];
data/crash-7.2.8/ppc.c:899:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ppc.c:900:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/ppc.c:901:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/ppc.c:902:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptebuf[BUFSIZE];
data/crash-7.2.8/ppc.c:903:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char physbuf[BUFSIZE];
data/crash-7.2.8/ppc.c:904:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/ppc.c:918:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%llx", pte64);
data/crash-7.2.8/ppc.c:944:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(physbuf, "%llx", paddr);
data/crash-7.2.8/ppc.c:1039:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ppc.c:1060:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(req->buf, "backtrace");
data/crash-7.2.8/ppc.c:1172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ppc.c:1206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ppc.c:1536:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typename[32];
data/crash-7.2.8/ppc.c:1707:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/ppc.c:1708:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/ppc.c:1711:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAXARGS];
data/crash-7.2.8/ppc.c:1800:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ppc.c:1828:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "CPU %d", c);
data/crash-7.2.8/ppc.c:1837:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "CPU %d", c);
data/crash-7.2.8/ppc.c:1950:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p;
data/crash-7.2.8/ppc64.c:231:31: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
machdep->max_physmem_bits = atol(string);
data/crash-7.2.8/ppc64.c:1389:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_buf[32];
data/crash-7.2.8/ppc64.c:1580:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ppc64.c:1581:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/ppc64.c:1582:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/ppc64.c:1583:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptebuf[BUFSIZE];
data/crash-7.2.8/ppc64.c:1584:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char physbuf[BUFSIZE];
data/crash-7.2.8/ppc64.c:1585:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/ppc64.c:1598:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%lx", pte);
data/crash-7.2.8/ppc64.c:1625:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(physbuf, "%lx", paddr);
data/crash-7.2.8/ppc64.c:1874:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ppc64.c:1908:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(req->buf, "backtrace");
data/crash-7.2.8/ppc64.c:2072:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ppc64.c:2107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ppc64.c:2287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ppc64.c:2666:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typename[32];
data/crash-7.2.8/ppc64.c:2837:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/ppc64.c:2838:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/ppc64.c:2841:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAXARGS];
data/crash-7.2.8/ppc64.c:2921:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readtype[20];
data/crash-7.2.8/ppc64.c:2943:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(readtype, "ascii");
data/crash-7.2.8/ppc64.c:3016:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ppc64.c:3043:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "CPU %d", c);
data/crash-7.2.8/ppc64.c:3052:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "CPU %d", c);
data/crash-7.2.8/ppc64.c:3161:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p;
data/crash-7.2.8/ppc64.c:3209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/ppc64.c:3210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/qemu-load.c:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[257];
data/crash-7.2.8/qemu-load.c:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[257];
data/crash-7.2.8/qemu-load.c:453:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[257];
data/crash-7.2.8/qemu-load.c:876:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[16];
data/crash-7.2.8/qemu-load.c:889:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[257];
data/crash-7.2.8/qemu-load.c:938:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[257];
data/crash-7.2.8/qemu-load.c:946:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (header.magic, "Libv", 4);
data/crash-7.2.8/qemu-load.c:1030:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((vmp = fopen(filename, "r")) == NULL) {
data/crash-7.2.8/qemu-load.c:1087:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/crash-7.2.8/qemu-load.c:1128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/crash-7.2.8/qemu-load.h:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bytes[10];
data/crash-7.2.8/qemu.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/crash-7.2.8/qemu.c:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/crash-7.2.8/qemu.c:257:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(argv[1], "r");
data/crash-7.2.8/ramdump.c:39:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ehdr->e_ident, ELFMAG, SELFMAG);
data/crash-7.2.8/ramdump.c:91:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd2 = open(user_elf, O_CREAT|O_RDWR, S_IRUSR|S_IWUSR);
data/crash-7.2.8/ramdump.c:99:9: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd2 = mkstemp(elf_default);
data/crash-7.2.8/ramdump.c:130:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd1 = open(ramdump[i].path, O_RDONLY, S_IRUSR);
data/crash-7.2.8/ramdump.c:274:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(ramdump[nodes - 1].path, O_RDONLY)) < 0)
data/crash-7.2.8/remote.c:78:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[MAXHOSTNAMELEN];
data/crash-7.2.8/remote.c:101:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tcp_port = (ushort)atoi(argv[optind]);
data/crash-7.2.8/remote.c:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char savebuf[BUFSIZE];
data/crash-7.2.8/remote.c:200:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:201:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/remote.c:202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readbuf[READBUFSIZE+1];
data/crash-7.2.8/remote.c:255:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fds[i] = open(file, O_RDWR)) < 0) {
data/crash-7.2.8/remote.c:256:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fds[i] = open(file, O_RDONLY)) < 0)
data/crash-7.2.8/remote.c:257:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sendbuf, " <FAIL>");
data/crash-7.2.8/remote.c:259:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1,
data/crash-7.2.8/remote.c:265:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, " %d O_RDWR %ld", fds[i],
data/crash-7.2.8/remote.c:270:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sendbuf, " <FAIL>");
data/crash-7.2.8/remote.c:287:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(p3);
data/crash-7.2.8/remote.c:288:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mfd = atoi(p1);
data/crash-7.2.8/remote.c:319:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(p3);
data/crash-7.2.8/remote.c:347:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(p3);
data/crash-7.2.8/remote.c:377:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mfd = atoi(p1);
data/crash-7.2.8/remote.c:405:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(p3);
data/crash-7.2.8/remote.c:406:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mfd = atoi(p1);
data/crash-7.2.8/remote.c:493:14: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bufsize = atol(p1);
data/crash-7.2.8/remote.c:679:35: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bufsize = atol(p1);
data/crash-7.2.8/remote.c:684:15: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if ((tmp = tmpfile()) == NULL) {
data/crash-7.2.8/remote.c:745:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mfd = atoi(p2);
data/crash-7.2.8/remote.c:758:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(readbuf, "\npanic_task: %lx\n", addr);
data/crash-7.2.8/remote.c:774:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lkcd_dump_init(NULL, atoi(p2), p3) ?
data/crash-7.2.8/remote.c:778:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(readbuf, "\npanic_task: %lx\n", addr);
data/crash-7.2.8/remote.c:784:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sendbuf, "panicmsg: ");
data/crash-7.2.8/remote.c:801:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mfd = atoi(p1);
data/crash-7.2.8/remote.c:803:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(p3);
data/crash-7.2.8/remote.c:833:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mfd = atoi(p2);
data/crash-7.2.8/remote.c:846:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(readbuf, "\npanic_task: %lx\n", addr);
data/crash-7.2.8/remote.c:852:33: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sendbuf, "panicmsg: ");
data/crash-7.2.8/remote.c:867:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mfd = atoi(p2);
data/crash-7.2.8/remote.c:880:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(readbuf, "\npanic_task: %lx\n", addr);
data/crash-7.2.8/remote.c:886:33: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sendbuf, "panicmsg: ");
data/crash-7.2.8/remote.c:903:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mfd = atoi(p1);
data/crash-7.2.8/remote.c:905:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(p3);
data/crash-7.2.8/remote.c:933:35: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bufsize = atol(p1);
data/crash-7.2.8/remote.c:1043:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[BUFSIZE*2];
data/crash-7.2.8/remote.c:1055:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(rc->remdebugfile, "a")) == NULL)
data/crash-7.2.8/remote.c:1086:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/remote.c:1173:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[EI_NIDENT];
data/crash-7.2.8/remote.c:1174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/remote.c:1177:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(s, O_RDONLY)) < 0)
data/crash-7.2.8/remote.c:1278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kernel[BUFSIZE];
data/crash-7.2.8/remote.c:1279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[BUFSIZE];
data/crash-7.2.8/remote.c:1280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZE];
data/crash-7.2.8/remote.c:1281:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_version[BUFSIZE];
data/crash-7.2.8/remote.c:1359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirbuf[BUFSIZE];
data/crash-7.2.8/remote.c:1361:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *default_searchdirs[DEFAULT_SEARCHDIRS+1] = {
data/crash-7.2.8/remote.c:1441:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/remote.c:1442:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/remote.c:1443:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[BUFSIZE];
data/crash-7.2.8/remote.c:1456:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "/bin/cat /proc/mounts");
data/crash-7.2.8/remote.c:1458:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "/bin/cat /etc/mtab");
data/crash-7.2.8/remote.c:1485:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((mount_points[i] = (char *)
data/crash-7.2.8/remote.c:1545:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file, O_RDONLY)) < 0)
data/crash-7.2.8/remote.c:1652:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/remote.c:1701:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[BUFSIZE];
data/crash-7.2.8/remote.c:1721:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[BUFSIZE];
data/crash-7.2.8/remote.c:1722:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/remote.c:1774:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MIN_PAGE_SIZE];
data/crash-7.2.8/remote.c:1777:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file, O_RDONLY)) < 0)
data/crash-7.2.8/remote.c:1821:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remote_type[10];
data/crash-7.2.8/remote.c:1853:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char defaulthost[MAXHOSTNAMELEN+1];
data/crash-7.2.8/remote.c:1854:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:1855:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:1887:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pc->port = (ushort)atoi(portp);
data/crash-7.2.8/remote.c:1947:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "NIL");
data/crash-7.2.8/remote.c:1963:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "MACHINE_PID");
data/crash-7.2.8/remote.c:1974:26: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pc->server_pid = atol(p1);
data/crash-7.2.8/remote.c:2062:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2063:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2232:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2248:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rfp->fd = atoi(p1);
data/crash-7.2.8/remote.c:2255:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rfp->size = atoi(p1);
data/crash-7.2.8/remote.c:2267:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2268:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2272:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "CLOSE %d", rfp->fd);
data/crash-7.2.8/remote.c:2285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2286:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2290:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "PROC_VERSION");
data/crash-7.2.8/remote.c:2363:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2364:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2374:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "VTOP %d %llx", cpu, (long long unsigned int)virt_addr);
data/crash-7.2.8/remote.c:2402:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2403:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2416:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "FETCH_LIVE_IP_SP_BP %d", bt->tc->processor);
data/crash-7.2.8/remote.c:2459:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2460:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2470:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "FETCH_LIVE_CR3 %d", cpu);
data/crash-7.2.8/remote.c:2510:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[BUFSIZE];
data/crash-7.2.8/remote.c:2613:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->nfd = open(pc->namelist, O_RDONLY)) < 0)
data/crash-7.2.8/remote.c:2653:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2654:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2655:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readbuf[READBUFSIZE];
data/crash-7.2.8/remote.c:2680:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->nfd = open(pc->namelist,
data/crash-7.2.8/remote.c:2718:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/remote.c:2760:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2761:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2762:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readbuf[BUFSIZE*2];
data/crash-7.2.8/remote.c:2815:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2816:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:2854:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local[BUFSIZE];
data/crash-7.2.8/remote.c:2855:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readbuf[READBUFSIZE];
data/crash-7.2.8/remote.c:2945:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((sfd = open(local, O_RDWR|O_CREAT|O_TRUNC, S_IRWXU)) < 0) {
data/crash-7.2.8/remote.c:2986:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((sfd = open(pc->namelist, O_RDWR|O_CREAT|O_TRUNC, S_IRWXU)) < 0) {
data/crash-7.2.8/remote.c:3052:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((sfd = open(local, O_RDWR|O_CREAT|O_TRUNC, S_IRWXU)) < 0) {
data/crash-7.2.8/remote.c:3085:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3086:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3091:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "FIND_BOOTED_KERNEL");
data/crash-7.2.8/remote.c:3106:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3107:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3144:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3145:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3179:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3180:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3210:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3211:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3219:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "PAGESIZE LIVE");
data/crash-7.2.8/remote.c:3221:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "PAGESIZE NIL");
data/crash-7.2.8/remote.c:3223:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "PAGESIZE NETDUMP");
data/crash-7.2.8/remote.c:3225:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "PAGESIZE MCLXCD");
data/crash-7.2.8/remote.c:3227:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "PAGESIZE LKCD");
data/crash-7.2.8/remote.c:3229:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "PAGESIZE S390D");
data/crash-7.2.8/remote.c:3243:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
psz = atoi(p1);
data/crash-7.2.8/remote.c:3254:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rc->n_cpus = atoi(p3);
data/crash-7.2.8/remote.c:3266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3267:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE*2];
data/crash-7.2.8/remote.c:3268:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readbuf[READBUFSIZE];
data/crash-7.2.8/remote.c:3285:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "READ %d %lx %ld", rfp->fd, offset, size);
data/crash-7.2.8/remote.c:3327:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(readbuf,
data/crash-7.2.8/remote.c:3331:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(readbuf,
data/crash-7.2.8/remote.c:3362:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3363:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readbuf[READBUFSIZE];
data/crash-7.2.8/remote.c:3364:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gziphdr[DATA_HDRSIZE];
data/crash-7.2.8/remote.c:3411:13: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gtot = atol(p1);
data/crash-7.2.8/remote.c:3448:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3449:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3450:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local[BUFSIZE];
data/crash-7.2.8/remote.c:3451:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char found[BUFSIZE];
data/crash-7.2.8/remote.c:3531:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3532:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3558:16: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return(atol(p1));
data/crash-7.2.8/remote.c:3567:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3568:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3594:16: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return(atol(p1));
data/crash-7.2.8/remote.c:3604:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3605:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readbuf[READBUFSIZE];
data/crash-7.2.8/remote.c:3606:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datahdr[DATA_HDRSIZE];
data/crash-7.2.8/remote.c:3659:13: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dtot = atol(p1);
data/crash-7.2.8/remote.c:3688:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE];
data/crash-7.2.8/remote.c:3689:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datahdr[DATA_HDRSIZE];
data/crash-7.2.8/remote.c:3698:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "READ_NETDUMP %lx %d", addr, cnt);
data/crash-7.2.8/remote.c:3700:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "READ_MCLXCD %lx %d", addr, cnt);
data/crash-7.2.8/remote.c:3702:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "READ_LKCD %d %lx %d", rfd, addr, cnt);
data/crash-7.2.8/remote.c:3704:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "READ_S390D %d %lx %d", rfd, addr, cnt);
data/crash-7.2.8/remote.c:3706:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "READ_LIVE %d %lx %d %d", rfd, addr, cnt, vcpu);
data/crash-7.2.8/remote.c:3708:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sendbuf, "READ_LIVE %d %lx %d", rfd, addr, cnt);
data/crash-7.2.8/remote.c:3726:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
errno = atoi(p1);
data/crash-7.2.8/remote.c:3737:8: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tot = atol(p1);
data/crash-7.2.8/remote.c:3765:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[READBUFSIZE];
data/crash-7.2.8/remote.c:3790:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[BUFSIZE];
data/crash-7.2.8/remote.c:3791:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[BUFSIZE*2];
data/crash-7.2.8/remote.c:3792:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readbuf[READBUFSIZE];
data/crash-7.2.8/remote.c:3793:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datahdr[DATA_HDRSIZE];
data/crash-7.2.8/remote.c:3845:13: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dtot = atol(p1);
data/crash-7.2.8/remote.c:3871:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/remote.c:3880:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "EXIT");
data/crash-7.2.8/s390.c:470:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/s390.c:471:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/s390.c:472:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/s390.c:473:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/s390.c:474:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptebuf[BUFSIZE];
data/crash-7.2.8/s390.c:490:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%lx", pte);
data/crash-7.2.8/s390.c:500:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%lx", pte);
data/crash-7.2.8/s390.c:548:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thread_info[8192];
data/crash-7.2.8/s390.c:615:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char async_stack[INT_STACK_SIZE];
data/crash-7.2.8/s390.c:616:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char panic_stack[INT_STACK_SIZE];
data/crash-7.2.8/s390.c:622:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/s390.c:637:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lowcore[LOWCORE_SIZE];
data/crash-7.2.8/s390.c:922:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lowcore[LOWCORE_SIZE];
data/crash-7.2.8/s390.c:969:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/s390.c:970:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/s390.c:973:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAXARGS];
data/crash-7.2.8/s390.c:1066:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/s390.c:1123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p;
data/crash-7.2.8/s390_dump.c:32:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = fopen(file,"r");
data/crash-7.2.8/s390_dump.c:49:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((s390_file = fopen(file, "r+")) == NULL) {
data/crash-7.2.8/s390_dump.c:50:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((s390_file = fopen(file, "r")) == NULL)
data/crash-7.2.8/s390dbf.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdstr[MAX_CMDLINE];
data/crash-7.2.8/s390dbf.c:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[MAX_ARGS];
data/crash-7.2.8/s390dbf.c:277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[DEBUG_MAX_PROCF_LEN];
data/crash-7.2.8/s390dbf.c:295:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[DEBUG_MAX_PROCF_LEN];
data/crash-7.2.8/s390dbf.c:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char caller_buf[30];
data/crash-7.2.8/s390dbf.c:360:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(caller_buf, "%llx", (unsigned long long)caller);
data/crash-7.2.8/s390dbf.c:393:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_buf,entry,sizeof(debug_entry_t));
data/crash-7.2.8/s390dbf.c:410:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_buf, in_buf, id->buf_size);
data/crash-7.2.8/s390dbf.c:429:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
rc += sprintf(out_buf + rc, "%02x ",
data/crash-7.2.8/s390dbf.c:430:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *) in_buf)[i]);
data/crash-7.2.8/s390dbf.c:432:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
rc += sprintf(out_buf + rc, "| ");
data/crash-7.2.8/s390dbf.c:436:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
rc += sprintf(out_buf + rc, "%c", c);
data/crash-7.2.8/s390dbf.c:453:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[_BUFSIZE];
data/crash-7.2.8/s390dbf.c:544:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
rc = sprintf(out_buf, "%i\n", id->level);
data/crash-7.2.8/s390dbf.c:562:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
rc = sprintf(out_buf, "%i\n", id->pages_per_area_v2);
data/crash-7.2.8/s390dbf.c:576:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
rc = sprintf(out_buf, "AREA TIME LEVEL EXCEPTION CP CALLING FUNCTION"
data/crash-7.2.8/s390dbf.c:592:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
rc += sprintf(out_buf + rc, "%02x ",
data/crash-7.2.8/s390dbf.c:593:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *) in_buf)[i]);
data/crash-7.2.8/s390dbf.c:617:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
rc += sprintf(out_buf + rc, "%c", c);
data/crash-7.2.8/s390dbf.c:643:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
rc += sprintf(out_buf + rc, "%c", c);
data/crash-7.2.8/s390dbf.c:743:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/crash-7.2.8/s390dbf.c:805:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/crash-7.2.8/s390dbf.c:1278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path_view[PATH_MAX];
data/crash-7.2.8/s390dbf.c:1296:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
view_fh = fopen(path_view, "w");
data/crash-7.2.8/s390dbf.c:1310:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir_name_area[PATH_MAX];
data/crash-7.2.8/s390x.c:248:31: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
machdep->max_physmem_bits = atol(string);
data/crash-7.2.8/s390x.c:463:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[128];
data/crash-7.2.8/s390x.c:490:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/crash-7.2.8/s390x.c:1115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/s390x.c:1116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/s390x.c:1117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/s390x.c:1118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/s390x.c:1119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptebuf[BUFSIZE];
data/crash-7.2.8/s390x.c:1135:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%lx", pte);
data/crash-7.2.8/s390x.c:1145:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%lx", pte);
data/crash-7.2.8/s390x.c:1195:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thread_info[8192];
data/crash-7.2.8/s390x.c:1244:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowcore + 4864, &s390x_cpu->psw, sizeof(s390x_cpu->psw));
data/crash-7.2.8/s390x.c:1245:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowcore + 4736, &s390x_cpu->gprs, sizeof(s390x_cpu->gprs));
data/crash-7.2.8/s390x.c:1246:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowcore + 4928, &s390x_cpu->acrs, sizeof(s390x_cpu->acrs));
data/crash-7.2.8/s390x.c:1248:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowcore + 4892, &s390x_cpu->fpc, sizeof(s390x_cpu->fpc));
data/crash-7.2.8/s390x.c:1249:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowcore + 4608, &s390x_cpu->fprs, sizeof(s390x_cpu->fprs));
data/crash-7.2.8/s390x.c:1251:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowcore + 4888, &s390x_cpu->prefix, sizeof(s390x_cpu->prefix));
data/crash-7.2.8/s390x.c:1252:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowcore + 4992, &s390x_cpu->ctrs, sizeof(s390x_cpu->ctrs));
data/crash-7.2.8/s390x.c:1254:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowcore + 4900, &s390x_cpu->todpreg, sizeof(s390x_cpu->todpreg));
data/crash-7.2.8/s390x.c:1255:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowcore + 4904, &s390x_cpu->timer, sizeof(s390x_cpu->timer));
data/crash-7.2.8/s390x.c:1256:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lowcore + 4912, &s390x_cpu->todcmp, sizeof(s390x_cpu->todcmp));
data/crash-7.2.8/s390x.c:1268:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_buf[i * 16], &s390x_cpu->fprs[i], 8);
data/crash-7.2.8/s390x.c:1269:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_buf[i * 16 + 8], &s390x_cpu->vxrs_low[i], 8);
data/crash-7.2.8/s390x.c:1271:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_buf[16 * 16], &s390x_cpu->vxrs_high[0], 16 * 16);
data/crash-7.2.8/s390x.c:1292:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vx_sa[VX_SA_SIZE];
data/crash-7.2.8/s390x.c:1424:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/s390x.c:1554:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lowcore[LOWCORE_SIZE];
data/crash-7.2.8/s390x.c:1768:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lowcore[LOWCORE_SIZE];
data/crash-7.2.8/s390x.c:1815:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/s390x.c:1816:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/s390x.c:1819:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAXARGS];
data/crash-7.2.8/s390x.c:1913:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/s390x.c:1970:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p;
data/crash-7.2.8/sadump.c:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid1[SADUMP_EFI_GUID_TEXT_REPR_LEN+1];
data/crash-7.2.8/sadump.c:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid2[SADUMP_EFI_GUID_TEXT_REPR_LEN+1];
data/crash-7.2.8/sadump.c:492:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid1[SADUMP_EFI_GUID_TEXT_REPR_LEN+1];
data/crash-7.2.8/sadump.c:493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid2[SADUMP_EFI_GUID_TEXT_REPR_LEN+1];
data/crash-7.2.8/sadump.c:608:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file, O_RDONLY);
data/crash-7.2.8/sadump.c:656:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this_disk->dfd = open(file, O_RDONLY);
data/crash-7.2.8/sadump.c:827:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bufptr, sd->page_buf + page_offset, cnt);
data/crash-7.2.8/sadump.c:930:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid[SADUMP_EFI_GUID_TEXT_REPR_LEN+1];
data/crash-7.2.8/sadump.c:1165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sym_early_ptr[BUFSIZE], sym_early_map[BUFSIZE];
data/crash-7.2.8/sadump.c:1292:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prstatus, prstatus_ptr, SIZE(elf_prstatus));
data/crash-7.2.8/sadump.h:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[8]; /* = "sadump\0\0" */
data/crash-7.2.8/sadump.h:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserve[4044]; // reserve feild
data/crash-7.2.8/sparc64.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/sparc64.c:87:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "CPU %d", c);
data/crash-7.2.8/sparc64.c:96:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "CPU %d", c);
data/crash-7.2.8/sparc64.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/crash-7.2.8/sparc64.c:250:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[BUFSIZE];
data/crash-7.2.8/sparc64.c:253:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("/proc/iomem", "r");
data/crash-7.2.8/sparc64.c:656:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:431:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8*1024];
data/crash-7.2.8/symbols.c:434:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(name, O_RDONLY);
data/crash-7.2.8/symbols.c:726:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:808:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:809:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BUFSIZE];
data/crash-7.2.8/symbols.c:811:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *mapitems[MAXARGS];
data/crash-7.2.8/symbols.c:814:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((map = fopen(pc->system_map, "r")) == NULL)
data/crash-7.2.8/symbols.c:932:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:933:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *kallsyms[MAXARGS];
data/crash-7.2.8/symbols.c:945:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((kp = fopen("/proc/kallsyms", "r")) == NULL) {
data/crash-7.2.8/symbols.c:1009:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:1010:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *kallsyms[MAXARGS];
data/crash-7.2.8/symbols.c:1021:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((kp = fopen("/proc/kallsyms", "r")) == NULL) {
data/crash-7.2.8/symbols.c:1371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/symbols.c:1372:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE*2];
data/crash-7.2.8/symbols.c:1373:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BUFSIZE];
data/crash-7.2.8/symbols.c:1374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rodata[BUFSIZE*2];
data/crash-7.2.8/symbols.c:1425:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "(unknown module)");
data/crash-7.2.8/symbols.c:1715:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/symbols.c:1716:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/symbols.c:1717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/symbols.c:1718:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/symbols.c:2535:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/symbols.c:2536:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/symbols.c:2537:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/symbols.c:2753:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sn1[BUFSIZE], sn2[BUFSIZE];
data/crash-7.2.8/symbols.c:3490:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[EI_NIDENT];
data/crash-7.2.8/symbols.c:3492:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(s, O_RDONLY)) < 0) {
data/crash-7.2.8/symbols.c:3519:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eheader[BUFSIZE];
data/crash-7.2.8/symbols.c:3523:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file, O_RDONLY)) < 0) {
data/crash-7.2.8/symbols.c:3651:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[BUFSIZE];
data/crash-7.2.8/symbols.c:3652:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[BUFSIZE];
data/crash-7.2.8/symbols.c:3653:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[BUFSIZE];
data/crash-7.2.8/symbols.c:3661:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file, O_RDONLY)) < 0)
data/crash-7.2.8/symbols.c:3731:7: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(tempname);
data/crash-7.2.8/symbols.c:3788:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eheader[BUFSIZE];
data/crash-7.2.8/symbols.c:3795:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file, O_RDONLY)) < 0)
data/crash-7.2.8/symbols.c:3943:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *mapitems[MAXARGS];
data/crash-7.2.8/symbols.c:3944:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16384];
data/crash-7.2.8/symbols.c:3951:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((map = fopen(s, "r")) == NULL) {
data/crash-7.2.8/symbols.c:4061:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:4206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:4271:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bldbuf[BUFSIZE], *name;
data/crash-7.2.8/symbols.c:4711:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:5017:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p1, locbuf[BUFSIZE];
data/crash-7.2.8/symbols.c:5109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p1;
data/crash-7.2.8/symbols.c:5173:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "_MODULE_START_");
data/crash-7.2.8/symbols.c:5216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p1;
data/crash-7.2.8/symbols.c:5274:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "_MODULE_START_");
data/crash-7.2.8/symbols.c:5461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char old[BUFSIZE];
data/crash-7.2.8/symbols.c:5610:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:5800:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:6052:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/symbols.c:6053:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/symbols.c:6054:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/symbols.c:6066:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/symbols.c:6067:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf1, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/symbols.c:6094:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/symbols.c:6095:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE*2];
data/crash-7.2.8/symbols.c:6333:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *memberlist[MAXARGS];
data/crash-7.2.8/symbols.c:6369:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi(optarg);
data/crash-7.2.8/symbols.c:6673:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:6677:56: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
whatis_datatype(structure, STRUCT_REQUEST, pc->tmpfile);
data/crash-7.2.8/symbols.c:6678:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/symbols.c:6679:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/symbols.c:6708:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:6720:46: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
whatis_datatype(dm->name, flags, pc->tmpfile);
data/crash-7.2.8/symbols.c:6721:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/symbols.c:6729:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/symbols.c:6961:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:6997:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%ld", typereq.types[typereq.idx-1].size);
data/crash-7.2.8/symbols.c:7035:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *pl, *ph, *member;
data/crash-7.2.8/symbols.c:7134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p1;
data/crash-7.2.8/symbols.c:7143:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/symbols.c:7144:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/symbols.c:7210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p;
data/crash-7.2.8/symbols.c:7243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/symbols.c:7315:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/symbols.c:7334:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/symbols.c:7335:49: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf1, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/symbols.c:7370:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p;
data/crash-7.2.8/symbols.c:7379:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/symbols.c:7380:33: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile) && !STRNEQ(buf, "type = "))
data/crash-7.2.8/symbols.c:7382:15: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
p = feof(pc->tmpfile) ? NULL : buf + strlen("type = ");
data/crash-7.2.8/symbols.c:7405:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:7406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char leader[sizeof("&per_cpu(") + strlen(sp->name) +
data/crash-7.2.8/symbols.c:7528:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:7642:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:7665:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:7688:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookbuf[BUFSIZE];
data/crash-7.2.8/symbols.c:7726:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:7735:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/symbols.c:7736:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/symbols.c:7842:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:7843:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookfor1[BUFSIZE];
data/crash-7.2.8/symbols.c:7844:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookfor2[BUFSIZE];
data/crash-7.2.8/symbols.c:7845:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookfor3[BUFSIZE];
data/crash-7.2.8/symbols.c:7846:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookfor4[BUFSIZE];
data/crash-7.2.8/symbols.c:7847:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookfor5[BUFSIZE];
data/crash-7.2.8/symbols.c:7857:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/symbols.c:7865:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/symbols.c:7897:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p1, "}\n");
data/crash-7.2.8/symbols.c:7921:48: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/symbols.c:7927:24: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
curpos = ftell(pc->tmpfile);
data/crash-7.2.8/symbols.c:7947:16: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fseek(pc->tmpfile, last_open_bracket,
data/crash-7.2.8/symbols.c:7958:23: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
curpos = ftell(pc->tmpfile);
data/crash-7.2.8/symbols.c:7966:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_name[BUFSIZE];
data/crash-7.2.8/symbols.c:7968:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[BUFSIZE];
data/crash-7.2.8/symbols.c:8134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:8140:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/symbols.c:8146:33: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/symbols.c:8198:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(current->field_name, p1, current->field_len);
data/crash-7.2.8/symbols.c:8257:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/symbols.c:8258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/symbols.c:8259:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[BUFSIZE];
data/crash-7.2.8/symbols.c:8260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workbuf[BUFSIZE];
data/crash-7.2.8/symbols.c:8278:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%ld", dm->size);
data/crash-7.2.8/symbols.c:8281:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "0x%lx", dm->size);
data/crash-7.2.8/symbols.c:8337:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, " [%lx]", offset + dm->vaddr);
data/crash-7.2.8/symbols.c:8341:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%c%ds", '%', len+1);
data/crash-7.2.8/symbols.c:8358:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, " [%lx]", offset + dm->vaddr);
data/crash-7.2.8/symbols.c:8361:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%c%ds", '%', len);
data/crash-7.2.8/symbols.c:8393:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy[BUFSIZE];
data/crash-7.2.8/symbols.c:8394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:8395:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookfor1[BUFSIZE];
data/crash-7.2.8/symbols.c:8396:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookfor2[BUFSIZE];
data/crash-7.2.8/symbols.c:8471:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
retval = atoi(p1);
data/crash-7.2.8/symbols.c:8483:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*two_dim = atoi(p1);
data/crash-7.2.8/symbols.c:8491:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
retval = atoi(p1);
data/crash-7.2.8/symbols.c:8507:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
retval = atoi(p1);
data/crash-7.2.8/symbols.c:8637:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p1;
data/crash-7.2.8/symbols.c:8638:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char revname[BUFSIZE];
data/crash-7.2.8/symbols.c:10834:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/symbols.c:10835:41: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/symbols.c:10881:28: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/symbols.c:10882:48: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/symbols.c:10998:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:11429:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:11461:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:11598:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:11647:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "set complaints 0");
data/crash-7.2.8/symbols.c:11656:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[BUFSIZE];
data/crash-7.2.8/symbols.c:11687:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:11688:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char section_name[BUFSIZE/2];
data/crash-7.2.8/symbols.c:11917:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "set complaints 0");
data/crash-7.2.8/symbols.c:12008:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BUFSIZE];
data/crash-7.2.8/symbols.c:12963:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[BUFSIZE];
data/crash-7.2.8/symbols.c:12986:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[BUFSIZE];
data/crash-7.2.8/symbols.c:13016:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[BUFSIZE];
data/crash-7.2.8/symbols.c:13034:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[BUFSIZE];
data/crash-7.2.8/symbols.c:13054:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:13065:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/dev/tty", O_RDONLY)) >= 0) {
data/crash-7.2.8/symbols.c:13095:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/symbols.c:13096:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:13100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[BUFSIZE];
data/crash-7.2.8/symbols.c:13180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/symbols.c:13245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/symbols.c:13246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *printm_list[MAXARGS];
data/crash-7.2.8/task.c:334:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:335:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "alias last ps -l");
data/crash-7.2.8/task.c:3336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/task.c:3379:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:3380:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookfor1[BUFSIZE];
data/crash-7.2.8/task.c:3381:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookfor2[BUFSIZE];
data/crash-7.2.8/task.c:3382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookfor3[BUFSIZE];
data/crash-7.2.8/task.c:3385:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:3392:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/task.c:3427:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(lookfor3, "},");
data/crash-7.2.8/task.c:3706:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/task.c:3707:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/task.c:3708:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/task.c:3793:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "%.1f", tm->pct_physmem);
data/crash-7.2.8/task.c:3811:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:3905:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:3909:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[3];
data/crash-7.2.8/task.c:3951:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[15];
data/crash-7.2.8/task.c:3952:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:3958:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(format, "[%c%dll%c] ", '%', c,
data/crash-7.2.8/task.c:4017:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%ld %02ld:%02ld:%02ld.%03ld",
data/crash-7.2.8/task.c:4032:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[15];
data/crash-7.2.8/task.c:4033:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:4046:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(format, "[%c%dll%c] ", '%', c,
data/crash-7.2.8/task.c:4285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/task.c:4286:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/task.c:4287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/task.c:4382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/task.c:4462:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/task.c:4622:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:4638:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "ptype struct task_struct");
data/crash-7.2.8/task.c:4644:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:4645:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/task.c:5217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[TASK_COMM_LEN];
data/crash-7.2.8/task.c:5276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:5309:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:5538:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:5725:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "TASK_RUNNING");
data/crash-7.2.8/task.c:5780:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "TASK_PARKED");
data/crash-7.2.8/task.c:5812:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "RU");
data/crash-7.2.8/task.c:5817:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "IN");
data/crash-7.2.8/task.c:5825:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "ID");
data/crash-7.2.8/task.c:5827:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "UN");
data/crash-7.2.8/task.c:5833:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "ZO");
data/crash-7.2.8/task.c:5839:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "ST");
data/crash-7.2.8/task.c:5846:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "TR");
data/crash-7.2.8/task.c:5852:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "SW");
data/crash-7.2.8/task.c:5858:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "DE");
data/crash-7.2.8/task.c:5864:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "PA");
data/crash-7.2.8/task.c:5869:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "WA");
data/crash-7.2.8/task.c:5874:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "NE");
data/crash-7.2.8/task.c:5879:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "EX");
data/crash-7.2.8/task.c:6017:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", processor);
data/crash-7.2.8/task.c:6282:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:6283:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/task.c:6290:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:6291:47: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (!msg_found && fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/task.c:6300:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:6301:54: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (!msg_found && fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/task.c:6310:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:6311:47: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (!msg_found && fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/task.c:6320:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:6321:54: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (!msg_found && fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/task.c:6329:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:6330:47: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (!msg_found && fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/task.c:6337:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:6338:47: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (!msg_found && fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/task.c:6344:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:6345:47: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (!msg_found && fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/task.c:6769:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[TASK_COMM_LEN];
data/crash-7.2.8/task.c:7362:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:7392:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:7394:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/task.c:7540:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:7548:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:7549:33: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/task.c:7674:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:7675:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/task.c:7692:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:8173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digit[2] = { 0, 0 };
data/crash-7.2.8/task.c:8174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[4] = { 0, 0, 0, 0 };
data/crash-7.2.8/task.c:8554:33: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) { \
data/crash-7.2.8/task.c:8609:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:8624:21: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:8652:22: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:8679:22: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/task.c:8746:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg_buf[BUFSIZE];
data/crash-7.2.8/task.c:8823:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:8824:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[15];
data/crash-7.2.8/task.c:8876:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(format, "%c0%dll%c", '%', len,
data/crash-7.2.8/task.c:8978:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:9612:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:10132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:10440:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/task.c:10695:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/task.c:10696:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/task.c:10697:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/task.c:10698:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[BUFSIZE];
data/crash-7.2.8/task.c:11163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/tools.c:60:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp_fp = fopen(target, "a");
data/crash-7.2.8/tools.c:94:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/tools.c:151:58: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
(fp != stdout) && (fp != pc->stdpipe) && (fp != pc->tmpfile)) {
data/crash-7.2.8/tools.c:446:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/tools.c:691:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%ld", val);
data/crash-7.2.8/tools.c:697:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "st");
data/crash-7.2.8/tools.c:700:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "nd");
data/crash-7.2.8/tools.c:703:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "rd");
data/crash-7.2.8/tools.c:706:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "th");
data/crash-7.2.8/tools.c:1143:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/tools.c:1356:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/tools.c:1514:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char spacebuf[SPACES+1] = { 0 };
data/crash-7.2.8/tools.c:1699:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%lu", (ulong)opt);
data/crash-7.2.8/tools.c:1702:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%ld", (ulong)opt);
data/crash-7.2.8/tools.c:1705:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%lx", (ulong)opt);
data/crash-7.2.8/tools.c:1709:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%08lx", (ulong)opt);
data/crash-7.2.8/tools.c:1711:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%016lx", (ulong)opt);
data/crash-7.2.8/tools.c:1714:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%u", (uint)((ulong)opt));
data/crash-7.2.8/tools.c:1717:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%x", (uint)((ulong)opt));
data/crash-7.2.8/tools.c:1720:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%llx", *((ulonglong *)opt));
data/crash-7.2.8/tools.c:1829:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/tools.c:2250:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "set output-radix %d",
data/crash-7.2.8/tools.c:2329:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*gdb_print_max = atoi(args[optind]);
data/crash-7.2.8/tools.c:2429:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((pc->namelist = (char *)
data/crash-7.2.8/tools.c:2583:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "invalid command");
data/crash-7.2.8/tools.c:2586:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, ": ");
data/crash-7.2.8/tools.c:2605:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/tools.c:2672:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/tools.c:2754:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[BUFSIZE];
data/crash-7.2.8/tools.c:2861:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[BUFSIZE];
data/crash-7.2.8/tools.c:3186:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/tools.c:3275:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d ", i);
data/crash-7.2.8/tools.c:3289:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d ", i);
data/crash-7.2.8/tools.c:3620:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[BUFSIZE];
data/crash-7.2.8/tools.c:3644:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/tools.c:3700:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/tools.c:4244:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/tools.c:4545:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char child_path[BUFSIZE];
data/crash-7.2.8/tools.c:4560:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[BUFSIZE];
data/crash-7.2.8/tools.c:4648:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path, "direct");
data/crash-7.2.8/tools.c:4651:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path, "root");
data/crash-7.2.8/tools.c:4697:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char child_path[BUFSIZE];
data/crash-7.2.8/tools.c:4712:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[BUFSIZE];
data/crash-7.2.8/tools.c:4770:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path, "direct");
data/crash-7.2.8/tools.c:4773:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(path, "root");
data/crash-7.2.8/tools.c:4929:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pos[BUFSIZE];
data/crash-7.2.8/tools.c:4936:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pos, "root");
data/crash-7.2.8/tools.c:4955:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_pos[BUFSIZE];
data/crash-7.2.8/tools.c:5053:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/tools.c:5640:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_1K[NUMBER_1K_BUFS][1024];
data/crash-7.2.8/tools.c:5641:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_2K[NUMBER_2K_BUFS][2048];
data/crash-7.2.8/tools.c:5642:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_4K[NUMBER_4K_BUFS][4096];
data/crash-7.2.8/tools.c:5643:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_8K[NUMBER_8K_BUFS][8192];
data/crash-7.2.8/tools.c:5644:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_32K[NUMBER_32K_BUFS][32768];
data/crash-7.2.8/tools.c:5661:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *malloc_bp[MAX_MALLOC_BUFS];
data/crash-7.2.8/tools.c:6150:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[BUFSIZE*2];
data/crash-7.2.8/tools.c:6165:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->confd = open(pc->console, O_WRONLY|O_NDELAY)) < 0) {
data/crash-7.2.8/tools.c:6252:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((pc->confd = open(pc->console, O_WRONLY|O_NDELAY)) < 0) {
data/crash-7.2.8/tools.c:6297:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(cannot calculate: unknown HZ value)");
data/crash-7.2.8/tools.c:6313:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%llu days, ", days);
data/crash-7.2.8/tools.c:6314:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], "%02llu:%02llu:%02llu",
data/crash-7.2.8/tools.c:6352:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%.1f GB", total/(double)GIGABYTES(1));
data/crash-7.2.8/tools.c:6354:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%.1f MB", total/(double)MEGABYTES(1));
data/crash-7.2.8/tools.c:6356:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%ld KB", (ulong)(total/(double)KILOBYTES(1)));
data/crash-7.2.8/tools.c:6426:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/tools.c:6433:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
((fd = open("/dev/tty", O_RDONLY)) < 0))
data/crash-7.2.8/tools.c:6648:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, len);
data/crash-7.2.8/unwind.c:135:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char save_order[8];
data/crash-7.2.8/unwind.c:162:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *preg_name[UNW_NUM_REGS];
data/crash-7.2.8/unwind.c:806:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rs, &sr->curr, sizeof(*rs));
data/crash-7.2.8/unwind.c:819:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sr->curr, rs, sizeof(*rs));
data/crash-7.2.8/unwind.c:835:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(copy, rs, sizeof(*copy));
data/crash-7.2.8/unwind.c:958:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char limit[3] = {
data/crash-7.2.8/unwind.c:1702:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/unwind.c:1847:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/unwind.c:2298:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char is_nat[MAX_REGISTER_PARAMS];
data/crash-7.2.8/unwind.c:2300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE], buf2[BUFSIZE], buf3[BUFSIZE], *p1;
data/crash-7.2.8/unwind.c:2333:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, " (");
data/crash-7.2.8/unwind.c:2337:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2, "unknown");
data/crash-7.2.8/unwind.c:2339:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2, "[NAT]");
data/crash-7.2.8/unwind.c:2346:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2, "%lx", arglist[i]);
data/crash-7.2.8/unwind.c:2353:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf1, ")\n");
data/crash-7.2.8/unwind.c:2724:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unwind_info_buf[UNWIND_INFO_BUFSIZE];
data/crash-7.2.8/unwind_x86_32_64.c:804:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(pc->namelist, O_RDONLY)) < 0) {
data/crash-7.2.8/unwind_x86_32_64.c:852:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/va_server.c:119:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((const void *)(buf+offset), (void *)output, num);
data/crash-7.2.8/va_server.c:300:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vas_file_p = fopen(crash_file, "r");
data/crash-7.2.8/va_server_v1.c:106:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((const void *)(buf+offset), (void *)output, num);
data/crash-7.2.8/va_server_v1.c:266:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vas_file_p = fopen(crash_file, "r");
data/crash-7.2.8/vmware_vmss.c:40:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "r")) == NULL) {
data/crash-7.2.8/vmware_vmss.c:86:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "r")) == NULL) {
data/crash-7.2.8/vmware_vmss.c:142:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[TAG_NAMELEN_MASK + 1];
data/crash-7.2.8/vmware_vmss.c:455:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "vmem");
data/crash-7.2.8/vmware_vmss.c:456:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(vmem_filename, "r")) == NULL) {
data/crash-7.2.8/vmware_vmss.c:622:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(vmss.filename, "r")) == NULL) {
data/crash-7.2.8/vmware_vmss.c:676:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[TAG_NAMELEN_MASK + 1];
data/crash-7.2.8/vmware_vmss.h:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_LENGTH];
data/crash-7.2.8/x86.c:287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/x86.c:288:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/x86.c:289:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/x86.c:463:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[sizeof(int)];
data/crash-7.2.8/x86.c:677:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbuf[BUFSIZE];
data/crash-7.2.8/x86.c:771:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argnames[MAXNARG], **argnp = NULL;
data/crash-7.2.8/x86.c:1075:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *sp;
data/crash-7.2.8/x86.c:1288:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86.c:1411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p;
data/crash-7.2.8/x86.c:2077:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/x86.c:2078:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86.c:2290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86.c:2425:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86.c:2590:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86.c:2740:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86.c:2930:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86.c:3054:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86.c:3181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86.c:3328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86.c:3529:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86.c:3782:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86.c:3783:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/x86.c:3784:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/x86.c:3785:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptebuf[BUFSIZE];
data/crash-7.2.8/x86.c:3786:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char physbuf[BUFSIZE];
data/crash-7.2.8/x86.c:3787:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/x86.c:3795:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%llx", pae_pte);
data/crash-7.2.8/x86.c:3801:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%lx", pte);
data/crash-7.2.8/x86.c:3839:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(physbuf, "%llx", paddr);
data/crash-7.2.8/x86.c:3945:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86.c:3966:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locbuf[BUFSIZE];
data/crash-7.2.8/x86.c:3989:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%08lx", addr);
data/crash-7.2.8/x86.c:3993:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, " <");
data/crash-7.2.8/x86.c:4181:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/x86.c:4182:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/x86.c:4185:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAXARGS];
data/crash-7.2.8/x86.c:4355:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86.c:4385:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "CPU %d", c);
data/crash-7.2.8/x86.c:4394:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "CPU %d", c);
data/crash-7.2.8/x86.c:4520:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p1, *p2, *funcname;
data/crash-7.2.8/x86.c:4532:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "x/i 0x%lx", eip);
data/crash-7.2.8/x86.c:4566:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/x86.c:4567:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/x86.c:4568:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/x86.c:4572:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "x/10i 0x%lx", eip);
data/crash-7.2.8/x86.c:5259:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p2m_top, xd->page, PAGESIZE());
data/crash-7.2.8/x86_64.c:334:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
l5_enabled = atoi(string);
data/crash-7.2.8/x86_64.c:669:33: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
machdep->max_physmem_bits = atol(string);
data/crash-7.2.8/x86_64.c:2082:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:2183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:2488:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:2686:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:2687:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/x86_64.c:2688:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[BUFSIZE];
data/crash-7.2.8/x86_64.c:2689:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptebuf[BUFSIZE];
data/crash-7.2.8/x86_64.c:2690:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char physbuf[BUFSIZE];
data/crash-7.2.8/x86_64.c:2691:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/x86_64.c:2702:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptebuf, "%lx", pte);
data/crash-7.2.8/x86_64.c:2728:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(physbuf, "%lx", paddr);
data/crash-7.2.8/x86_64.c:2884:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:2952:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:2953:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/x86_64.c:2963:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "x/4i 0x%lx", locktext);
data/crash-7.2.8/x86_64.c:2965:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "x/1i 0x%lx", locktext);
data/crash-7.2.8/x86_64.c:3081:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/x86_64.c:3082:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/x86_64.c:4306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE], *p1;
data/crash-7.2.8/x86_64.c:4320:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "x/i 0x%lx", rip);
data/crash-7.2.8/x86_64.c:4393:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:5276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:5304:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:5370:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locbuf[BUFSIZE];
data/crash-7.2.8/x86_64.c:5395:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%016lx", addr);
data/crash-7.2.8/x86_64.c:5399:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, " <");
data/crash-7.2.8/x86_64.c:5415:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/x86_64.c:5416:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/x86_64.c:5419:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAXARGS];
data/crash-7.2.8/x86_64.c:5486:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inbuf, " [FTRACE NOP]\n");
data/crash-7.2.8/x86_64.c:5645:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:5680:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "CPU %d", c);
data/crash-7.2.8/x86_64.c:5702:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "CPU %d", c);
data/crash-7.2.8/x86_64.c:5945:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:5946:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/x86_64.c:6274:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/x86_64.c:6275:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search_string1[BUFSIZE];
data/crash-7.2.8/x86_64.c:6276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search_string2[BUFSIZE];
data/crash-7.2.8/x86_64.c:6277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search_string3[BUFSIZE];
data/crash-7.2.8/x86_64.c:6283:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "x/%ldi 0x%lx", max_instructions, start);
data/crash-7.2.8/x86_64.c:6286:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(search_string1,
data/crash-7.2.8/x86_64.c:6288:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(search_string2,
data/crash-7.2.8/x86_64.c:6292:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(search_string3,
data/crash-7.2.8/x86_64.c:6298:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (!gdb_pass_through(buf1, pc->tmpfile, GNU_RETURN_ON_ERROR))
data/crash-7.2.8/x86_64.c:6301:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/x86_64.c:6302:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf1, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/x86_64.c:6357:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:6358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char link_register[BUFSIZE];
data/crash-7.2.8/x86_64.c:6359:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/x86_64.c:6379:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "x/%ldi 0x%lx",
data/crash-7.2.8/x86_64.c:6382:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (!gdb_pass_through(buf, pc->tmpfile, GNU_RETURN_ON_ERROR))
data/crash-7.2.8/x86_64.c:6387:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
rewind(pc->tmpfile);
data/crash-7.2.8/x86_64.c:6388:40: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
while (fgets(buf, BUFSIZE, pc->tmpfile)) {
data/crash-7.2.8/x86_64.c:6741:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:6793:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((iomem = fopen("/proc/iomem", "r")) == NULL)
data/crash-7.2.8/x86_64.c:6996:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:7273:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p2m_top, xd->page, PAGESIZE());
data/crash-7.2.8/x86_64.c:7718:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE];
data/crash-7.2.8/x86_64.c:7719:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/x86_64.c:7812:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[EXCEPTION_STACKSIZE_HYPER];
data/crash-7.2.8/x86_64.c:8059:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:8060:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/x86_64.c:8084:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "disassemble 0x%lx,0x%lx", sp->value, textaddr);
data/crash-7.2.8/x86_64.c:8138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:8325:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/x86_64.c:8326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[BUFSIZE];
data/crash-7.2.8/x86_64.c:8327:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/x86_64.c:8442:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "x/%ldi 0x%lx",
data/crash-7.2.8/x86_64.c:8829:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resource[BUFSIZE];
data/crash-7.2.8/xen_hyper.c:461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt_name_buf[XEN_HYPER_OPT_SCHED_SIZE];
data/crash-7.2.8/xen_hyper.c:816:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xhdit->crash_note_xen_info_ptr,
data/crash-7.2.8/xen_hyper.c:2088:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_command.c:222:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_command.c:223:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_command.c:261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_command.c:262:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_command.c:313:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf1[strlen(buf1)], " %3d ", dc->vcpu_cnt);
data/crash-7.2.8/xen_hyper_command.c:418:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_command.c:432:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, " PCID ");
data/crash-7.2.8/xen_hyper_command.c:459:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_command.c:471:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%5d ", dic->pcpu_id);
data/crash-7.2.8/xen_hyper_command.c:477:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], " %5d ", pid);
data/crash-7.2.8/xen_hyper_command.c:479:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], "%5d ", pid);
data/crash-7.2.8/xen_hyper_command.c:481:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], "%5d ", pid);
data/crash-7.2.8/xen_hyper_command.c:483:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], "%5d", pid);
data/crash-7.2.8/xen_hyper_command.c:506:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, " ");
data/crash-7.2.8/xen_hyper_command.c:518:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, " pr_utime ");
data/crash-7.2.8/xen_hyper_command.c:521:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, " pr_stime ");
data/crash-7.2.8/xen_hyper_command.c:524:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, " pr_cutime ");
data/crash-7.2.8/xen_hyper_command.c:527:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, " pr_cstime ");
data/crash-7.2.8/xen_hyper_command.c:732:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_command.c:746:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, " PCID ");
data/crash-7.2.8/xen_hyper_command.c:865:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_command.c:876:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, " CPU ");
data/crash-7.2.8/xen_hyper_command.c:891:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%5d ", schc->cpu_id);
data/crash-7.2.8/xen_hyper_command.c:958:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_command.c:959:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_command.c:1219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_command.c:1220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_command.c:1246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_command.c:1275:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], " ????? ");
data/crash-7.2.8/xen_hyper_command.c:1277:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[strlen(buf)], " %5d ", domid);
data/crash-7.2.8/xen_hyper_command.c:1501:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_defs.h:558:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt_sched[XEN_HYPER_OPT_SCHED_SIZE];
data/crash-7.2.8/xen_hyper_dump_tables.c:200:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_dump_tables.c:251:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_dump_tables.c:326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_dump_tables.c:336:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_dump_tables.c:401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_dump_tables.c:480:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_dump_tables.c:536:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_dump_tables.c:579:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xen_hyper_dump_tables.c:655:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XEN_HYPER_CMD_BUFSIZE];
data/crash-7.2.8/xendump.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/xendump.c:68:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((xd->xfd = open(file, O_RDWR)) < 0) {
data/crash-7.2.8/xendump.c:69:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((xd->xfd = open(file, O_RDONLY)) < 0) {
data/crash-7.2.8/xendump.c:1928:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arglist[MAXARGS];
data/crash-7.2.8/xendump.c:1929:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/xendump.c:1966:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/xendump.c:2153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/xendump.c:2310:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/crash-7.2.8/xendump.c:2477:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BUFSIZE];
data/crash-7.2.8/xendump.c:2579:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BUFSIZE];
data/crash-7.2.8/xendump.h:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[4];
data/crash-7.2.8/alpha.c:703:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) {
data/crash-7.2.8/alpha.c:1091:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pad_line(fp, 21 - strlen(eframe.regs[i]), ' ');
data/crash-7.2.8/alpha.c:2484:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/alpha.c:2484:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/alpha.c:2492:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/alpha.c:2492:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/alpha.c:2493:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/alpha.c:2493:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/alpha.c:2510:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/alpha.c:2510:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/alpha.c:2588:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (CRASHDEBUG(8) && name && strlen(name))
data/crash-7.2.8/alpha.c:2591:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (name && strlen(name) && (value > MIN_SYMBOL_VALUE));
data/crash-7.2.8/arm.c:512:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = arglist[i] + strlen("phys_base=");
data/crash-7.2.8/arm.c:513:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p)) {
data/crash-7.2.8/arm.c:675:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!name || !strlen(name) || !(machdep->flags & KSYMS_START))
data/crash-7.2.8/arm.c:687:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (CRASHDEBUG(8) && name && strlen(name))
data/crash-7.2.8/arm.c:917:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/arm.c:917:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/arm.c:926:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/arm.c:926:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/arm.c:1513:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/crash-7.2.8/arm64.c:487:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!name || !strlen(name))
data/crash-7.2.8/arm64.c:733:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(param);
data/crash-7.2.8/arm64.c:744:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p)) {
data/crash-7.2.8/arm64.c:1962:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/crash-7.2.8/arm64.c:2014:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/crash-7.2.8/arm64.c:3225:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/crash-7.2.8/arm64.c:3309:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/arm64.c:3309:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/arm64.c:3317:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/arm64.c:3317:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/arm64.c:3318:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/arm64.c:3318:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/arm64.c:3334:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/arm64.c:3334:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/arm64.c:3503:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = &inbuf[strlen(inbuf)-1];
data/crash-7.2.8/bpf.c:418:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf1, strlen("USED_MAPS"), CENTER|LJUST, bpf_prog_used_maps(i, buf2)));
data/crash-7.2.8/bpf.c:486:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(symbol)) {
data/crash-7.2.8/bpf.c:589:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf1))
data/crash-7.2.8/bpf.c:646:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max = MAX(max, strlen(arglist[0]));
data/crash-7.2.8/bpf.c:648:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bpf->bpf_prog_type_size = max - strlen("BPF_PROG_TYPE_");
data/crash-7.2.8/bpf.c:669:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max = MAX(max, strlen(arglist[0]));
data/crash-7.2.8/bpf.c:671:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bpf->bpf_map_map_type_size = max - strlen("BPF_PROG_TYPE_");
data/crash-7.2.8/bpf.c:700:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen("BPF_PROG_TYPE_");
data/crash-7.2.8/bpf.c:730:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen("BPF_MAP_TYPE_");
data/crash-7.2.8/bpf.c:760:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&retbuf[strlen(retbuf)], "%s%ld",
data/crash-7.2.8/bpf.c:761:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(retbuf) ? "," : "",
data/crash-7.2.8/bpf.c:777:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%02x", (unsigned char)tag[i]);
data/crash-7.2.8/bpf.c:1117:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buff[strlen(buff)], " (%lx)",
data/crash-7.2.8/cmdline.c:125:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pc->readline) >= BUFSIZE)
data/crash-7.2.8/cmdline.c:135:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pc->command_line) && !iscntrl(pc->command_line[0]))
data/crash-7.2.8/cmdline.c:212:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf1 = GETBUF(strlen(path)+1);
data/crash-7.2.8/cmdline.c:213:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf2 = GETBUF(strlen(path)+1);
data/crash-7.2.8/cmdline.c:328:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(input, "");
data/crash-7.2.8/cmdline.c:395:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((CRASHPAGER_buf = (char *)malloc(strlen(env)+1)) == NULL)
data/crash-7.2.8/cmdline.c:404:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(env))
data/crash-7.2.8/cmdline.c:432:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = GETBUF(strlen(less_argv[0])+1);
data/crash-7.2.8/cmdline.c:436:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = GETBUF(strlen(more_argv[0])+1);
data/crash-7.2.8/cmdline.c:441:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(CRASHPAGER_argv[i])+1;
data/crash-7.2.8/cmdline.c:446:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%s%s",
data/crash-7.2.8/cmdline.c:524:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(p)) {
data/crash-7.2.8/cmdline.c:588:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(p)) {
data/crash-7.2.8/cmdline.c:626:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(pc->command_line) ||
data/crash-7.2.8/cmdline.c:731:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pc->pipe_pid || strlen(pc->pipe_command)) {
data/crash-7.2.8/cmdline.c:907:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(pc->pipe_pid || strlen(pc->pipe_command)) &&
data/crash-7.2.8/cmdline.c:976:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(orig_prompt = (char *)malloc(strlen(pc->program_name)+3)))
data/crash-7.2.8/cmdline.c:1331:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, interp, 2) != 2) {
data/crash-7.2.8/cmdline.c:1429:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(pc->runtime_ifile_cmd))
data/crash-7.2.8/cmdline.c:1594:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(pc->command_line))
data/crash-7.2.8/cmdline.c:1630:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(remainder)+strlen(pc->command_line)) < BUFSIZE)
data/crash-7.2.8/cmdline.c:1630:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(remainder)+strlen(pc->command_line)) < BUFSIZE)
data/crash-7.2.8/cmdline.c:1634:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(pc->command_line) >= (BUFSIZE-1))
data/crash-7.2.8/cmdline.c:1746:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > precision)
data/crash-7.2.8/cmdline.c:1747:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
precision = strlen(buf);
data/crash-7.2.8/cmdline.c:1751:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > precision)
data/crash-7.2.8/cmdline.c:1752:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
precision = strlen(buf);
data/crash-7.2.8/cmdline.c:1786:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pad_line(fp, precision-strlen(buf), ' ');
data/crash-7.2.8/cmdline.c:1834:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(args[2])) {
data/crash-7.2.8/cmdline.c:1855:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(args[i]);
data/crash-7.2.8/cmdline.c:2097:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pc->my_tty, "?");
data/crash-7.2.8/cmdline.c:2106:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(pc->my_tty, strip_line_end(&buf[strlen("/dev/")]));
data/crash-7.2.8/cmdline.c:2125:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arglist[5]) < 9)
data/crash-7.2.8/cmdline.c:2128:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pc->my_tty, arglist[5], 9);
data/crash-7.2.8/cmdline.c:2150:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pc->pipe_command))
data/crash-7.2.8/cmdline.c:2385:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aif->fileptr = GETBUF(strlen(fileptr)+1);
data/crash-7.2.8/cmdline.c:2398:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[c]) > 1) {
data/crash-7.2.8/cmdline.c:2417:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aif->fileptr = GETBUF(strlen(fileptr)+1);
data/crash-7.2.8/cmdline.c:2475:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aif->fileptr = GETBUF(strlen(fileptr)+1);
data/crash-7.2.8/cmdline.c:2504:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new = GETBUF(strlen(aif_args[aif->index]) + strlen(inbuf));
data/crash-7.2.8/cmdline.c:2504:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new = GETBUF(strlen(aif_args[aif->index]) + strlen(inbuf));
data/crash-7.2.8/cmdline.c:2546:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
save_args[i+1] = save_args[i] + strlen(save_args[i]) + 2;
data/crash-7.2.8/cmdline.c:2551:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(buf) == 0) || (buf[0] == '#'))
data/crash-7.2.8/configure.c:328:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&sp->GDB[strlen("GDB=")]);
data/crash-7.2.8/configure.c:532:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(buf, "PROGRAM=", strlen("PROGRAM=")) == 0) {
data/crash-7.2.8/configure.c:537:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(target_data.program, "D");
data/crash-7.2.8/configure.c:554:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) {
data/crash-7.2.8/configure.c:565:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(target_data.release))
data/crash-7.2.8/configure.c:579:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("#define BASELEVEL_REVISION")) == 0) {
data/crash-7.2.8/configure.c:582:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen(p)-1] = '\0';
data/crash-7.2.8/configure.c:639:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(target_data.program)) {
data/crash-7.2.8/configure.c:640:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (strlen("TARGET")-strlen(target_data.program));
data/crash-7.2.8/configure.c:640:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (strlen("TARGET")-strlen(target_data.program));
data/crash-7.2.8/configure.c:644:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(target_data.release))
data/crash-7.2.8/configure.c:650:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(target_data.gdb_version))
data/crash-7.2.8/configure.c:759:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(buf, "TARGET=", strlen("TARGET=")) == 0)
data/crash-7.2.8/configure.c:762:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("TARGET_CFLAGS=")) == 0)
data/crash-7.2.8/configure.c:766:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("GDB_CONF_FLAGS=")) == 0)
data/crash-7.2.8/configure.c:768:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "GDB_FILES=",strlen("GDB_FILES=")) == 0)
data/crash-7.2.8/configure.c:770:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "GDB_OFILES=",strlen("GDB_OFILES=")) == 0)
data/crash-7.2.8/configure.c:772:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "GDB_PATCH_FILES=",strlen("GDB_PATCH_FILES=")) == 0)
data/crash-7.2.8/configure.c:774:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "GDB_FLAGS=",strlen("GDB_FLAGS=")) == 0)
data/crash-7.2.8/configure.c:776:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "GPL_FILES=", strlen("GPL_FILES=")) == 0)
data/crash-7.2.8/configure.c:779:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "GDB=", strlen("GDB=")) == 0) {
data/crash-7.2.8/configure.c:782:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp(buf, "LDFLAGS=", strlen("LDFLAGS=")) == 0) {
data/crash-7.2.8/configure.c:791:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
make_build_data(&target[strlen("TARGET=")]);
data/crash-7.2.8/configure.c:810:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&gdb_version[strlen("gdb-")]);
data/crash-7.2.8/configure.c:816:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(buf, gdb_files, strlen(gdb_files)) == 0)
data/crash-7.2.8/configure.c:818:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(buf, "GDB_FILES=", strlen("GDB_FILES=")) == 0)
data/crash-7.2.8/configure.c:820:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "VERSION=", strlen("VERSION=")) == 0)
data/crash-7.2.8/configure.c:823:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "GDB_PATCH_FILES=", strlen("GDB_PATCH_FILES=")) == 0)
data/crash-7.2.8/configure.c:825:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "GPL_FILES=", strlen("GPL_FILES=")) == 0)
data/crash-7.2.8/configure.c:866:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(++p))
data/crash-7.2.8/configure.c:918:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(buf, "GDB=", strlen("GDB=")) == 0)
data/crash-7.2.8/configure.c:937:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(buf, "TARGET=", strlen("TARGET=")) == 0)
data/crash-7.2.8/configure.c:940:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("TARGET_CFLAGS=")) == 0)
data/crash-7.2.8/configure.c:943:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("GDB_CONF_FLAGS=")) == 0)
data/crash-7.2.8/configure.c:945:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "GDB_FILES=",strlen("GDB_FILES=")) == 0)
data/crash-7.2.8/configure.c:947:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "GDB_OFILES=",strlen("GDB_OFILES=")) == 0)
data/crash-7.2.8/configure.c:949:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "GDB_PATCH_FILES=",strlen("GDB_PATCH_FILES=")) == 0)
data/crash-7.2.8/configure.c:951:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "GDB_FLAGS=",strlen("GDB_FLAGS=")) == 0)
data/crash-7.2.8/configure.c:953:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "GDB=", strlen("GDB=")) == 0)
data/crash-7.2.8/configure.c:955:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "VERSION=", strlen("VERSION=")) == 0)
data/crash-7.2.8/configure.c:957:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "GPL_FILES=", strlen("GPL_FILES=")) == 0)
data/crash-7.2.8/configure.c:959:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "LDFLAGS=", strlen("LDFLAGS=")) == 0)
data/crash-7.2.8/configure.c:962:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("WARNING_ERROR=")) == 0) {
data/crash-7.2.8/configure.c:967:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("WARNING_OPTIONS=")) == 0) {
data/crash-7.2.8/configure.c:988:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("#WARNING_ERROR=")) == 0) {
data/crash-7.2.8/configure.c:1001:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("WARNING_ERROR=")) == 0) {
data/crash-7.2.8/configure.c:1015:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("#WARNING_OPTIONS=")) == 0) {
data/crash-7.2.8/configure.c:1028:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("WARNING_OPTIONS=")) == 0) {
data/crash-7.2.8/configure.c:1090:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define LASTCHAR(s) (s[strlen(s)-1])
data/crash-7.2.8/configure.c:1097:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line == NULL || strlen(line) == 0)
data/crash-7.2.8/configure.c:1158:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
origlen = strlen(s);
data/crash-7.2.8/configure.c:1173:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
origlen = strlen(s);
data/crash-7.2.8/configure.c:1189:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line == NULL || strlen(line) == 0)
data/crash-7.2.8/configure.c:1206:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line == NULL || strlen(line) == 0)
data/crash-7.2.8/configure.c:1209:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = &line[strlen(line)-1];
data/crash-7.2.8/configure.c:1290:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(hostname))
data/crash-7.2.8/configure.c:1527:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&sp->GDB[strlen("GDB=")]);
data/crash-7.2.8/configure.c:1531:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_exists(&sp->GDB[strlen("GDB=")])) {
data/crash-7.2.8/configure.c:1554:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(buf, "X86_64", strlen("X86_64")) == 0)
data/crash-7.2.8/configure.c:1556:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "X86", strlen("X86")) == 0)
data/crash-7.2.8/configure.c:1558:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "ALPHA", strlen("ALPHA")) == 0)
data/crash-7.2.8/configure.c:1560:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "PPC64", strlen("PPC64")) == 0)
data/crash-7.2.8/configure.c:1562:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "PPC", strlen("PPC")) == 0)
data/crash-7.2.8/configure.c:1564:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "IA64", strlen("IA64")) == 0)
data/crash-7.2.8/configure.c:1566:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "S390X", strlen("S390X")) == 0)
data/crash-7.2.8/configure.c:1568:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "S390", strlen("S390")) == 0)
data/crash-7.2.8/configure.c:1570:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "ARM64", strlen("ARM64")) == 0)
data/crash-7.2.8/configure.c:1572:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "ARM", strlen("ARM")) == 0)
data/crash-7.2.8/configure.c:1574:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "MIPS", strlen("MIPS")) == 0)
data/crash-7.2.8/configure.c:1576:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(buf, "SPARC64", strlen("SPARC64")) == 0)
data/crash-7.2.8/configure.c:1605:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(name, "X86_64", strlen("X86_64")) == 0)
data/crash-7.2.8/configure.c:1607:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "x86_64", strlen("x86_64")) == 0)
data/crash-7.2.8/configure.c:1609:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "X86", strlen("X86")) == 0)
data/crash-7.2.8/configure.c:1611:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "x86", strlen("x86")) == 0)
data/crash-7.2.8/configure.c:1613:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "ALPHA", strlen("ALPHA")) == 0)
data/crash-7.2.8/configure.c:1615:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "alpha", strlen("alpha")) == 0)
data/crash-7.2.8/configure.c:1617:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "PPC64", strlen("PPC64")) == 0)
data/crash-7.2.8/configure.c:1619:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "ppc64", strlen("ppc64")) == 0)
data/crash-7.2.8/configure.c:1621:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "ppc64le", strlen("ppc64le")) == 0)
data/crash-7.2.8/configure.c:1623:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "PPC64LE", strlen("PPC64LE")) == 0)
data/crash-7.2.8/configure.c:1625:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "PPC", strlen("PPC")) == 0)
data/crash-7.2.8/configure.c:1627:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "ppc", strlen("ppc")) == 0)
data/crash-7.2.8/configure.c:1629:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "IA64", strlen("IA64")) == 0)
data/crash-7.2.8/configure.c:1631:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "ia64", strlen("ia64")) == 0)
data/crash-7.2.8/configure.c:1633:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "S390X", strlen("S390X")) == 0)
data/crash-7.2.8/configure.c:1635:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "s390x", strlen("s390x")) == 0)
data/crash-7.2.8/configure.c:1637:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "S390", strlen("S390")) == 0)
data/crash-7.2.8/configure.c:1639:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "s390", strlen("s390")) == 0)
data/crash-7.2.8/configure.c:1641:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "ARM64", strlen("ARM64")) == 0)
data/crash-7.2.8/configure.c:1643:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "arm64", strlen("arm64")) == 0)
data/crash-7.2.8/configure.c:1645:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "aarch64", strlen("aarch64")) == 0)
data/crash-7.2.8/configure.c:1647:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "ARM", strlen("ARM")) == 0)
data/crash-7.2.8/configure.c:1649:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "arm", strlen("arm")) == 0)
data/crash-7.2.8/configure.c:1651:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "mips", strlen("mips")) == 0)
data/crash-7.2.8/configure.c:1653:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "MIPS", strlen("MIPS")) == 0)
data/crash-7.2.8/configure.c:1655:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(name, "sparc64", strlen("sparc64")) == 0)
data/crash-7.2.8/configure.c:1687:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(inbuf)) {
data/crash-7.2.8/configure.c:1688:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/crash-7.2.8/configure.c:1689:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, " ");
data/crash-7.2.8/configure.c:1696:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/crash-7.2.8/defs.h:170:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strncmp((char *)(A), (char *)(B), strlen((char *)(B))) == 0))
data/crash-7.2.8/defs.h:175:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define LASTCHAR(s) (s[strlen(s)-1])
data/crash-7.2.8/defs.h:2649:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((name[0] ^ (name[strlen(name)-1] * name[strlen(name)/2])) % SYMNAME_HASH)
data/crash-7.2.8/defs.h:2649:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((name[0] ^ (name[strlen(name)-1] * name[strlen(name)/2])) % SYMNAME_HASH)
data/crash-7.2.8/dev.c:259:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("OPERATIONS") < VADDR_PRLEN ? " " : " ",
data/crash-7.2.8/dev.c:263:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/crash-7.2.8/dev.c:335:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("OPERATIONS") < VADDR_PRLEN ? " " : " ",
data/crash-7.2.8/dev.c:339:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf2))
data/crash-7.2.8/dev.c:407:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("OPERATIONS") < VADDR_PRLEN ?
data/crash-7.2.8/dev.c:411:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf2))
data/crash-7.2.8/dev.c:532:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("OPERATIONS") < VADDR_PRLEN ? " " : " ",
data/crash-7.2.8/dev.c:537:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/crash-7.2.8/dev.c:615:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, gendisk_buf + OFFSET(gendisk_disk_name), 32);
data/crash-7.2.8/dev.c:650:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, blk_major_name_buf +
data/crash-7.2.8/dev.c:661:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(fp, "%-12s ", strlen(buf) ? buf : "(unknown)");
data/crash-7.2.8/dev.c:664:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("OPERATIONS") < VADDR_PRLEN ? " " : " ",
data/crash-7.2.8/dev.c:668:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/crash-7.2.8/dev.c:680:18: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, blk_major_name_buf +
data/crash-7.2.8/dev.c:691:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(fp, "%-12s ", strlen(buf) ? buf : "(unknown)");
data/crash-7.2.8/dev.c:694:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("OPERATIONS") < VADDR_PRLEN ?
data/crash-7.2.8/dev.c:698:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/crash-7.2.8/dev.c:745:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, blk_major_name_buf +
data/crash-7.2.8/dev.c:758:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf) ? buf : "(unknown)");
data/crash-7.2.8/dev.c:765:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(fp, "%-13s ", strlen(buf) ? buf : "(unknown)");
data/crash-7.2.8/dev.c:767:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("OPERATIONS") < VADDR_PRLEN ? " " : " ",
data/crash-7.2.8/dev.c:771:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/crash-7.2.8/dev.c:911:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (wrap + strlen(buf1) <= 80)
data/crash-7.2.8/dev.c:914:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wrap + strlen(buf1) - 80;
data/crash-7.2.8/dev.c:915:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (c = 0, p1 = &buf1[strlen(buf1)-1];
data/crash-7.2.8/dev.c:1004:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (wrap + strlen(buf1) <= 80)
data/crash-7.2.8/dev.c:1007:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wrap + strlen(buf1) - 80;
data/crash-7.2.8/dev.c:1008:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (c = 0, p1 = &buf1[strlen(buf1)-1];
data/crash-7.2.8/dev.c:2433:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, strlen("0000:00:00.0"), CENTER, "DO:BU:SL.FN"),
data/crash-7.2.8/dev.c:2434:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf3, strlen("0000") + 2, CENTER, "CLASS"),
data/crash-7.2.8/dev.c:2435:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf4, strlen("0000:0000"), CENTER, "PCI_ID"),
data/crash-7.2.8/dev.c:2440:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, strlen("0000:00:00.0"), CENTER, "DO:BU:SL.FN"),
data/crash-7.2.8/dev.c:2441:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf3, strlen("0000") + 2, CENTER, "CLASS"),
data/crash-7.2.8/dev.c:2442:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf4, strlen("0000:0000"), CENTER, "PCI_ID"));
data/crash-7.2.8/dev.c:2456:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, strlen("0000:00:00.0"), CENTER, name),
data/crash-7.2.8/dev.c:2457:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf3, strlen("0000") + 2, CENTER, class),
data/crash-7.2.8/dev.c:2458:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf4, strlen("0000:0000"), CENTER, id),
data/crash-7.2.8/dev.c:2480:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, strlen("0000:00:00.0"), CENTER, name),
data/crash-7.2.8/dev.c:2481:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf3, strlen("0000") + 2, CENTER, class),
data/crash-7.2.8/dev.c:2482:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf4, strlen("0000:0000"), CENTER, id),
data/crash-7.2.8/dev.c:2568:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, strlen("0000:00"), CENTER, "BUSNAME"));
data/crash-7.2.8/dev.c:2576:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, strlen("0000:00"), CENTER, name));
data/crash-7.2.8/dev.c:3980:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(name, *p, strlen(*p)) == 0)
data/crash-7.2.8/dev.c:3989:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read;
data/crash-7.2.8/dev.c:4250:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mq_count[0] += tmp.read;
data/crash-7.2.8/dev.c:4472:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(char *)(unsigned long)io.read),
data/crash-7.2.8/diskdump.c:548:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(dd->dfd, header, block_size) < block_size) {
data/crash-7.2.8/diskdump.c:645:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(dd->dfd, sub_header, block_size) < block_size) {
data/crash-7.2.8/diskdump.c:672:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(dd->dfd, sub_header_kdump, block_size) < block_size) {
data/crash-7.2.8/diskdump.c:728:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = read(dd->dfd, bufptr, len);
data/crash-7.2.8/diskdump.c:818:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(dd->dfd, dd->notes_buf, size) < size) {
data/crash-7.2.8/diskdump.c:1134:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(dd->dfd, &pd, sizeof(pd)) != sizeof(pd))
data/crash-7.2.8/diskdump.c:1163:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(dd->dfd, dd->compressed_page, pd.size) != pd.size)
data/crash-7.2.8/diskdump.c:1607:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(dd->dfd, buf, size_vmcoreinfo) < size_vmcoreinfo) {
data/crash-7.2.8/diskdump.c:1651:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(dd->dfd, buf, size_eraseinfo) < size_eraseinfo) {
data/crash-7.2.8/diskdump.c:2231:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(dd->dfd, buf, size_vmcoreinfo) < size_vmcoreinfo) {
data/crash-7.2.8/diskdump.c:2240:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = p1 + strlen(keybuf);
data/crash-7.2.8/diskdump.c:2244:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value_string, p2, value_length);
data/crash-7.2.8/diskdump.c:2574:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(fp, "%s ", mkstring(buf, strlen("INDEX"), LJUST, "INDEX"));
data/crash-7.2.8/diskdump.c:2580:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(fp, "%s ", mkstring(buf, strlen("INDEX"), CENTER | INT_DEC, MKSTR(i)));
data/crash-7.2.8/extensions.c:164:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ext->filename) > longest)
data/crash-7.2.8/extensions.c:165:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
longest = strlen(ext->filename);
data/crash-7.2.8/extensions.c:170:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
longest = MAX(longest, strlen("SHARED OBJECT"));
data/crash-7.2.8/extensions.c:199:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
env_len = strlen(env)+1;
data/crash-7.2.8/extensions.c:203:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = sizeof(struct extension_table) + strlen(lib) +
data/crash-7.2.8/extensions.c:204:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAX(env_len, strlen("/usr/lib64/crash/extensions/")) + 1;
data/crash-7.2.8/extensions/snap.c:396:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
note->n_namesz = strlen(name);
data/crash-7.2.8/extensions/trace.c:75:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
static int koffset(buffer_page, read);
data/crash-7.2.8/extensions/trace.c:235:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
init_offset(buffer_page, read);
data/crash-7.2.8/extensions/trace.c:288:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
print_offset(buffer_page, read);
data/crash-7.2.8/extensions/trace.c:1625:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(sp->name, "_MODULE_", strlen("_MODULE_")))
data/crash-7.2.8/extensions/trace.c:1979:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(TRACE_CMD_FILE_VERSION_STRING) + 1))
data/crash-7.2.8/extensions/trace.c:2183:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(event_types[i]->system) + 1))
data/crash-7.2.8/extensions/trace.c:2209:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(sp->name, "_MODULE_", strlen("_MODULE_")))
data/crash-7.2.8/extensions/trace.c:2393:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t name_size = strlen(name) + 1; /* Name length + '\0' */
data/crash-7.2.8/filesys.c:276:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(kt->proc_version))
data/crash-7.2.8/filesys.c:289:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(pc->namelist) > 39 ? "\n " : " ");
data/crash-7.2.8/filesys.c:300:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = &kt->proc_version[strlen("Linux version ")];
data/crash-7.2.8/filesys.c:391:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc(strlen(dirbuf)+2)) == NULL) {
data/crash-7.2.8/filesys.c:417:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc(strlen(dirbuf)+2)) == NULL) {
data/crash-7.2.8/filesys.c:429:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc(strlen(dirbuf)+2)) == NULL) {
data/crash-7.2.8/filesys.c:441:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc(strlen(dirbuf)+2)) == NULL) {
data/crash-7.2.8/filesys.c:453:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc(strlen(dirbuf)+2)) == NULL) {
data/crash-7.2.8/filesys.c:494:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = &kt->proc_version[strlen("Linux version ")];
data/crash-7.2.8/filesys.c:495:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = &buf[strlen(buf)];
data/crash-7.2.8/filesys.c:515:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = &kt->proc_version[strlen("Linux version ")];
data/crash-7.2.8/filesys.c:516:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = &buf[strlen(buf)];
data/crash-7.2.8/filesys.c:536:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = &kt->proc_version[strlen("Linux version ")];
data/crash-7.2.8/filesys.c:537:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = &buf[strlen(buf)];
data/crash-7.2.8/filesys.c:544:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = &kt->proc_version[strlen("Linux version ")];
data/crash-7.2.8/filesys.c:545:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = &buf[strlen(buf)];
data/crash-7.2.8/filesys.c:565:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = &kt->proc_version[strlen("Linux version ")];
data/crash-7.2.8/filesys.c:566:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = &buf[strlen(buf)];
data/crash-7.2.8/filesys.c:654:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(kernel)+1)) == NULL)
data/crash-7.2.8/filesys.c:727:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc(strlen(arglist[1])*2))) {
data/crash-7.2.8/filesys.c:772:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(kt->proc_version)) /* been here, done that... */
data/crash-7.2.8/filesys.c:865:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(system_map)+1)) == NULL)
data/crash-7.2.8/filesys.c:904:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(new_utsname.release) > 4) &&
data/crash-7.2.8/filesys.c:905:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(new_utsname.version) > 27)) {
data/crash-7.2.8/filesys.c:949:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &tmp, sizeof(tmp)) != sizeof(tmp)) {
data/crash-7.2.8/filesys.c:976:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((cnt = read(fd, buf, MIN_PAGE_SIZE)) > 0) {
data/crash-7.2.8/filesys.c:993:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!file || !strlen(file))
data/crash-7.2.8/filesys.c:1048:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
retbuf = GETBUF(strlen(buf)+1);
data/crash-7.2.8/filesys.c:1054:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
retbuf = GETBUF(strlen(buf)+1);
data/crash-7.2.8/filesys.c:1415:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
devlen = strlen("DEVNAME")+2;
data/crash-7.2.8/filesys.c:1417:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(mount_hdr)) {
data/crash-7.2.8/filesys.c:1422:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf3, strlen("rootfs"), LJUST, "TYPE"),
data/crash-7.2.8/filesys.c:1516:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ((strlen(buf1) > 17) && (buf1[strlen(buf1)-2] == ' '))
data/crash-7.2.8/filesys.c:1516:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ((strlen(buf1) > 17) && (buf1[strlen(buf1)-2] == ' '))
data/crash-7.2.8/filesys.c:2209:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, strlen("NRPAGES"),
data/crash-7.2.8/filesys.c:2432:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, MAX(VADDR_PRLEN, strlen("I_MAPPING")),
data/crash-7.2.8/filesys.c:2771:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(nlm_files_header)) {
data/crash-7.2.8/filesys.c:2999:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, MAX(VADDR_PRLEN, strlen("I_MAPPING")),
data/crash-7.2.8/filesys.c:3003:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf3, strlen("NRPAGES"),
data/crash-7.2.8/filesys.c:3120:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmpname, pathname, BUFSIZE-1);
data/crash-7.2.8/filesys.c:3121:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tmpname) + d_name_len < BUFSIZE) {
data/crash-7.2.8/filesys.c:3132:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pathname, buf, BUFSIZE);
data/crash-7.2.8/filesys.c:3203:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dentry_buf + OFFSET(dentry_d_iname)) == d_name_len)
data/crash-7.2.8/filesys.c:3416:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(spec_string);
data/crash-7.2.8/filesys.c:3516:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = strstr(buf, "PID: ") + strlen("PID: ");
data/crash-7.2.8/filesys.c:3523:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = strstr(buf, "TASK: ") + strlen("TASK: ");
data/crash-7.2.8/filesys.c:3533:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = strstr(buf, "COMMAND: ") + strlen("COMMAND: ");
data/crash-7.2.8/filesys.c:3534:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(command, p, 16);
data/crash-7.2.8/filesys.c:3535:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(command) - 1;
data/crash-7.2.8/filesys.c:4362:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(vfsmount_devname(vfsmnt, buf1, BUFSIZE)))
data/crash-7.2.8/filesys.c:4378:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(vfsmount_devname(mnt_parent, buf2, BUFSIZE)))
data/crash-7.2.8/gdb_interface.c:667:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req->buf = GETBUF(strlen(args[0])+1);
data/crash-7.2.8/gdb_interface.c:736:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newline = space(strlen(pc->program_name)+2);
data/crash-7.2.8/gdb_interface.c:750:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space(strlen(pc->curcmd)+2), kt->flags2 & KASLR ? " by KASLR" : "");
data/crash-7.2.8/gdb_interface.c:764:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = p1 + strlen(args[argcnt-1]);
data/crash-7.2.8/gdb_interface.c:959:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(buf2, "\n");
data/crash-7.2.8/ia64.c:333:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = arglist[i] + strlen("phys_start=");
data/crash-7.2.8/ia64.c:334:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p)) {
data/crash-7.2.8/ia64.c:346:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = arglist[i] + strlen("init_stack_size=");
data/crash-7.2.8/ia64.c:347:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p)) {
data/crash-7.2.8/ia64.c:361:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = arglist[i] + strlen("vm=");
data/crash-7.2.8/ia64.c:362:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p)) {
data/crash-7.2.8/ia64.c:731:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!name || !strlen(name))
data/crash-7.2.8/ia64.c:1265:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/ia64.c:1265:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/ia64.c:1273:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/ia64.c:1273:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/ia64.c:1274:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/ia64.c:1274:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/ia64.c:1291:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/ia64.c:1291:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/ia64.c:3418:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = &buf1[strlen(buf1)];
data/crash-7.2.8/ia64.c:3428:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf1) >= 80)
data/crash-7.2.8/ia64.c:3516:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) {
data/crash-7.2.8/kaslr_helper.c:139:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen("elfcorehdr=");
data/crash-7.2.8/kaslr_helper.c:309:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*phys_base = strtoull(pos + strlen("NUMBER(phys_base)="), NULL, 0);
data/crash-7.2.8/kaslr_helper.c:315:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*kaslr_offset = strtoull(pos + strlen("KERNELOFFSET="), NULL, 16);
data/crash-7.2.8/kernel.c:262:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, kt->utsname.release, 65);
data/crash-7.2.8/kernel.c:956:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space(strlen("possible")-strlen(mapinfo[m].name)),
data/crash-7.2.8/kernel.c:956:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space(strlen("possible")-strlen(mapinfo[m].name)),
data/crash-7.2.8/kernel.c:1059:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(kt->proc_version);
data/crash-7.2.8/kernel.c:1098:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 += strlen("gcc version ");
data/crash-7.2.8/kernel.c:1157:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space(strlen(pc->program_name)+2),
data/crash-7.2.8/kernel.c:1304:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(kt->utsname.version))
data/crash-7.2.8/kernel.c:1338:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 += strlen("(gcc version ");
data/crash-7.2.8/kernel.c:1350:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 += strlen("(gcc version ");
data/crash-7.2.8/kernel.c:1412:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buffer5) > 48 ? "\n " : "", buffer5);
data/crash-7.2.8/kernel.c:3823:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(module_name) < MAX_MOD_NAME)
data/crash-7.2.8/kernel.c:3826:28: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, module_name,
data/crash-7.2.8/kernel.c:3968:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(optarg) == VADDR_PRLEN)) {
data/crash-7.2.8/kernel.c:4006:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(optarg) == VADDR_PRLEN)) {
data/crash-7.2.8/kernel.c:4127:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
treebuf = GETBUF(strlen(module) + strlen("/usr/lib/debug") +
data/crash-7.2.8/kernel.c:4127:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
treebuf = GETBUF(strlen(module) + strlen("/usr/lib/debug") +
data/crash-7.2.8/kernel.c:4128:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(".debug") + 1);
data/crash-7.2.8/kernel.c:4131:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
shift_string_right(p1, strlen("/usr/lib/debug"));
data/crash-7.2.8/kernel.c:4132:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BCOPY("/usr/lib/debug", p1, strlen("/usr/lib/debug"));
data/crash-7.2.8/kernel.c:4185:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxnamelen = strlen(lm->mod_name) > maxnamelen ?
data/crash-7.2.8/kernel.c:4186:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(lm->mod_name) : maxnamelen;
data/crash-7.2.8/kernel.c:4303:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxnamelen = strlen(lm->mod_name) > maxnamelen ?
data/crash-7.2.8/kernel.c:4304:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(lm->mod_name) : maxnamelen;
data/crash-7.2.8/kernel.c:4422:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxnamelen = strlen(lm->mod_name) > maxnamelen ?
data/crash-7.2.8/kernel.c:4423:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(lm->mod_name) : maxnamelen;
data/crash-7.2.8/kernel.c:4426:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxsizelen = strlen(buf1) > maxsizelen ?
data/crash-7.2.8/kernel.c:4427:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf1) : maxsizelen;
data/crash-7.2.8/kernel.c:4450:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(lm->mod_namelist))
data/crash-7.2.8/kernel.c:4536:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(lm->mod_namelist)) {
data/crash-7.2.8/kernel.c:4621:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
retbuf = GETBUF(strlen(file)+1);
data/crash-7.2.8/kernel.c:4653:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 += strlen(file);
data/crash-7.2.8/kernel.c:4655:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, p1, p2-p1);
data/crash-7.2.8/kernel.c:4663:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
retbuf = GETBUF(strlen(buf)+1);
data/crash-7.2.8/kernel.c:4692:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(lm->mod_namelist)) {
data/crash-7.2.8/kernel.c:4838:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmpref, modref, BUFSIZE-1);
data/crash-7.2.8/kernel.c:5158:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ilen = strlen(buf);
data/crash-7.2.8/kernel.c:5164:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ilen += strlen(buf);
data/crash-7.2.8/kernel.c:5601:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc(strlen(arglist[2])+3)))
data/crash-7.2.8/kernel.c:5759:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value_to_symstr(*sct, buf1, 0)))
data/crash-7.2.8/kernel.c:5791:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = buf1 + strlen(buf2);
data/crash-7.2.8/kernel.c:5793:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf1) ? ".." : "", p);
data/crash-7.2.8/kernel.c:7010:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, MAX(VADDR_PRLEN, strlen("IRQ_DESC/_DATA")),
data/crash-7.2.8/kernel.c:7013:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAX(VADDR_PRLEN, strlen("IRQ_DESC/_DATA")),
data/crash-7.2.8/kernel.c:7019:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf1, MAX(VADDR_PRLEN, strlen("IRQACTION")),
data/crash-7.2.8/kernel.c:7021:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, MAX(VADDR_PRLEN, strlen("IRQACTION")),
data/crash-7.2.8/kernel.c:7037:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("IRQ_DESC/_DATA")) + 2));
data/crash-7.2.8/kernel.c:7100:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name_buf) != 0)
data/crash-7.2.8/kernel.c:7101:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name_buf, ",");
data/crash-7.2.8/kernel.c:7240:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name_buf) != 0)
data/crash-7.2.8/kernel.c:7241:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name_buf, ",");
data/crash-7.2.8/kernel.c:7777:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/crash-7.2.8/kernel.c:7787:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/crash-7.2.8/kernel.c:8035:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(strlen(buf), strlen("JIFFIES"));
data/crash-7.2.8/kernel.c:8035:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(strlen(buf), strlen("JIFFIES"));
data/crash-7.2.8/kernel.c:8041:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = MAX(strlen(buf4) + 1, strlen("TTE"));
data/crash-7.2.8/kernel.c:8041:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = MAX(strlen(buf4) + 1, strlen("TTE"));
data/crash-7.2.8/kernel.c:8164:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(strlen(buf1), strlen("JIFFIES"));
data/crash-7.2.8/kernel.c:8164:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(strlen(buf1), strlen("JIFFIES"));
data/crash-7.2.8/kernel.c:8171:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = MAX(strlen(buf4) + 1, strlen("TTE"));
data/crash-7.2.8/kernel.c:8171:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = MAX(strlen(buf4) + 1, strlen("TTE"));
data/crash-7.2.8/kernel.c:8187:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAX(VADDR_PRLEN, strlen("TIMER_LIST")),
data/crash-7.2.8/kernel.c:8327:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(strlen(buf1), strlen("JIFFIES"));
data/crash-7.2.8/kernel.c:8327:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(strlen(buf1), strlen("JIFFIES"));
data/crash-7.2.8/kernel.c:8334:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = MAX(strlen(buf4) + 1, strlen("TTE"));
data/crash-7.2.8/kernel.c:8334:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = MAX(strlen(buf4) + 1, strlen("TTE"));
data/crash-7.2.8/kernel.c:8350:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAX(VADDR_PRLEN, strlen("TIMER_LIST")),
data/crash-7.2.8/kernel.c:8483:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(strlen(buf1), strlen("JIFFIES"));
data/crash-7.2.8/kernel.c:8483:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(strlen(buf1), strlen("JIFFIES"));
data/crash-7.2.8/kernel.c:8490:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = MAX(strlen(buf4) + 1, strlen("TTE"));
data/crash-7.2.8/kernel.c:8490:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = MAX(strlen(buf4) + 1, strlen("TTE"));
data/crash-7.2.8/kernel.c:8506:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAX(VADDR_PRLEN, strlen("TIMER_LIST")),
data/crash-7.2.8/kernel.c:9019:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(strlen(buf1), strlen("JIFFIES"));
data/crash-7.2.8/kernel.c:9019:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(strlen(buf1), strlen("JIFFIES"));
data/crash-7.2.8/kernel.c:9091:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = MAX(strlen(buf4) + 1, strlen("TTE"));
data/crash-7.2.8/kernel.c:9091:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = MAX(strlen(buf4) + 1, strlen("TTE"));
data/crash-7.2.8/kernel.c:9967:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, (void*)p2m_buf, p2m_buf_size) != p2m_buf_size)
data/crash-7.2.8/kernel.c:10217:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(name, "CONFIG_", strlen("CONFIG_")))
data/crash-7.2.8/kernel.c:10315:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = strlen(MAGIC_END);
data/crash-7.2.8/kernel.c:11204:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(arglist[0]);
data/crash-7.2.8/kernel.c:11226:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space(maxlen - strlen(arglist[0])), arglist[0], buf2);
data/crash-7.2.8/kernel.c:11421:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = p1 + strlen(keybuf);
data/crash-7.2.8/kernel.c:11425:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value_string, p2, value_length);
data/crash-7.2.8/kvmdump.c:55:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(kvm->vmfd, buf, CHKSUM_SIZE) != CHKSUM_SIZE) {
data/crash-7.2.8/kvmdump.c:69:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(kvm->vmfd, &trailer, sizeof(trailer)) != sizeof(trailer)) {
data/crash-7.2.8/kvmdump.c:321:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(kvm->mapfd, &trailer, sizeof(trailer)) != sizeof(trailer))
data/crash-7.2.8/kvmdump.c:556:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(kvm->vmfd, pgc->bufptr, page_size) != page_size) {
data/crash-7.2.8/kvmdump.c:648:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(kvm->mapfd, entry_ptr, sizeof(off_t)) != sizeof(off_t)) {
data/crash-7.2.8/kvmdump.c:691:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((n = read(kvm->mapfd, buf, 4096)) > 0) {
data/crash-7.2.8/kvmdump.c:758:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((n = read(kvm->mapfd, buf, 4096)) > 0) {
data/crash-7.2.8/kvmdump.c:816:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &trailer, sizeof(trailer)) != sizeof(trailer)) {
data/crash-7.2.8/kvmdump.c:844:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(filename = malloc(strlen(pc->dumpfile) + strlen(".map") + 10)))
data/crash-7.2.8/kvmdump.c:844:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(filename = malloc(strlen(pc->dumpfile) + strlen(".map") + 10)))
data/crash-7.2.8/kvmdump.c:902:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mapfile = GETBUF(strlen(pc->dumpfile)+10);
data/crash-7.2.8/kvmdump.c:994:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(kvm->mapfd, &trailer, sizeof(trailer)) != sizeof(trailer))
data/crash-7.2.8/kvmdump.c:1025:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(kvm->mapfd, &ncpus, sizeof(uint64_t)) != sizeof(uint64_t))
data/crash-7.2.8/kvmdump.c:1029:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(kvm->mapfd, &magic, sizeof(uint64_t)) != sizeof(uint64_t))
data/crash-7.2.8/kvmdump.c:1044:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(kvm->mapfd, &kvm->registers[0], regs_size) != regs_size)
data/crash-7.2.8/lkcd_common.c:144:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(lkcd->panic_string = (char *)malloc(strlen(buf)+1))) {
data/crash-7.2.8/lkcd_common.c:176:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(tmpfd, &magic, sizeof(uint64_t)) != sizeof(uint64_t)) {
data/crash-7.2.8/lkcd_common.c:180:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(tmpfd, &version, sizeof(uint32_t)) != sizeof(uint32_t)) {
data/crash-7.2.8/lkcd_common.c:538:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/lkcd_common.c:1064:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes = read(lkcd->fd, lkcd->compressed_page, lkcd->get_dp_size());
data/crash-7.2.8/lkcd_common.c:1111:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes = read(lkcd->fd, lkcd->page_cache_hdr[i].pg_bufptr,
data/crash-7.2.8/lkcd_common.c:1290:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!fmt || !strlen(fmt))
data/crash-7.2.8/lkcd_common.c:1321:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dp, lkcd->page_header_size) !=
data/crash-7.2.8/lkcd_fix_mem.c:42:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dha, sizeof(dump_header_asm_t)) !=
data/crash-7.2.8/lkcd_v1.c:47:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dh, sizeof(dump_header_t)) !=
data/crash-7.2.8/lkcd_v2_v3.c:51:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dh, sizeof(dump_header_t)) !=
data/crash-7.2.8/lkcd_v2_v3.c:58:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dha, sizeof(dump_header_asm_t)) !=
data/crash-7.2.8/lkcd_v2_v3.c:445:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, page_headers, MCLX_V1_PAGE_HEADER_CACHE) !=
data/crash-7.2.8/lkcd_v2_v3.c:457:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dp, lkcd->page_header_size) !=
data/crash-7.2.8/lkcd_v2_v3.c:465:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dp, lkcd->page_header_size) !=
data/crash-7.2.8/lkcd_v5.c:47:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dh, sizeof(dump_header_t)) !=
data/crash-7.2.8/lkcd_v5.c:385:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, page_headers, MCLX_V1_PAGE_HEADER_CACHE) !=
data/crash-7.2.8/lkcd_v5.c:397:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dp, lkcd->page_header_size) !=
data/crash-7.2.8/lkcd_v5.c:405:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dp, lkcd->page_header_size)
data/crash-7.2.8/lkcd_v7.c:53:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dh, sizeof(dump_header_t)) !=
data/crash-7.2.8/lkcd_v7.c:462:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, page_headers, MCLX_V1_PAGE_HEADER_CACHE) !=
data/crash-7.2.8/lkcd_v7.c:474:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dp, lkcd->page_header_size) !=
data/crash-7.2.8/lkcd_v7.c:482:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dp, lkcd->page_header_size)
data/crash-7.2.8/lkcd_v8.c:109:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret_sz = read(lkcd->fd, (char *)&hdr_size, sizeof(hdr_size));
data/crash-7.2.8/lkcd_v8.c:127:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret_sz = read(lkcd->fd, (char *)hdr_buf, hdr_size);
data/crash-7.2.8/lkcd_v8.c:234:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dh, sizeof(dump_header_t)) !=
data/crash-7.2.8/lkcd_v8.c:238:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, &dh_dump_buffer_size, sizeof(dh_dump_buffer_size)) !=
data/crash-7.2.8/lkcd_v8.c:664:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, page_headers, MCLX_V1_PAGE_HEADER_CACHE) !=
data/crash-7.2.8/lkcd_v8.c:676:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dp, lkcd->page_header_size) !=
data/crash-7.2.8/lkcd_v8.c:684:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(lkcd->fd, dp, lkcd->page_header_size)
data/crash-7.2.8/lkcd_x86_trace.c:2776:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf1) ? buf1 : "", eip);
data/crash-7.2.8/lkcd_x86_trace.c:2783:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf1))
data/crash-7.2.8/lkcd_x86_trace.c:4619:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (name_str, name, 100);
data/crash-7.2.8/lkcd_x86_trace.c:5739:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p || (strlen(op->name) >= 7)) {
data/crash-7.2.8/lkcd_x86_trace.c:5742:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (7 - strlen(op->name)); i++) {
data/crash-7.2.8/lkcd_x86_trace.c:5811:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < (10 - strlen(op_386[i].name)); j++) {
data/crash-7.2.8/lkcd_x86_trace.c:5838:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < (10 - strlen(op_386_twobyte[i].name)); j++) {
data/crash-7.2.8/main.c:1036:25: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, " ");
data/crash-7.2.8/main.c:1038:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, "\"");
data/crash-7.2.8/main.c:1040:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command, "\"");
data/crash-7.2.8/main.c:1190:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((pc->home = (char *)malloc(strlen(p1)+1)) == NULL) {
data/crash-7.2.8/main.c:1254:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(buf, "(");
data/crash-7.2.8/main.c:1256:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sRUNTIME", others++ ? "|" : "");
data/crash-7.2.8/main.c:1258:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sLIVE_SYSTEM",
data/crash-7.2.8/main.c:1261:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sTTY", others++ ? "|" : "");
data/crash-7.2.8/main.c:1263:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sIN_FOREACH", others++ ? "|" : "");
data/crash-7.2.8/main.c:1265:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sMFD_RDWR", others++ ? "|" : "");
data/crash-7.2.8/main.c:1267:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sKVMDUMP", others++ ? "|" : "");
data/crash-7.2.8/main.c:1269:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sSILENT", others++ ? "|" : "");
data/crash-7.2.8/main.c:1271:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sHASH", others++ ? "|" : "");
data/crash-7.2.8/main.c:1273:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sSCROLL", others++ ? "|" : "");
data/crash-7.2.8/main.c:1275:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sNO_CONSOLE", others++ ? "|" : "");
data/crash-7.2.8/main.c:1277:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sMCLXCD", others++ ? "|" : "");
data/crash-7.2.8/main.c:1279:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sRUNTIME_IFILE",
data/crash-7.2.8/main.c:1282:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sCMDLINE_IFILE",
data/crash-7.2.8/main.c:1285:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sDROP_CORE", others++ ? "|" : "");
data/crash-7.2.8/main.c:1287:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sLKCD", others++ ? "|" : "");
data/crash-7.2.8/main.c:1289:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sGDB_INIT", others++ ? "|" : "");
data/crash-7.2.8/main.c:1291:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sIN_GDB", others++ ? "|" : "");
data/crash-7.2.8/main.c:1293:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sRCHOME_IFILE",
data/crash-7.2.8/main.c:1296:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sRCLOCAL_IFILE",
data/crash-7.2.8/main.c:1299:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sREADLINE", others++ ? "|" : "");
data/crash-7.2.8/main.c:1301:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1304:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sIN_RESTART", others++ ? "|" : "");
data/crash-7.2.8/main.c:1306:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1309:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1312:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1315:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1318:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1321:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1324:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1327:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1330:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1333:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1336:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1339:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1342:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1345:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1348:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1351:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1354:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1357:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1360:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1363:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1366:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1369:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1372:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1375:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1378:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1381:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1384:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1387:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1390:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1393:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1396:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1399:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1402:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1405:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1408:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1411:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1414:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1417:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1420:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1423:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1427:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ")");
data/crash-7.2.8/main.c:1429:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) {
data/crash-7.2.8/main.c:1430:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > 46) {
data/crash-7.2.8/main.c:1433:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf2) <= 82)
data/crash-7.2.8/main.c:1436:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(buf2)-1; i; i--) {
data/crash-7.2.8/main.c:1566:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(buf, "(");
data/crash-7.2.8/main.c:1569:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1572:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1575:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1578:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1581:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1584:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1587:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1590:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1593:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1596:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1599:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/main.c:1602:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ")");
data/crash-7.2.8/main.c:1604:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) {
data/crash-7.2.8/main.c:1605:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > 54)
data/crash-7.2.8/makedumpfile.c:106:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((bytes_read = read(fd, &fdh, sizeof(fdh))) != sizeof(fdh)) {
data/crash-7.2.8/makedumpfile.c:220:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &fh, sizeof(fh)) < 0) {
data/crash-7.2.8/makedumpfile.c:264:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buf, size) < size) {
data/crash-7.2.8/makedumpfile.c:377:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = strlen("OSRELEASE=");
data/crash-7.2.8/memory.c:1137:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vt->paddr_prlen = strlen(buf);
data/crash-7.2.8/memory.c:1639:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
linelen = VADDR_PRLEN + strlen(": ");
data/crash-7.2.8/memory.c:1649:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(value_to_symstr(mem.u64, buf, 0))) {
data/crash-7.2.8/memory.c:1651:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
linelen += strlen(buf)+1;
data/crash-7.2.8/memory.c:1664:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
linelen += strlen(buf)+1;
data/crash-7.2.8/memory.c:1685:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(value_to_symstr(mem.u32, buf, 0))) {
data/crash-7.2.8/memory.c:1688:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
linelen += strlen(buf)+1;
data/crash-7.2.8/memory.c:1701:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
linelen += strlen(buf)+1;
data/crash-7.2.8/memory.c:2042:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(value_to_symstr(value, buf, 0)))
data/crash-7.2.8/memory.c:2060:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(value_to_symstr(value, buf, 0)))
data/crash-7.2.8/memory.c:2411:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
readcnt = read(fd, bufptr, cnt);
data/crash-7.2.8/memory.c:2599:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, bufptr, cnt) != cnt)
data/crash-7.2.8/memory.c:2762:2: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(ebuf, "(");
data/crash-7.2.8/memory.c:2766:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&ebuf[strlen(ebuf)], "%sROE", others++ ? "|" : "");
data/crash-7.2.8/memory.c:2768:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&ebuf[strlen(ebuf)], "%sFOE", others++ ? "|" : "");
data/crash-7.2.8/memory.c:2770:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&ebuf[strlen(ebuf)], "%sQ", others++ ? "|" : "");
data/crash-7.2.8/memory.c:2772:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&ebuf[strlen(ebuf)], "%sHB", others++ ? "|" : "");
data/crash-7.2.8/memory.c:2774:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&ebuf[strlen(ebuf)], "%sRP", others++ ? "|" : "");
data/crash-7.2.8/memory.c:2776:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&ebuf[strlen(ebuf)], "%sNDS", others++ ? "|" : "");
data/crash-7.2.8/memory.c:2778:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ebuf, ")");
data/crash-7.2.8/memory.c:2933:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
readcnt = read(pc->kfd, bufptr, cnt);
data/crash-7.2.8/memory.c:2966:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} else if (read(fd, buffer, size) != size) {
data/crash-7.2.8/memory.c:3339:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf1) + 2;
data/crash-7.2.8/memory.c:4110:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, MAX(PADDR_PRLEN, strlen("PHYSICAL")),
data/crash-7.2.8/memory.c:4136:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("PHYSICAL")), RJUST|LONGLONG_HEX,
data/crash-7.2.8/memory.c:4169:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = strstr(buf4, "SWAP:") + strlen("SWAP: ");
data/crash-7.2.8/memory.c:4190:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("OFFSET: "), &offs, 0, 0);
data/crash-7.2.8/memory.c:4608:24: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
return bufferindex += sprintf(outputbuffer+bufferindex, "\n");
data/crash-7.2.8/memory.c:5416:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)MAX(PADDR_PRLEN, strlen("PHYSICAL")),
data/crash-7.2.8/memory.c:5424:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)MAX(PADDR_PRLEN, strlen("PHYSICAL")),
data/crash-7.2.8/memory.c:5433:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)MAX(PADDR_PRLEN, strlen("PHYSICAL")),
data/crash-7.2.8/memory.c:5441:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)MAX(PADDR_PRLEN, strlen("PHYSICAL")),
data/crash-7.2.8/memory.c:5452:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, MAX(PADDR_PRLEN, strlen("PHYSICAL")),
data/crash-7.2.8/memory.c:5462:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&hdr[strlen(hdr)], " %s",
data/crash-7.2.8/memory.c:5464:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(hdr, "\n");
data/crash-7.2.8/memory.c:5469:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, MAX(PADDR_PRLEN, strlen("PHYSICAL")),
data/crash-7.2.8/memory.c:5761:20: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
bufferindex += sprintf(outputbuffer+bufferindex, "\n");
data/crash-7.2.8/memory.c:5806:20: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
bufferindex += sprintf(outputbuffer+bufferindex, "\n");
data/crash-7.2.8/memory.c:5905:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)MAX(PADDR_PRLEN, strlen("PHYSICAL")),
data/crash-7.2.8/memory.c:5913:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)MAX(PADDR_PRLEN, strlen("PHYSICAL")),
data/crash-7.2.8/memory.c:5922:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)MAX(PADDR_PRLEN, strlen("PHYSICAL")),
data/crash-7.2.8/memory.c:5930:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)MAX(PADDR_PRLEN, strlen("PHYSICAL")),
data/crash-7.2.8/memory.c:5941:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, MAX(PADDR_PRLEN, strlen("PHYSICAL")),
data/crash-7.2.8/memory.c:5951:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&hdr[strlen(hdr)], " %s",
data/crash-7.2.8/memory.c:5953:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(hdr, "\n");
data/crash-7.2.8/memory.c:5958:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, MAX(PADDR_PRLEN, strlen("PHYSICAL")),
data/crash-7.2.8/memory.c:6212:20: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
bufferindex += sprintf(outputbuffer+bufferindex, "\n");
data/crash-7.2.8/memory.c:6257:20: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
bufferindex += sprintf(outputbuffer+bufferindex, "\n");
data/crash-7.2.8/memory.c:6500:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(nameptr = (char *)malloc(strlen(namebuf)+1))) {
data/crash-7.2.8/memory.c:6563:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(nameptr = (char *)malloc(strlen(arglist[0])))) {
data/crash-7.2.8/memory.c:6567:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(nameptr, arglist[0] + strlen("PG_"));
data/crash-7.2.8/memory.c:6614:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%s%s",
data/crash-7.2.8/memory.c:6619:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "\n");
data/crash-7.2.8/memory.c:6622:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(buf));
data/crash-7.2.8/memory.c:6899:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(VADDR_PRLEN, strlen("FREE_AREA_STRUCT"));
data/crash-7.2.8/memory.c:7100:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(VADDR_PRLEN, strlen("FREE_AREA_STRUCT"));
data/crash-7.2.8/memory.c:7405:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, strlen("START_PADDR"),
data/crash-7.2.8/memory.c:7408:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf3, strlen("START_MAPNR"),
data/crash-7.2.8/memory.c:7506:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(last_node))
data/crash-7.2.8/memory.c:7767:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, strlen("START_PADDR"),
data/crash-7.2.8/memory.c:7770:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf3, strlen("START_MAPNR"),
data/crash-7.2.8/memory.c:7885:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(last_node))
data/crash-7.2.8/memory.c:7998:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf3, strlen("MIN/LOW/HIGH"),
data/crash-7.2.8/memory.c:8061:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(VADDR_PRLEN, strlen("FREE_AREA_STRUCT"));
data/crash-7.2.8/memory.c:8647:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf, MAX(strlen("VM_STRUCT"), VADDR_PRLEN),
data/crash-7.2.8/memory.c:8650:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf, (VADDR_PRLEN * 2) + strlen(" - "),
data/crash-7.2.8/memory.c:8780:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf1, MAX(strlen("VMAP_AREA"), VADDR_PRLEN),
data/crash-7.2.8/memory.c:8783:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf1, MAX(strlen("VM_STRUCT"), VADDR_PRLEN),
data/crash-7.2.8/memory.c:8786:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf1, (VADDR_PRLEN * 2) + strlen(" - "),
data/crash-7.2.8/memory.c:9461:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(slab_hdr)) {
data/crash-7.2.8/memory.c:9474:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(kmem_cache_hdr))
data/crash-7.2.8/memory.c:9479:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(free_inuse_hdr))
data/crash-7.2.8/memory.c:14440:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[optind])) {
data/crash-7.2.8/memory.c:14444:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(args[optind]);
data/crash-7.2.8/memory.c:15721:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAX(VADDR_PRLEN, strlen("SWAP_INFO_STRUCT")),
data/crash-7.2.8/memory.c:15953:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(file))
data/crash-7.2.8/memory.c:16201:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(VADDR_PRLEN, strlen("BOOTMEM_DATA"));
data/crash-7.2.8/memory.c:16222:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = 12 + strlen(buf1) + strlen(buf2) + strlen(buf3) +
data/crash-7.2.8/memory.c:16222:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = 12 + strlen(buf1) + strlen(buf2) + strlen(buf3) +
data/crash-7.2.8/memory.c:16222:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = 12 + strlen(buf1) + strlen(buf2) + strlen(buf3) +
data/crash-7.2.8/memory.c:16236:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, strlen(" START_PADDR "),
data/crash-7.2.8/memory.c:16238:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf3, strlen("START_MAPNR"),
data/crash-7.2.8/memory.c:16246:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(buf2);
data/crash-7.2.8/memory.c:16377:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, strlen("START_PADDR"),
data/crash-7.2.8/memory.c:16379:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf3, strlen("START_MAPNR"),
data/crash-7.2.8/memory.c:17308:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf2, MAX(VADDR_PRLEN,strlen("CODED_MEM_MAP")),
data/crash-7.2.8/memory.c:17311:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf4, strlen("STATE"), CENTER, "STATE"));
data/crash-7.2.8/memory.c:17327:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("CODED_MEM_MAP")),
data/crash-7.2.8/memory.c:17331:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf4, strlen("STATE"), CENTER, statebuf),
data/crash-7.2.8/memory.c:17476:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf5, strlen("NODE"), CENTER|LONG_DEC,
data/crash-7.2.8/memory.c:17478:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf6, strlen("OFFLINE"), LJUST,
data/crash-7.2.8/memory.c:17487:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf5, strlen("OFFLINE"), LJUST,
data/crash-7.2.8/memory.c:17579:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf4, strlen("NODE"), CENTER, "NODE"),
data/crash-7.2.8/memory.c:17580:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf5, strlen("OFFLINE"), LJUST, "STATE"),
data/crash-7.2.8/memory.c:17587:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(buf4, strlen("OFFLINE"), LJUST, "STATE"),
data/crash-7.2.8/memory.c:17920:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringlen += strlen(arglist[0]) + 1;
data/crash-7.2.8/memory.c:17956:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
start += strlen(arglist[0]) + 1;
data/crash-7.2.8/memory.c:18056:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len = strlen(vt->vm_stat_items[i])) > maxlen)
data/crash-7.2.8/memory.c:18068:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space(maxlen - strlen(vt->vm_stat_items[i])),
data/crash-7.2.8/memory.c:18147:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(nameptr) > len)
data/crash-7.2.8/memory.c:18148:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(nameptr);
data/crash-7.2.8/memory.c:18149:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nameptr += strlen(nameptr)+2;
data/crash-7.2.8/memory.c:18229:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len = strlen(vt->vm_event_items[i])) > maxlen)
data/crash-7.2.8/memory.c:18234:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space(maxlen - strlen(vt->vm_event_items[i])),
data/crash-7.2.8/memory.c:18284:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stringlen += strlen(arglist[0]);
data/crash-7.2.8/memory.c:18311:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
start += strlen(arglist[0]) + 1;
data/crash-7.2.8/memory.c:18370:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((sz = strlen(arglist[0])) > longest)
data/crash-7.2.8/memory_driver/crash.c:211:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t read;
data/crash-7.2.8/memory_driver/crash.c:236:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*poff += read;
data/crash-7.2.8/memory_driver/crash.c:237:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/crash-7.2.8/mips.c:175:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/mips.c:175:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/mips.c:182:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/mips.c:182:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/mips.c:455:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/crash-7.2.8/mips.c:977:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (name && strlen(name) && (machdep->flags & KSYMS_START) &&
data/crash-7.2.8/net.c:86:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(f) = malloc(strlen(s) + strlen(m) + 2); \
data/crash-7.2.8/net.c:86:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(f) = malloc(strlen(s) + strlen(m) + 2); \
data/crash-7.2.8/net.c:464:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(VADDR_PRLEN, strlen(net->netdevice));
data/crash-7.2.8/net.c:501:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(VADDR_PRLEN, strlen(net->netdevice));
data/crash-7.2.8/net.c:554:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = MAX(VADDR_PRLEN, strlen(net->netdevice));
data/crash-7.2.8/net.c:910:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pos + strlen(buf2) >= buflen) {
data/crash-7.2.8/net.c:916:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BCOPY(buf2, &buf[pos], strlen(buf2));
data/crash-7.2.8/net.c:917:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(buf2);
data/crash-7.2.8/net.c:1046:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "STREAM"); break;
data/crash-7.2.8/net.c:1048:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "DGRAM "); break;
data/crash-7.2.8/net.c:1050:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "RAW"); break;
data/crash-7.2.8/net.c:1052:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "RDM"); break;
data/crash-7.2.8/net.c:1054:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "SEQPACKET"); break;
data/crash-7.2.8/net.c:1056:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "PACKET"); break;
data/crash-7.2.8/net.c:1058:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%d", type); break;
data/crash-7.2.8/net.c:1063:2: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(&buf[strlen(buf)], " ");
data/crash-7.2.8/net.c:1063:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], " ");
data/crash-7.2.8/net.c:1068:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%*s-%-*d%s",
data/crash-7.2.8/net.c:1075:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%*s-%-*d%s",
data/crash-7.2.8/net.c:1083:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], " %s-%d ",
data/crash-7.2.8/net.c:1087:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%s-%d",
data/crash-7.2.8/net.c:1121:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%*s ", BITS32() ? 22 : 12,
data/crash-7.2.8/net.c:1127:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%s", buf2);
data/crash-7.2.8/net.c:1148:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len = strlen(buf);
data/crash-7.2.8/net.c:1174:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blen=strlen(flag_buffer); \
data/crash-7.2.8/net.c:1175:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((blen + strlen(s)) < FLAGBUF_SIZE-2) { \
data/crash-7.2.8/netdump.c:145:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, eheader, size) != size) {
data/crash-7.2.8/netdump.c:503:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, shdr64, elf64->e_shentsize) !=
data/crash-7.2.8/netdump.c:536:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, eheader, header_size) != header_size) {
data/crash-7.2.8/netdump.c:586:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, eheader, header_size) != header_size) {
data/crash-7.2.8/netdump.c:616:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, header, size) != size) {
data/crash-7.2.8/netdump.c:785:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read_ret = read(nd->ndfd, bufptr, cnt);
data/crash-7.2.8/netdump.c:888:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!fmt || !strlen(fmt) || !VMCORE_VALID())
data/crash-7.2.8/netdump.c:1867:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t key_length = strlen(key);
data/crash-7.2.8/netdump.c:1953:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, vmcoreinfo + i + key_length + 1,
data/crash-7.2.8/netdump.c:3115:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(ofp, "%s%s", space(sp), strlen(seg_names[i]) > 2 ? "" : " ");
data/crash-7.2.8/netdump.c:3167:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(ofp, "%s%s", space(sp), strlen(seg_names[i]) > 2 ? "" : " ");
data/crash-7.2.8/netdump.c:4386:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, bufptr, readcnt) != readcnt)
data/crash-7.2.8/netdump.c:4446:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, eheader, MAX_KCORE_ELF_HEADER_SIZE) != MAX_KCORE_ELF_HEADER_SIZE) {
data/crash-7.2.8/netdump.c:4516:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, eheader, MAX_KCORE_ELF_HEADER_SIZE) != MAX_KCORE_ELF_HEADER_SIZE) {
data/crash-7.2.8/netdump.c:5238:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(fp, "%s ", mkstring(buf, strlen("INDEX"), LJUST, "INDEX"));
data/crash-7.2.8/netdump.c:5246:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(fp, "%s ", mkstring(buf, strlen("INDEX"), CENTER | INT_DEC, MKSTR(i)));
data/crash-7.2.8/ppc.c:857:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (CRASHDEBUG(8) && name && strlen(name))
data/crash-7.2.8/ppc.c:863:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (name && strlen(name) && (machdep->flags & KSYMS_START) &&
data/crash-7.2.8/ppc.c:919:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/ppc.c:919:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/ppc.c:927:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/ppc.c:927:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/ppc.c:928:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/ppc.c:928:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/ppc.c:945:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/ppc.c:945:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/ppc.c:1957:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) {
data/crash-7.2.8/ppc.c:2004:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
note32->n_namesz != strlen("CORE") + 1 ||
data/crash-7.2.8/ppc64.c:1537:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (CRASHDEBUG(8) && name && strlen(name))
data/crash-7.2.8/ppc64.c:1543:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (name && strlen(name) && (machdep->flags & KSYMS_START) &&
data/crash-7.2.8/ppc64.c:1599:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/ppc64.c:1599:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/ppc64.c:1607:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/ppc64.c:1607:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/ppc64.c:1608:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/ppc64.c:1608:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/ppc64.c:1626:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/ppc64.c:1626:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/ppc64.c:3168:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) {
data/crash-7.2.8/ppc64.c:3235:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = arglist[i] + strlen("vm=");
data/crash-7.2.8/ppc64.c:3236:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p)) {
data/crash-7.2.8/qemu-load.c:108:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8_t a = getc (fp);
data/crash-7.2.8/qemu-load.c:109:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8_t b = getc (fp);
data/crash-7.2.8/qemu-load.c:116:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8_t b = getc (fp);
data/crash-7.2.8/qemu-load.c:117:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8_t a = getc (fp);
data/crash-7.2.8/qemu-load.c:204:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int sz = (uint8_t) getc (fp);
data/crash-7.2.8/qemu-load.c:272:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
entry = RAM_OFFSET_COMPRESSED | getc(fp);
data/crash-7.2.8/qemu-load.c:437:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result->bytes[9] = getc (fp);
data/crash-7.2.8/qemu-load.c:438:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result->bytes[8] = getc (fp);
data/crash-7.2.8/qemu-load.c:460:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (getc(fp) == QEMU_VM_SECTION_FULL) {
data/crash-7.2.8/qemu-load.c:592:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dx86->cr8 = getc (fp);
data/crash-7.2.8/qemu-load.c:632:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dx86->kvm.soft_interrupt = getc (fp);
data/crash-7.2.8/qemu-load.c:633:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dx86->kvm.nmi_injected = getc (fp);
data/crash-7.2.8/qemu-load.c:634:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dx86->kvm.nmi_pending = getc (fp);
data/crash-7.2.8/qemu-load.c:635:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dx86->kvm.has_error_code = getc (fp);
data/crash-7.2.8/qemu-load.c:918:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
sec = getc(fp);
data/crash-7.2.8/qemu-load.c:970:32: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
enum qemu_save_section sec = getc (fp);
data/crash-7.2.8/qemu-load.c:1110:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(kvm->vmp);
data/crash-7.2.8/qemu-load.c:1146:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(devices->name) == sz)) {
data/crash-7.2.8/ramdump.c:138:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((rd = read(fd1, buf, CPY_BUF_SZ)) > 0) {
data/crash-7.2.8/ramdump.c:255:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(p);
data/crash-7.2.8/ramdump.c:347:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(r->rfd, bufptr, cnt) != cnt) {
data/crash-7.2.8/remote.c:230:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
switch (read(sock, recvbuf, BUFSIZE-1))
data/crash-7.2.8/remote.c:274:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:295:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
else if (read(mfd, &readbuf[DATA_HDRSIZE], len) != len)
data/crash-7.2.8/remote.c:392:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:412:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
else if (read(mfd, readbuf, len) != len)
data/crash-7.2.8/remote.c:417:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(readbuf);
data/crash-7.2.8/remote.c:431:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:459:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:483:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
console("[%s] (%d)\n", sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:485:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:551:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(readbuf, strlen(readbuf));
data/crash-7.2.8/remote.c:564:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:586:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:598:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:621:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:636:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:670:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:763:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:783:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(readbuf)) {
data/crash-7.2.8/remote.c:789:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:851:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(readbuf)) {
data/crash-7.2.8/remote.c:857:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:885:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(readbuf)) {
data/crash-7.2.8/remote.c:891:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:984:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:990:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
daemon_send(sendbuf, strlen(sendbuf));
data/crash-7.2.8/remote.c:1048:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!rc->remdebug || !fmt || !strlen(fmt))
data/crash-7.2.8/remote.c:1149:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0);
data/crash-7.2.8/remote.c:1180:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, magic, EI_NIDENT) != EI_NIDENT) {
data/crash-7.2.8/remote.c:1218:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > MAX_HEXADDR_STRLEN)
data/crash-7.2.8/remote.c:1411:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc(strlen(dirbuf)+2)) == NULL) {
data/crash-7.2.8/remote.c:1486:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc(strlen(arglist[1])*2))) {
data/crash-7.2.8/remote.c:1523:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!file || !strlen(file))
data/crash-7.2.8/remote.c:1548:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &tmp, sizeof(tmp)) != sizeof(tmp)) {
data/crash-7.2.8/remote.c:1576:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str == NULL || strlen(str) == 0)
data/crash-7.2.8/remote.c:1655:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line == NULL || strlen(line) == 0)
data/crash-7.2.8/remote.c:1664:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line == NULL || strlen(line) == 0)
data/crash-7.2.8/remote.c:1672:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line == NULL || strlen(line) == 0)
data/crash-7.2.8/remote.c:1782:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((cnt = read(fd, buf, MIN_PAGE_SIZE)) > 0) {
data/crash-7.2.8/remote.c:2221:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return remote_tcp_write(sock, pv_buffer, strlen(pv_buffer) + 1);
data/crash-7.2.8/remote.c:2736:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p1 = (char *)malloc((size_t)(strlen(buf)+1))) == NULL)
data/crash-7.2.8/remote.c:2995:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((cnt = read(pc->nfd, readbuf, READBUFSIZE)) > 0) {
data/crash-7.2.8/remote.c:3122:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 += strlen("panic_task: ");
data/crash-7.2.8/remote.c:3130:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 += strlen("panicmsg: ");
data/crash-7.2.8/remote.c:3160:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 += strlen("panic_task: ");
data/crash-7.2.8/remote.c:3168:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 += strlen("panicmsg: ");
data/crash-7.2.8/remote.c:3195:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 += strlen("panic_task: ");
data/crash-7.2.8/remote.c:3250:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rc->remote_type, p2, sizeof(rc->remote_type) - 1);
data/crash-7.2.8/remote.c:3286:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytes = write(pc->sockfd, sendbuf, strlen(sendbuf) + 1);
data/crash-7.2.8/remote.c:3799:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!STRNEQ(args[0], "@") || strlen(args[0]) == 1)
data/crash-7.2.8/s390.c:426:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (CRASHDEBUG(8) && name && strlen(name))
data/crash-7.2.8/s390.c:432:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!name || !strlen(name) || !(machdep->flags & KSYMS_START))
data/crash-7.2.8/s390.c:446:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = 0; i < strlen(name);i++){
data/crash-7.2.8/s390.c:491:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/s390.c:491:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/s390.c:492:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/s390.c:492:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/s390.c:493:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/s390.c:493:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/s390.c:1129:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) {
data/crash-7.2.8/s390dbf.c:438:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
rc += sprintf(out_buf + rc, ".");
data/crash-7.2.8/s390dbf.c:440:8: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
rc += sprintf(out_buf + rc, "\n");
data/crash-7.2.8/s390dbf.c:595:8: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
rc += sprintf(out_buf + rc, "\n");
data/crash-7.2.8/s390dbf.c:615:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
rc += sprintf(out_buf + rc, ".");
data/crash-7.2.8/s390dbf.c:619:8: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
rc += sprintf(out_buf + rc, "\n");
data/crash-7.2.8/s390dbf.c:641:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
rc += sprintf(out_buf + rc, ".");
data/crash-7.2.8/s390dbf.c:645:8: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
rc += sprintf(out_buf + rc, "\n");
data/crash-7.2.8/s390dbf.c:921:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rc->name,K_PTR(k_debug_view,"debug_view","name"),
data/crash-7.2.8/s390dbf.c:1020:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(db_info->name,K_PTR(k_dbi,"debug_info","name"),
data/crash-7.2.8/s390x.c:469:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = p1 + strlen(keybuf);
data/crash-7.2.8/s390x.c:473:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value_string, p2, value_length);
data/crash-7.2.8/s390x.c:1071:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (CRASHDEBUG(8) && name && strlen(name))
data/crash-7.2.8/s390x.c:1077:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!name || !strlen(name) || !(machdep->flags & KSYMS_START))
data/crash-7.2.8/s390x.c:1091:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = 0; i < strlen(name);i++){
data/crash-7.2.8/s390x.c:1136:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/s390x.c:1136:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/s390x.c:1137:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/s390x.c:1137:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/s390x.c:1138:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/s390x.c:1138:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/s390x.c:1976:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) {
data/crash-7.2.8/sadump.c:110:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(sd->dfd, buf, bytes) < bytes) {
data/crash-7.2.8/sadump.c:512:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(this_disk->dfd, ph, sd->block_size) < sd->block_size) {
data/crash-7.2.8/sadump.c:824:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(dfd, sd->page_buf, sd->block_size) != sd->block_size)
data/crash-7.2.8/sadump.c:1266:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
note64->n_namesz != strlen("CORE") + 1 ||
data/crash-7.2.8/sadump.c:1282:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(note32->n_namesz != strlen("CORE") + 1 ||
data/crash-7.2.8/sadump.c:1315:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(sd->dfd, smram, sd->smram_cpu_state_size) != sd->smram_cpu_state_size)
data/crash-7.2.8/sparc64.c:659:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/crash-7.2.8/symbols.c:287:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
crc_offset = strlen (contents) + 1;
data/crash-7.2.8/symbols.c:297:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc(((strlen(pc->namelist) + strlen("/.debug/") +
data/crash-7.2.8/symbols.c:297:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc(((strlen(pc->namelist) + strlen("/.debug/") +
data/crash-7.2.8/symbols.c:298:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(".debug") + strlen(" /usr/lib/debug/boot/ "))*10)
data/crash-7.2.8/symbols.c:298:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(".debug") + strlen(" /usr/lib/debug/boot/ "))*10)
data/crash-7.2.8/symbols.c:299:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(pc->namelist_debug ? pc->namelist_debug : " "))) == NULL)
data/crash-7.2.8/symbols.c:303:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirname = GETBUF(strlen(pc->namelist)+1);
data/crash-7.2.8/symbols.c:306:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(dirname)-1; i >= 0; i--)
data/crash-7.2.8/symbols.c:312:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(dirname))
data/crash-7.2.8/symbols.c:313:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(dirname, ".");
data/crash-7.2.8/symbols.c:441:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((count = read(fd, buffer, sizeof(buffer))) > 0)
data/crash-7.2.8/symbols.c:1244:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("_MODULE_SECTION_START ");
data/crash-7.2.8/symbols.c:1248:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("_MODULE_SECTION_END ");
data/crash-7.2.8/symbols.c:1252:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = sp->name+strlen("_MODULE_START_");
data/crash-7.2.8/symbols.c:1256:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = sp->name+strlen("_MODULE_END_");
data/crash-7.2.8/symbols.c:1281:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = sp->name+strlen("_MODULE_INIT_START_");
data/crash-7.2.8/symbols.c:1284:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = sp->name+strlen("_MODULE_INIT_END_");
data/crash-7.2.8/symbols.c:1434:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) < MAX_MOD_NAME)
data/crash-7.2.8/symbols.c:1505:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf1)) {
data/crash-7.2.8/symbols.c:1783:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mod_name) < MAX_MOD_NAME)
data/crash-7.2.8/symbols.c:1789:18: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lm->mod_name, mod_name, MAX_MOD_NAME-1);
data/crash-7.2.8/symbols.c:1900:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf1)) {
data/crash-7.2.8/symbols.c:1973:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf1)) {
data/crash-7.2.8/symbols.c:2528:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define SMP_CLUTTER (strlen("_Rsmp_"))
data/crash-7.2.8/symbols.c:2529:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define UP_CLUTTER (strlen("_R"))
data/crash-7.2.8/symbols.c:2553:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pend = &s[strlen(s)];
data/crash-7.2.8/symbols.c:2635:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pend = &s[strlen(s)-3];
data/crash-7.2.8/symbols.c:2708:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name)+1;
data/crash-7.2.8/symbols.c:3496:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, magic, EI_NIDENT) != EI_NIDENT) {
data/crash-7.2.8/symbols.c:3527:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, eheader, BUFSIZE) != BUFSIZE) {
data/crash-7.2.8/symbols.c:3664:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, header, BUFSIZE) != BUFSIZE) {
data/crash-7.2.8/symbols.c:3725:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmpdir) + strlen(basename(file)) +
data/crash-7.2.8/symbols.c:3725:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmpdir) + strlen(basename(file)) +
data/crash-7.2.8/symbols.c:3726:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("_XXXXXX") + 2;
data/crash-7.2.8/symbols.c:3798:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, eheader, BUFSIZE) != BUFSIZE) {
data/crash-7.2.8/symbols.c:3975:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(mapitems[0]) > MAX_HEXADDR_STRLEN) ||
data/crash-7.2.8/symbols.c:3976:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!hexadecimal(mapitems[0], 0) || (strlen(mapitems[1]) > 1))
data/crash-7.2.8/symbols.c:4228:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = sp->name + strlen("_MODULE_START_");
data/crash-7.2.8/symbols.c:4299:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf)) {
data/crash-7.2.8/symbols.c:4399:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(print_pad))
data/crash-7.2.8/symbols.c:4424:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(print_pad))
data/crash-7.2.8/symbols.c:4452:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(print_pad))
data/crash-7.2.8/symbols.c:5041:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("_MODULE_START_"));
data/crash-7.2.8/symbols.c:5467:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new = symbol + strlen("per_cpu__");
data/crash-7.2.8/symbols.c:5953:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = GETBUF(strlen(s)+1);
data/crash-7.2.8/symbols.c:6101:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
member = GETBUF(strlen(dm->member)+4);
data/crash-7.2.8/symbols.c:6513:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
structname = GETBUF(strlen(args[optind])+1);
data/crash-7.2.8/symbols.c:6517:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
members = GETBUF(strlen(args[optind])+1);
data/crash-7.2.8/symbols.c:6687:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(member);
data/crash-7.2.8/symbols.c:6734:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = buf + strlen("type = ");
data/crash-7.2.8/symbols.c:6804:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p1 == s) || !strlen(p1+1))
data/crash-7.2.8/symbols.c:6998:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = MAX(strlen(buf), strlen("SIZE"));
data/crash-7.2.8/symbols.c:6998:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = MAX(strlen(buf), strlen("SIZE"));
data/crash-7.2.8/symbols.c:7060:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, optarg, 15);
data/crash-7.2.8/symbols.c:7105:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(dm->tagname) ? " " : "",
data/crash-7.2.8/symbols.c:7147:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 += strlen("type = ");
data/crash-7.2.8/symbols.c:7382:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = feof(pc->tmpfile) ? NULL : buf + strlen("type = ");
data/crash-7.2.8/symbols.c:7386:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(clean_line(p));
data/crash-7.2.8/symbols.c:7406:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char leader[sizeof("&per_cpu(") + strlen(sp->name) +
data/crash-7.2.8/symbols.c:7745:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
shift_string_right(p1, strlen(sp->name));
data/crash-7.2.8/symbols.c:7746:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BCOPY(sp->name, p1, strlen(sp->name));
data/crash-7.2.8/symbols.c:7747:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = buf + strlen("type = ");
data/crash-7.2.8/symbols.c:7751:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
shift_string_right(p1, strlen(sp->name));
data/crash-7.2.8/symbols.c:7752:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BCOPY(sp->name, p1, strlen(sp->name));
data/crash-7.2.8/symbols.c:7755:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
shift_string_right(p1, strlen(sp->name));
data/crash-7.2.8/symbols.c:7756:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BCOPY(sp->name, p1, strlen(sp->name));
data/crash-7.2.8/symbols.c:7758:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = buf + strlen("type = ");
data/crash-7.2.8/symbols.c:7761:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = buf + strlen("type = ");
data/crash-7.2.8/symbols.c:7890:7: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(p1, "\n");
data/crash-7.2.8/symbols.c:8036:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = n + strlen(n);
data/crash-7.2.8/symbols.c:8147:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf) - 1;
data/crash-7.2.8/symbols.c:8227:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(current->field_name, p, p1 - p);
data/crash-7.2.8/symbols.c:8283:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf1) + 4;
data/crash-7.2.8/symbols.c:8318:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(target) == 0)
data/crash-7.2.8/symbols.c:8374:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf1)+1;
data/crash-7.2.8/symbols.c:8470:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p1)) {
data/crash-7.2.8/symbols.c:8482:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p1))
data/crash-7.2.8/symbols.c:8490:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p1))
data/crash-7.2.8/symbols.c:8506:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p1)) {
data/crash-7.2.8/symbols.c:8649:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = revname + strlen(pc->machine_type);
data/crash-7.2.8/symbols.c:11141:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name[0] != '.' || strlen(name) != 10 || strcmp(name + 5, ".init"))
data/crash-7.2.8/symbols.c:11166:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) < MAX_MOD_SEC_NAME)
data/crash-7.2.8/symbols.c:11169:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lm->mod_section_data[i].name, name, MAX_MOD_SEC_NAME-1);
data/crash-7.2.8/symbols.c:11274:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset += strlen(lm->mod_name)+1;
data/crash-7.2.8/symbols.c:11516:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((lm->mod_flags & MOD_LOAD_SYMS) || strlen(lm->mod_namelist)) {
data/crash-7.2.8/symbols.c:11534:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(namelist) < MAX_MOD_NAMELIST)
data/crash-7.2.8/symbols.c:11537:18: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lm->mod_namelist, namelist, MAX_MOD_NAMELIST-1);
data/crash-7.2.8/symbols.c:11618:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(buf);
data/crash-7.2.8/symbols.c:11629:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(buf);
data/crash-7.2.8/symbols.c:11660:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(req->buf);
data/crash-7.2.8/symbols.c:11667:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ((len + strlen(pbuf)) >= buflen) {
data/crash-7.2.8/symbols.c:11672:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(pbuf);
data/crash-7.2.8/symbols.c:11864:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(req->buf);
data/crash-7.2.8/symbols.c:11870:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ((len + strlen(buf)) >= buflen) {
data/crash-7.2.8/symbols.c:11874:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
shift_string_right(req->buf, strlen(buf));
data/crash-7.2.8/symbols.c:11875:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BCOPY(buf, req->buf, strlen(buf));
data/crash-7.2.8/symbols.c:11879:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ((len + strlen(buf)) >= buflen) {
data/crash-7.2.8/symbols.c:12061:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(namelist) < MAX_MOD_NAMELIST)
data/crash-7.2.8/symbols.c:12064:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lm->mod_namelist, namelist, MAX_MOD_NAMELIST-1);
data/crash-7.2.8/symbols.c:13059:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
space(strlen(pc->curcmd)), file, line, func);
data/crash-7.2.8/symbols.c:13079:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
errmsg, space(strlen(pc->curcmd)), file, line, func);
data/crash-7.2.8/symbols.c:13294:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(ds->name = (char *)malloc(strlen(name)+1)) ||
data/crash-7.2.8/task.c:3242:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ref->str))
data/crash-7.2.8/task.c:3243:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ref->str, ",");
data/crash-7.2.8/task.c:3280:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ref->str))
data/crash-7.2.8/task.c:3281:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ref->str, ",");
data/crash-7.2.8/task.c:3284:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ref->str))
data/crash-7.2.8/task.c:3285:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ref->str, ",");
data/crash-7.2.8/task.c:3298:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
do_task(tasklist[c], 0, strlen(ref->str) ? ref : NULL, radix);
data/crash-7.2.8/task.c:3346:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
refcopy = GETBUF(strlen(ref->str)+1);
data/crash-7.2.8/task.c:3398:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(lookfor2)) {
data/crash-7.2.8/task.c:3405:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(lookfor3)) {
data/crash-7.2.8/task.c:3792:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pad_line(fp, strlen(buf1) > 3 ? 1 : 2, ' ');
data/crash-7.2.8/task.c:3794:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf1) == 3)
data/crash-7.2.8/task.c:3957:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = strlen(buf);
data/crash-7.2.8/task.c:4045:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = strlen(buf);
data/crash-7.2.8/task.c:4321:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((j = strlen(rlim_names[i])) > len1)
data/crash-7.2.8/task.c:4324:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen("(unlimited)");
data/crash-7.2.8/task.c:5127:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) <= MAX_HEXADDR_STRLEN)
data/crash-7.2.8/task.c:5562:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ascii_string(buf) && (strlen(buf) > strlen("RSDTtZX"))) {
data/crash-7.2.8/task.c:5562:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ascii_string(buf) && (strlen(buf) > strlen("RSDTtZX"))) {
data/crash-7.2.8/task.c:5563:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(buf); i++) {
data/crash-7.2.8/task.c:5730:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sTASK_INTERRUPTIBLE",
data/crash-7.2.8/task.c:5734:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sTASK_UNINTERRUPTIBLE",
data/crash-7.2.8/task.c:5738:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sTASK_STOPPED",
data/crash-7.2.8/task.c:5742:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sTASK_TRACED",
data/crash-7.2.8/task.c:5747:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sEXIT_DEAD|TASK_DEAD",
data/crash-7.2.8/task.c:5750:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sEXIT_DEAD",
data/crash-7.2.8/task.c:5755:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sEXIT_ZOMBIE",
data/crash-7.2.8/task.c:5759:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sTASK_WAKING",
data/crash-7.2.8/task.c:5763:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sTASK_WAKEKILL",
data/crash-7.2.8/task.c:5767:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sTASK_NOLOAD",
data/crash-7.2.8/task.c:5771:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sTASK_NEW",
data/crash-7.2.8/task.c:5776:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%sTASK_NONINTERACTIVE",
data/crash-7.2.8/task.c:7396:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 += strlen(" TASK: ");
data/crash-7.2.8/task.c:7484:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 += strlen("CPU: ");
data/crash-7.2.8/task.c:7486:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = buf + strlen("CPU ");
data/crash-7.2.8/task.c:7745:2: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(buf, "(");
data/crash-7.2.8/task.c:7747:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7750:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7753:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7756:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7759:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7762:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7765:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7768:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7771:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7774:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7777:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7780:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7783:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7786:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7789:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7792:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7795:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7798:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7801:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7804:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)],
data/crash-7.2.8/task.c:7806:2: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(&buf[strlen(buf)], ")");
data/crash-7.2.8/task.c:7806:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], ")");
data/crash-7.2.8/task.c:7808:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > 54)
data/crash-7.2.8/task.c:8176:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
upper = GETBUF(strlen(policy_str) + 1);
data/crash-7.2.8/task.c:8186:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(upper, info->name, strlen(info->name)) == 0 ||
data/crash-7.2.8/task.c:8863:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/crash-7.2.8/task.c:10176:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmp, "/");
data/crash-7.2.8/task.c:10185:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = GETBUF(strlen(buf)+1);
data/crash-7.2.8/task.c:10467:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len + strlen(buf)) > 80) {
data/crash-7.2.8/task.c:10473:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(buf);
data/crash-7.2.8/task.c:10529:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ref->str))
data/crash-7.2.8/task.c:10530:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ref->str, ",");
data/crash-7.2.8/task.c:10575:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ref->str))
data/crash-7.2.8/task.c:10576:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ref->str, ",");
data/crash-7.2.8/task.c:10591:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
do_sig(tasklist[c], 0, strlen(ref->str) ? ref : NULL);
data/crash-7.2.8/tools.c:50:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_str = malloc(strlen(target) + 1);
data/crash-7.2.8/tools.c:125:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
spacebuf = space(strlen(pc->curcmd));
data/crash-7.2.8/tools.c:210:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str == NULL || strlen(str) == 0)
data/crash-7.2.8/tools.c:366:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line == NULL || strlen(line) == 0)
data/crash-7.2.8/tools.c:388:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line == NULL || strlen(line) == 0)
data/crash-7.2.8/tools.c:405:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line == NULL || strlen(line) == 0)
data/crash-7.2.8/tools.c:425:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line == NULL || strlen(line) == 0)
data/crash-7.2.8/tools.c:449:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line == NULL || strlen(line) == 0)
data/crash-7.2.8/tools.c:567:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = GETBUF(strlen(insert) + strlen(where) + 1);
data/crash-7.2.8/tools.c:567:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = GETBUF(strlen(insert) + strlen(where) + 1);
data/crash-7.2.8/tools.c:599:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(line); i++) {
data/crash-7.2.8/tools.c:613:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s)+1] = NULLCHAR;
data/crash-7.2.8/tools.c:614:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p1+1, p1, strlen(p1));
data/crash-7.2.8/tools.c:692:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = &buf[strlen(buf)-1];
data/crash-7.2.8/tools.c:777:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > MAX_HEXADDR_STRLEN) {
data/crash-7.2.8/tools.c:781:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s, strlen(s), MAX_HEXADDR_STRLEN);
data/crash-7.2.8/tools.c:863:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > LONG_LONG_PRLEN) {
data/crash-7.2.8/tools.c:867:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s, strlen(s), LONG_LONG_PRLEN);
data/crash-7.2.8/tools.c:948:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) == 0)
data/crash-7.2.8/tools.c:1004:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) == 0)
data/crash-7.2.8/tools.c:1148:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = GETBUF(strlen(s));
data/crash-7.2.8/tools.c:1413:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > LONG_PRLEN) {
data/crash-7.2.8/tools.c:1526:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(spacebuf)) {
data/crash-7.2.8/tools.c:1579:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((s1+len) >= &s[strlen(s)]) || (*(s1+len) != '>'))
data/crash-7.2.8/tools.c:1638:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, " ");
data/crash-7.2.8/tools.c:1656:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
origlen = strlen(s);
data/crash-7.2.8/tools.c:1674:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
origlen = strlen(s);
data/crash-7.2.8/tools.c:1735:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/crash-7.2.8/tools.c:1764:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/crash-7.2.8/tools.c:1772:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/crash-7.2.8/tools.c:2430:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc(strlen(args[optind])+1)) == NULL) {
data/crash-7.2.8/tools.c:2585:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], " in .%src file", pc->program_name);
data/crash-7.2.8/tools.c:2588:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%s ", args[i]);
data/crash-7.2.8/tools.c:2589:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "\n");
data/crash-7.2.8/tools.c:2730:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf1, " ");
data/crash-7.2.8/tools.c:2735:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf1, ")");
data/crash-7.2.8/tools.c:2764:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(s) > 2) &&
data/crash-7.2.8/tools.c:2781:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(element1) || !strlen(element2))
data/crash-7.2.8/tools.c:2781:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(element1) || !strlen(element2))
data/crash-7.2.8/tools.c:2968:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(clean_line(element1)) == 0)
data/crash-7.2.8/tools.c:2971:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(clean_line(element2)) == 0)
data/crash-7.2.8/tools.c:3267:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hdrlen = strlen(hdr);
data/crash-7.2.8/tools.c:3277:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ccnt += strlen(buf);
data/crash-7.2.8/tools.c:3280:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
INDENT(strlen(hdr));
data/crash-7.2.8/tools.c:3291:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ccnt += strlen(buf);
data/crash-7.2.8/tools.c:3294:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
INDENT(strlen(hdr));
data/crash-7.2.8/tools.c:3652:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
e->arg = GETBUF(strlen(arg + 1));
data/crash-7.2.8/tools.c:3657:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = e->arg + strlen(e->arg) + 1;
data/crash-7.2.8/tools.c:3660:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(e->name, e->arg, p - e->arg - 1);
data/crash-7.2.8/tools.c:4254:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
structname = GETBUF(strlen(ld->structname[idx])+1);
data/crash-7.2.8/tools.c:4255:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
members = GETBUF(strlen(ld->structname[idx])+1);
data/crash-7.2.8/tools.c:5062:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
structname = GETBUF(strlen(td->structname[idx])+1);
data/crash-7.2.8/tools.c:5063:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
members = GETBUF(strlen(td->structname[idx])+1);
data/crash-7.2.8/tools.c:6035:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newstring = GETBUF(strlen(oldstring)+1);
data/crash-7.2.8/tools.c:6153:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!pc->console || !strlen(pc->console) ||
data/crash-7.2.8/tools.c:6157:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!fmt || !strlen(fmt))
data/crash-7.2.8/tools.c:6172:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(write(pc->confd, output, strlen(output)));
data/crash-7.2.8/tools.c:6190:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((pc->console = (char *)malloc(strlen(dev)+1)) == NULL)
data/crash-7.2.8/tools.c:6244:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!pc->console || !strlen(pc->console) ||
data/crash-7.2.8/tools.c:6248:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!s || !strlen(s))
data/crash-7.2.8/tools.c:6314:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%02llu:%02llu:%02llu",
data/crash-7.2.8/tools.c:6345:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(buf, "0");
data/crash-7.2.8/tools.c:6644:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t ret = strlen(src);
data/crash-7.2.8/unwind.c:2182:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(type);
data/crash-7.2.8/unwind.c:2335:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 = &buf1[strlen(buf1)];
data/crash-7.2.8/unwind.c:2350:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf1) >= 80)
data/crash-7.2.8/unwind_x86_32_64.c:816:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, unwind_table, unwind_table_size) !=
data/crash-7.2.8/unwind_x86_32_64.c:891:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (read_string(name, buf, strlen("kernel")+1) &&
data/crash-7.2.8/vmware_vmss.c:449:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = vmem_filename + strlen(vmem_filename) - 4;
data/crash-7.2.8/x86.c:303:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buf3, "(%s module)", name + strlen("_MODULE_START_"));
data/crash-7.2.8/x86.c:365:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(value_to_symstr(arg, buf1, 0)))
data/crash-7.2.8/x86.c:1150:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(value_to_symstr(value, buf, 0)))
data/crash-7.2.8/x86.c:1323:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (symbol_search(sp->name + strlen("do_")));
data/crash-7.2.8/x86.c:1417:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) {
data/crash-7.2.8/x86.c:2107:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = arglist[i] + strlen("page_offset=");
data/crash-7.2.8/x86.c:2108:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p))
data/crash-7.2.8/x86.c:3814:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/x86.c:3814:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/x86.c:3822:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/x86.c:3822:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/x86.c:3823:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/x86.c:3823:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/x86.c:3840:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/x86.c:3840:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/x86.c:3986:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(locbuf))
data/crash-7.2.8/x86.c:3995:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ">");
data/crash-7.2.8/x86.c:4157:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (CRASHDEBUG(8) && name && strlen(name))
data/crash-7.2.8/x86.c:4163:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!name || !strlen(name) || !(machdep->flags & KSYMS_START))
data/crash-7.2.8/x86.c:4539:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 += strlen("call ");
data/crash-7.2.8/x86.c:4541:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 += strlen(" <");
data/crash-7.2.8/x86.c:4593:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf2)) {
data/crash-7.2.8/x86.c:5025:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &ctrlreg, sizeof(ctrlreg)) !=
data/crash-7.2.8/x86.c:5125:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &ctrlreg, sizeof(ctrlreg)) !=
data/crash-7.2.8/x86.c:5498:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &esp, sizeof(ulong)) != sizeof(ulong))
data/crash-7.2.8/x86.c:5546:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &xesp, sizeof(ulong)) != sizeof(ulong))
data/crash-7.2.8/x86.c:5554:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &xeip, sizeof(ulong)) != sizeof(ulong))
data/crash-7.2.8/x86_64.c:2622:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!name || !strlen(name))
data/crash-7.2.8/x86_64.c:2703:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/x86_64.c:2703:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = MAX(strlen(ptebuf), strlen("PTE"));
data/crash-7.2.8/x86_64.c:2711:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/x86_64.c:2711:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(arglist[0]), strlen("SWAP"));
data/crash-7.2.8/x86_64.c:2712:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/x86_64.c:2712:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = MAX(strlen(arglist[2]), strlen("OFFSET"));
data/crash-7.2.8/x86_64.c:2729:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/x86_64.c:2729:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = MAX(strlen(physbuf), strlen("PHYSICAL"));
data/crash-7.2.8/x86_64.c:3198:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf1))
data/crash-7.2.8/x86_64.c:4586:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/crash-7.2.8/x86_64.c:5392:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(locbuf))
data/crash-7.2.8/x86_64.c:5401:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, ">");
data/crash-7.2.8/x86_64.c:5977:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = arglist[i] + strlen("vm=");
data/crash-7.2.8/x86_64.c:5978:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p)) {
data/crash-7.2.8/x86_64.c:6003:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = arglist[i] + strlen("phys_base=");
data/crash-7.2.8/x86_64.c:6004:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p)) {
data/crash-7.2.8/x86_64.c:6034:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = arglist[i] + strlen("kernel_image_size=");
data/crash-7.2.8/x86_64.c:6035:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p)) {
data/crash-7.2.8/x86_64.c:6055:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = arglist[i] + strlen("irq_eframe_link=");
data/crash-7.2.8/x86_64.c:6056:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p)) {
data/crash-7.2.8/x86_64.c:6064:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = arglist[i] + strlen("irq_stack_gap=");
data/crash-7.2.8/x86_64.c:6065:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p)) {
data/crash-7.2.8/x86_64.c:6073:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = arglist[i] + strlen("max_physmem_bits=");
data/crash-7.2.8/x86_64.c:6074:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p)) {
data/crash-7.2.8/x86_64.c:6085:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = arglist[i] + strlen("page_offset=");
data/crash-7.2.8/x86_64.c:6086:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p)) {
data/crash-7.2.8/x86_64.c:6307:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(search_string1) && strstr(buf1, search_string1))
data/crash-7.2.8/x86_64.c:6309:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(search_string2) && strstr(buf1, search_string2))
data/crash-7.2.8/x86_64.c:6311:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(search_string3) && strstr(buf1, search_string3))
data/crash-7.2.8/x86_64.c:6400:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(link_register) ?
data/crash-7.2.8/x86_64.c:7007:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PHYSADDR, buf, strlen("Linux version"), "linux_banner verify",
data/crash-7.2.8/x86_64.c:7014:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("Linux version"), "linux_banner search",
data/crash-7.2.8/x86_64.c:7069:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &ctrlreg, sizeof(ctrlreg)) !=
data/crash-7.2.8/x86_64.c:7155:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &ctrlreg, sizeof(ctrlreg)) !=
data/crash-7.2.8/x86_64.c:7487:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &rsp, sizeof(ulong)) != sizeof(ulong))
data/crash-7.2.8/x86_64.c:7537:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &xrsp, sizeof(ulong)) != sizeof(ulong))
data/crash-7.2.8/x86_64.c:7545:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &xrip, sizeof(ulong)) != sizeof(ulong))
data/crash-7.2.8/x86_64.c:7751:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf1))
data/crash-7.2.8/xen_hyper.c:98:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xht->utsname.machine, (char *)(buf + member_offset),
data/crash-7.2.8/xen_hyper.c:108:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(xht->utsname.machine, (char *)(buf + XEN_HYPER_OFFSET(cpuinfo_ia64_vendor)),
data/crash-7.2.8/xen_hyper.c:532:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) >= XEN_HYPER_SCHEDULER_NAME) {
data/crash-7.2.8/xen_hyper.c:535:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((xhscht->name = malloc(strlen(buf) + 1)) == NULL) {
data/crash-7.2.8/xen_hyper.c:538:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BZERO(xhscht->name, strlen(buf) + 1);
data/crash-7.2.8/xen_hyper.c:539:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BCOPY(buf, xhscht->name, strlen(buf));
data/crash-7.2.8/xen_hyper.c:2092:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = strlen(str1);
data/crash-7.2.8/xen_hyper_command.c:228:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf1[strlen(buf1)], INT_PRLEN, CENTER|RJUST, "MAXPAGE");
data/crash-7.2.8/xen_hyper_command.c:229:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf1, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf1)-1);
data/crash-7.2.8/xen_hyper_command.c:229:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf1, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf1)-1);
data/crash-7.2.8/xen_hyper_command.c:230:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf1[strlen(buf1)], INT_PRLEN, CENTER|RJUST, "TOTPAGE");
data/crash-7.2.8/xen_hyper_command.c:231:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(buf1, " VCPU ", XEN_HYPER_CMD_BUFSIZE-strlen(buf1)-1);
data/crash-7.2.8/xen_hyper_command.c:231:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf1, " VCPU ", XEN_HYPER_CMD_BUFSIZE-strlen(buf1)-1);
data/crash-7.2.8/xen_hyper_command.c:232:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf1[strlen(buf1)], VADDR_PRLEN, CENTER|RJUST, "SHARED_I");
data/crash-7.2.8/xen_hyper_command.c:233:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf1, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf1)-1);
data/crash-7.2.8/xen_hyper_command.c:233:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf1, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf1)-1);
data/crash-7.2.8/xen_hyper_command.c:234:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf1[strlen(buf1)], LONG_PRLEN, CENTER|RJUST, "P2M_MFN");
data/crash-7.2.8/xen_hyper_command.c:302:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf1[strlen(buf1)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST, (char *)(dc->domain));
data/crash-7.2.8/xen_hyper_command.c:303:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf1, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf1)-1);
data/crash-7.2.8/xen_hyper_command.c:303:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf1, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf1)-1);
data/crash-7.2.8/xen_hyper_command.c:304:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf1[strlen(buf1)], "%s ",
data/crash-7.2.8/xen_hyper_command.c:306:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf1[strlen(buf1)], "%s ",
data/crash-7.2.8/xen_hyper_command.c:308:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf1[strlen(buf1)], INT_PRLEN, CENTER|INT_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:310:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf1, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf1)-1);
data/crash-7.2.8/xen_hyper_command.c:310:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf1, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf1)-1);
data/crash-7.2.8/xen_hyper_command.c:311:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf1[strlen(buf1)], INT_PRLEN, CENTER|INT_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:313:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf1[strlen(buf1)], " %3d ", dc->vcpu_cnt);
data/crash-7.2.8/xen_hyper_command.c:314:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf1[strlen(buf1)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:316:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf1, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf1)-1);
data/crash-7.2.8/xen_hyper_command.c:316:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf1, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf1)-1);
data/crash-7.2.8/xen_hyper_command.c:319:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf1[strlen(buf1)], LONG_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:325:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf1[strlen(buf1)], LONG_PRLEN, CENTER|RJUST, "----");
data/crash-7.2.8/xen_hyper_command.c:333:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf1[strlen(buf1)], LONG_PRLEN,
data/crash-7.2.8/xen_hyper_command.c:337:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf1[strlen(buf1)], LONG_PRLEN, CENTER|RJUST, "----");
data/crash-7.2.8/xen_hyper_command.c:433:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|RJUST, "ENOTE");
data/crash-7.2.8/xen_hyper_command.c:435:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:435:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:436:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|RJUST, "CORE");
data/crash-7.2.8/xen_hyper_command.c:438:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:438:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:439:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|RJUST, "XEN_CORE");
data/crash-7.2.8/xen_hyper_command.c:442:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:442:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:443:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|RJUST, "XEN_INFO");
data/crash-7.2.8/xen_hyper_command.c:472:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:477:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], " %5d ", pid);
data/crash-7.2.8/xen_hyper_command.c:479:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%5d ", pid);
data/crash-7.2.8/xen_hyper_command.c:481:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%5d ", pid);
data/crash-7.2.8/xen_hyper_command.c:483:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], "%5d", pid);
data/crash-7.2.8/xen_hyper_command.c:485:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:485:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:486:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:489:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:489:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:490:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:494:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:494:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:496:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:499:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|RJUST, "--");
data/crash-7.2.8/xen_hyper_command.c:507:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|RJUST, "tv_sec");
data/crash-7.2.8/xen_hyper_command.c:508:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:508:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:509:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|RJUST, "tv_usec");
data/crash-7.2.8/xen_hyper_command.c:535:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], LONG_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:537:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:537:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:538:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], LONG_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:747:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|RJUST, "PCPU");
data/crash-7.2.8/xen_hyper_command.c:748:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:748:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:749:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|RJUST, "CUR-VCPU");
data/crash-7.2.8/xen_hyper_command.c:750:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:750:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:751:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|RJUST, "TSS");
data/crash-7.2.8/xen_hyper_command.c:756:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST, MKSTR(pcc->pcpu));
data/crash-7.2.8/xen_hyper_command.c:757:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:757:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:758:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:760:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:760:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:761:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:877:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|RJUST, "SCH-DATA");
data/crash-7.2.8/xen_hyper_command.c:878:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:878:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:879:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|RJUST, "SCH-PRIV");
data/crash-7.2.8/xen_hyper_command.c:880:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:880:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:881:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|RJUST, "CUR-VCPU");
data/crash-7.2.8/xen_hyper_command.c:882:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:882:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:883:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|RJUST, "IDL-VCPU");
data/crash-7.2.8/xen_hyper_command.c:885:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:885:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:886:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], LONG_PRLEN, CENTER|RJUST, "TICK");
data/crash-7.2.8/xen_hyper_command.c:892:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:894:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:894:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:895:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:897:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:897:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:898:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:900:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:900:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:901:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:904:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:904:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:905:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], LONG_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:1039:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(uts->machine)) {
data/crash-7.2.8/xen_hyper_command.c:1268:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:1270:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:1270:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:1271:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xen_hyper_vcpu_state_string(vcc, &buf[strlen(buf)], !VERBOSE);
data/crash-7.2.8/xen_hyper_command.c:1272:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:1272:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, " ", XEN_HYPER_CMD_BUFSIZE-strlen(buf)-1);
data/crash-7.2.8/xen_hyper_command.c:1273:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xen_hyper_domain_to_type(vcc->domain, &type, &buf[strlen(buf)], !VERBOSE);
data/crash-7.2.8/xen_hyper_command.c:1275:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], " ????? ");
data/crash-7.2.8/xen_hyper_command.c:1277:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buf[strlen(buf)], " %5d ", domid);
data/crash-7.2.8/xen_hyper_command.c:1279:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkstring(&buf[strlen(buf)], VADDR_PRLEN, CENTER|LONG_HEX|RJUST,
data/crash-7.2.8/xen_hyper_command.c:1431:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) <= MAX_HEXADDR_STRLEN)
data/crash-7.2.8/xen_hyper_command.c:1572:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) <= MAX_HEXADDR_STRLEN)
data/crash-7.2.8/xen_hyper_command.c:1662:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) <= MAX_HEXADDR_STRLEN)
data/crash-7.2.8/xen_hyper_command.c:1732:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) <= MAX_HEXADDR_STRLEN)
data/crash-7.2.8/xen_hyper_command.c:1805:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) <= MAX_HEXADDR_STRLEN)
data/crash-7.2.8/xen_hyper_dump_tables.c:103:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg) != 3) {
data/crash-7.2.8/xen_hyper_dump_tables.c:107:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp("Xen", optarg, strlen(optarg)))
data/crash-7.2.8/xen_hyper_dump_tables.c:109:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("xen", optarg, strlen(optarg)))
data/crash-7.2.8/xen_hyper_dump_tables.c:111:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("Dmp", optarg, strlen(optarg)))
data/crash-7.2.8/xen_hyper_dump_tables.c:113:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("dmp", optarg, strlen(optarg)))
data/crash-7.2.8/xen_hyper_dump_tables.c:115:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("Dom", optarg, strlen(optarg)))
data/crash-7.2.8/xen_hyper_dump_tables.c:117:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("dom", optarg, strlen(optarg)))
data/crash-7.2.8/xen_hyper_dump_tables.c:119:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("Vcp", optarg, strlen(optarg)))
data/crash-7.2.8/xen_hyper_dump_tables.c:121:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("vcp", optarg, strlen(optarg)))
data/crash-7.2.8/xen_hyper_dump_tables.c:123:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("Pcp", optarg, strlen(optarg)))
data/crash-7.2.8/xen_hyper_dump_tables.c:125:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("pcp", optarg, strlen(optarg)))
data/crash-7.2.8/xen_hyper_dump_tables.c:127:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("Sch", optarg, strlen(optarg)))
data/crash-7.2.8/xen_hyper_dump_tables.c:129:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("sch", optarg, strlen(optarg)))
data/crash-7.2.8/xen_hyper_dump_tables.c:131:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("siz", optarg, strlen(optarg)))
data/crash-7.2.8/xen_hyper_dump_tables.c:133:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("ofs", optarg, strlen(optarg)))
data/crash-7.2.8/xendump.c:76:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, buf, BUFSIZE) != BUFSIZE)
data/crash-7.2.8/xendump.c:176:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, xd->page, xd->page_size) !=
data/crash-7.2.8/xendump.c:196:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, xd->page, xd->page_size) != xd->page_size)
data/crash-7.2.8/xendump.c:241:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (lseek(xd->xfd, strlen(XC_SAVE_SIGNATURE), SEEK_SET) == -1)
data/crash-7.2.8/xendump.c:257:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, buf, sizeof(int)) != sizeof(int))
data/crash-7.2.8/xendump.c:295:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, xd->xc_save.vmconfig_buf,
data/crash-7.2.8/xendump.c:302:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, buf, sizeof(ulong)) != sizeof(ulong))
data/crash-7.2.8/xendump.c:330:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, xd->xc_save.p2m_frame_list, P2M_FL_SIZE) !=
data/crash-7.2.8/xendump.c:358:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &batch_count, sizeof(int)) != sizeof(int))
data/crash-7.2.8/xendump.c:402:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, xd->xc_save.region_pfn_type, batch_count * sizeof(ulong)) !=
data/crash-7.2.8/xendump.c:434:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &xd->xc_save.pfns_not,
data/crash-7.2.8/xendump.c:493:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, buf, sizeof(ulong)) != sizeof(ulong))
data/crash-7.2.8/xendump.c:505:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, buf, sizeof(xen_domctl_arch_setup_t)) !=
data/crash-7.2.8/xendump.c:522:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &N, sizeof(N)) != sizeof(N))
data/crash-7.2.8/xendump.c:628:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, xd->page, xd->page_size) != xd->page_size)
data/crash-7.2.8/xendump.c:646:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, xd->page, xd->page_size) != xd->page_size)
data/crash-7.2.8/xendump.c:675:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &batch_count, sizeof(int)) != sizeof(int))
data/crash-7.2.8/xendump.c:700:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, xd->xc_save.region_pfn_type, batch_count * sizeof(ulong)) !=
data/crash-7.2.8/xendump.c:726:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, xd->page, xd->page_size) !=
data/crash-7.2.8/xendump.c:861:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, xd->page, xd->page_size) != xd->page_size)
data/crash-7.2.8/xendump.c:1301:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, tmp, size) != size) {
data/crash-7.2.8/xendump.c:1341:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, pgbuf, xd->page_size) != xd->page_size) {
data/crash-7.2.8/xendump.c:1373:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &p2m_batch[0], size) != size) {
data/crash-7.2.8/xendump.c:1414:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, pgbuf, xd->page_size) != xd->page_size) {
data/crash-7.2.8/xendump.c:1449:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, tmp, size) != size) {
data/crash-7.2.8/xendump.c:1493:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &p2m_batch[0], size) != size) {
data/crash-7.2.8/xendump.c:1546:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, tmp, sizeof(ulong) * 4) != (4 * sizeof(ulong))) {
data/crash-7.2.8/xendump.c:1576:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, tmp, size) != size) {
data/crash-7.2.8/xendump.c:1609:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, tmp64, size) != size) {
data/crash-7.2.8/xendump.c:1693:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, xd->page, xd->page_size) != xd->page_size) {
data/crash-7.2.8/xendump.c:1760:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &p2m_batch[0], size) != size) {
data/crash-7.2.8/xendump.c:1822:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &mfn, sizeof(ulong)) != sizeof(ulong)) {
data/crash-7.2.8/xendump.c:1889:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &pfn_batch[0], size) != size) {
data/crash-7.2.8/xendump.c:1969:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!fmt || !strlen(fmt))
data/crash-7.2.8/xendump.c:2297:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &shdr, sizeof(Elf32_Shdr)) != sizeof(Elf32_Shdr))
data/crash-7.2.8/xendump.c:2463:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &shdr, sizeof(Elf32_Shdr)) != sizeof(Elf32_Shdr))
data/crash-7.2.8/xendump.c:2484:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &shdr, sizeof(Elf32_Shdr)) != sizeof(Elf32_Shdr))
data/crash-7.2.8/xendump.c:2527:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &c, sizeof(char)) != sizeof(char))
data/crash-7.2.8/xendump.c:2586:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &shdr, sizeof(Elf64_Shdr)) != sizeof(Elf64_Shdr))
data/crash-7.2.8/xendump.c:2629:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &c, sizeof(char)) != sizeof(char))
data/crash-7.2.8/xendump.c:2693:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (read(xd->xfd, &buf[i], sizeof(char)) == sizeof(char)) {
data/crash-7.2.8/xendump.c:2728:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, notes_buffer, sh_size) != sh_size)
data/crash-7.2.8/xendump.c:2830:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &pfn, sizeof(uint64_t)) !=
data/crash-7.2.8/xendump.c:2850:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(xd->xfd, &p2m, sizeof(struct xen_dumpcore_p2m)) !=
ANALYSIS SUMMARY:
Hits = 4765
Lines analyzed = 196983 in approximately 5.62 seconds (35021 lines/second)
Physical Source Lines of Code (SLOC) = 155593
Hits@level = [0] 8358 [1] 1355 [2] 2188 [3] 89 [4] 1132 [5] 1
Hits@level+ = [0+] 13123 [1+] 4765 [2+] 3410 [3+] 1222 [4+] 1133 [5+] 1
Hits/KSLOC@level+ = [0+] 84.3418 [1+] 30.6248 [2+] 21.9162 [3+] 7.85382 [4+] 7.28182 [5+] 0.00642702
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.