Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/iozone3-489/src/current/fileop.c
Examining data/iozone3-489/src/current/iozone.c
Parsing failed to find end of parameter list; semicolon terminated it in (" child/slot: %ld, wall-cpu: %8.3f %8.3fC" " -> %6.2f%%\n", (long)xx,
#else
printf(" child/slot: %lld, wall-cpu: %8.3f %8.3fC" " -> %6.2f%%\n", (long long)xx,
#endif
walltime, cputime,
cpu_ut
Parsing failed to find end of parameter list; semicolon terminated it in (" child/slot: %ld, wall-cpu: %8.3f %8.3fC" " -> %6.2f%%\n",(long)xx,
#else
printf(" child/slot: %lld, wall-cpu: %8.3f %8.3fC" " -> %6.2f%%\n",(long long)xx,
#endif
walltime, cputime, cpu_util(cp
Parsing failed to find end of parameter list; semicolon terminated it in (" child/slot: %ld, wall-cpu: %8.3f %8.3fC" " -> %6.2f%%\n", (long)xx,
#else
printf(" child/slot: %lld, wall-cpu: %8.3f %8.3fC" " -> %6.2f%%\n",(long long)xx,
#endif
Parsing failed to find end of parameter list; semicolon terminated it in (" child/slot: %ld, wall-cpu: %8.3f %8.3fC" " -> %6.2f%%\n",(long)xx,
#else
printf(" child/slot: %lld, wall-cpu: %8.3f %8.3fC" " -> %6.2f%%\n",(long long)xx,
#endif
Examining data/iozone3-489/src/current/libasync.c
Examining data/iozone3-489/src/current/libbif.c
Examining data/iozone3-489/src/current/pit_server.c
FINAL RESULTS:
data/iozone3-489/src/current/fileop.c:933:10: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
y=chmod(buf,0666);
data/iozone3-489/src/current/fileop.c:158:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, mountname);
data/iozone3-489/src/current/fileop.c:164:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system(command);
data/iozone3-489/src/current/fileop.c:170:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, mountname);
data/iozone3-489/src/current/fileop.c:171:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
junk=system(command);
data/iozone3-489/src/current/fileop.c:890:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
y=access(buf,W_OK|F_OK);
data/iozone3-489/src/current/iozone.c:1275:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int system();
data/iozone3-489/src/current/iozone.c:1362:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int system();
data/iozone3-489/src/current/iozone.c:1911:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(splash[splash_line++],"\t%s\n\t%s\n", THISVERSION,MODE);
data/iozone3-489/src/current/iozone.c:1912:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(splash[splash_line++],"\t\tBuild: %s \n\n",build_name);
data/iozone3-489/src/current/iozone.c:1922:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(splash[splash_line++],"\tRun began: %s\n",ctime(&time_run));
data/iozone3-489/src/current/iozone.c:1975:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename,default_filename); /* Init default filename */
data/iozone3-489/src/current/iozone.c:1976:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[0],"%s.DUMMY",default_filename);
data/iozone3-489/src/current/iozone.c:1978:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(USAGE);
data/iozone3-489/src/current/iozone.c:2205:28: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
pi=popen("uname -a", "r");
data/iozone3-489/src/current/iozone.c:2223:26: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(splash[splash_line++],"\n\tMachine = %s\n",reply);
data/iozone3-489/src/current/iozone.c:2304:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename,optarg);
data/iozone3-489/src/current/iozone.c:2305:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[0],"%s.DUMMY",optarg);
data/iozone3-489/src/current/iozone.c:2310:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bif_filename,optarg);
data/iozone3-489/src/current/iozone.c:2455:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mountname,optarg);
data/iozone3-489/src/current/iozone.c:2482:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(write_traj_filename,optarg);
data/iozone3-489/src/current/iozone.c:2485:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(splash[splash_line++],"\tUsing write telemetry file \"%s\"\n",
data/iozone3-489/src/current/iozone.c:2495:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(read_traj_filename,optarg);
data/iozone3-489/src/current/iozone.c:2496:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(splash[splash_line++],"\tUsing read telemetry file \"%s\"\n",
data/iozone3-489/src/current/iozone.c:2713:41: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(splash[splash_line++],"\tFilenames from a file option enabled. File: %s\n ",subarg);
data/iozone3-489/src/current/iozone.c:2766:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(controlling_host_name,subarg);
data/iozone3-489/src/current/iozone.c:2778:41: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(controlling_host_name,subarg);
data/iozone3-489/src/current/iozone.c:2779:41: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(splash[splash_line++],"\tHostname = %s\n",controlling_host_name);
data/iozone3-489/src/current/iozone.c:2789:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(client_filename,subarg);
data/iozone3-489/src/current/iozone.c:3058:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pit_hostname,subarg);
data/iozone3-489/src/current/iozone.c:3059:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(splash[splash_line++],"\tPIT_host %s\n",pit_hostname);
data/iozone3-489/src/current/iozone.c:3069:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pit_service,subarg);
data/iozone3-489/src/current/iozone.c:3070:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(splash[splash_line++],"\tPIT_port %s\n",pit_service);
data/iozone3-489/src/current/iozone.c:3555:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (command_line, argv[ix]);
data/iozone3-489/src/current/iozone.c:3960:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&toutput[0][0],throughput_tests[0]);
data/iozone3-489/src/current/iozone.c:4106:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx], xx);
data/iozone3-489/src/current/iozone.c:4108:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx], xx);
data/iozone3-489/src/current/iozone.c:4119:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx], xx);
data/iozone3-489/src/current/iozone.c:4121:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx], xx);
data/iozone3-489/src/current/iozone.c:4332:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&toutput[1][0],throughput_tests[1]);
data/iozone3-489/src/current/iozone.c:4581:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&toutput[toutputindex][0],throughput_tests[2]);
data/iozone3-489/src/current/iozone.c:4806:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&toutput[toutputindex][0],throughput_tests[3]);
data/iozone3-489/src/current/iozone.c:5051:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&toutput[toutputindex][0],throughput_tests[4]);
data/iozone3-489/src/current/iozone.c:5283:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&toutput[toutputindex][0],throughput_tests[5]);
data/iozone3-489/src/current/iozone.c:5518:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&toutput[toutputindex][0],throughput_tests[6]);
data/iozone3-489/src/current/iozone.c:5748:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&toutput[toutputindex][0],throughput_tests[7]);
data/iozone3-489/src/current/iozone.c:5978:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&toutput[toutputindex][0],throughput_tests[8]);
data/iozone3-489/src/current/iozone.c:6211:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&toutput[toutputindex][0],throughput_tests[9]);
data/iozone3-489/src/current/iozone.c:6446:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&toutput[toutputindex][0],throughput_tests[10]);
data/iozone3-489/src/current/iozone.c:6678:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&toutput[toutputindex][0],throughput_tests[11]);
data/iozone3-489/src/current/iozone.c:6908:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&toutput[toutputindex][0],throughput_tests[12]);
data/iozone3-489/src/current/iozone.c:11870:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if(!silent) printf(CONTROL_STRING2,
data/iozone3-489/src/current/iozone.c:11899:18: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if(!silent) printf(CONTROL_STRING2,
data/iozone3-489/src/current/iozone.c:11930:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if(!silent) printf(CONTROL_STRING4, /*kcollins 8-21-96*/
data/iozone3-489/src/current/iozone.c:11938:18: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if(!silent) printf(CONTROL_STRING4, /*kcollins 8-21-96*/
data/iozone3-489/src/current/iozone.c:11949:22: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if(!silent) printf(CONTROL_STRING3,
data/iozone3-489/src/current/iozone.c:11966:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if(!silent) printf(CONTROL_STRING3,
data/iozone3-489/src/current/iozone.c:11985:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if(!silent) printf(CONTROL_STRING3,
data/iozone3-489/src/current/iozone.c:12002:20: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if(!silent) printf(CONTROL_STRING3,
data/iozone3-489/src/current/iozone.c:12796:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, mountname);
data/iozone3-489/src/current/iozone.c:12802:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system(command);
data/iozone3-489/src/current/iozone.c:12808:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command, mountname);
data/iozone3-489/src/current/iozone.c:12814:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system(command);
data/iozone3-489/src/current/iozone.c:12954:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:12956:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:12962:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx2],(long)xx2);
data/iozone3-489/src/current/iozone.c:12964:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx2],(long long)xx2);
data/iozone3-489/src/current/iozone.c:13667:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:13669:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:13675:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx2],(long)xx2);
data/iozone3-489/src/current/iozone.c:13677:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx2],(long long)xx2);
data/iozone3-489/src/current/iozone.c:14307:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:14309:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:14315:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx2],(long)xx2);
data/iozone3-489/src/current/iozone.c:14317:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx2],(long long)xx2);
data/iozone3-489/src/current/iozone.c:14887:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:14889:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:14895:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx2],(long)xx2);
data/iozone3-489/src/current/iozone.c:14897:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx2],(long long)xx2);
data/iozone3-489/src/current/iozone.c:15465:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:15467:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:15473:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx2],(long)xx2);
data/iozone3-489/src/current/iozone.c:15475:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx2],(long long)xx2);
data/iozone3-489/src/current/iozone.c:16019:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:16021:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:16027:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx2],(long)xx2);
data/iozone3-489/src/current/iozone.c:16029:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx2],(long long)xx2);
data/iozone3-489/src/current/iozone.c:16587:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:16589:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:16595:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx2],xx2);
data/iozone3-489/src/current/iozone.c:16597:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx2],xx2);
data/iozone3-489/src/current/iozone.c:17123:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:17125:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:17131:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx2],(long)xx2);
data/iozone3-489/src/current/iozone.c:17133:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx2],(long long)xx2);
data/iozone3-489/src/current/iozone.c:17779:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:17781:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:17787:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx2],(long)xx2);
data/iozone3-489/src/current/iozone.c:17789:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx2],(long long)xx2);
data/iozone3-489/src/current/iozone.c:18429:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:18431:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:18437:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx2],(long)xx2);
data/iozone3-489/src/current/iozone.c:18439:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx2],(long long)xx2);
data/iozone3-489/src/current/iozone.c:18975:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx]);
data/iozone3-489/src/current/iozone.c:18977:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx]);
data/iozone3-489/src/current/iozone.c:18983:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx],(long)xx);
data/iozone3-489/src/current/iozone.c:18985:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx],(long long)xx);
data/iozone3-489/src/current/iozone.c:19229:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(print_str, "CPU utilization report Y-axis is type of test X-axis is number of %s", port);
data/iozone3-489/src/current/iozone.c:19256:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(print_str, "%15s ", throughput_tests[i]);
data/iozone3-489/src/current/iozone.c:19303:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(print_str,"Throughput report Y-axis is type of test X-axis is number of %s",port);
data/iozone3-489/src/current/iozone.c:19327:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(print_str,"Output is in %s",label);
data/iozone3-489/src/current/iozone.c:19335:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(print_str,"%15s ",toutput[i]);
data/iozone3-489/src/current/iozone.c:20217:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sbuf,buf);
data/iozone3-489/src/current/iozone.c:20360:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sbuf,buf);
data/iozone3-489/src/current/iozone.c:20461:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sbuf,buf);
data/iozone3-489/src/current/iozone.c:21128:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf.m_host_name,send_buffer->m_host_name);
data/iozone3-489/src/current/iozone.c:21129:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf.m_client_name,send_buffer->m_client_name);
data/iozone3-489/src/current/iozone.c:21186:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf.c_host_name,send_buffer->c_host_name);
data/iozone3-489/src/current/iozone.c:21187:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf.c_pit_hostname,send_buffer->c_pit_hostname);
data/iozone3-489/src/current/iozone.c:21188:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf.c_pit_service,send_buffer->c_pit_service);
data/iozone3-489/src/current/iozone.c:21189:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf.c_client_name,send_buffer->c_client_name);
data/iozone3-489/src/current/iozone.c:21190:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf.c_working_dir,send_buffer->c_working_dir);
data/iozone3-489/src/current/iozone.c:21191:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf.c_file_name,send_buffer->c_file_name);
data/iozone3-489/src/current/iozone.c:21192:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf.c_path_dir,send_buffer->c_path_dir);
data/iozone3-489/src/current/iozone.c:21193:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf.c_execute_name,send_buffer->c_execute_name);
data/iozone3-489/src/current/iozone.c:21194:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf.c_write_traj_filename,send_buffer->c_write_traj_filename);
data/iozone3-489/src/current/iozone.c:21195:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outbuf.c_read_traj_filename,send_buffer->c_read_traj_filename);
data/iozone3-489/src/current/iozone.c:21270:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(outbuf.c_stride,"%ld"(long)(,send_buffer->c_stride));
data/iozone3-489/src/current/iozone.c:21970:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command,"%s ",remote_shell);
data/iozone3-489/src/current/iozone.c:21971:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command,child_idents[x-1].child_name);
data/iozone3-489/src/current/iozone.c:21973:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command,child_idents[x-1].execute_path);
data/iozone3-489/src/current/iozone.c:21975:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command,controlling_host_name);
data/iozone3-489/src/current/iozone.c:21979:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command,my_port_num);
data/iozone3-489/src/current/iozone.c:21983:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
junk=system(command);
data/iozone3-489/src/current/iozone.c:22045:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cc.c_host_name ,controlling_host_name);
data/iozone3-489/src/current/iozone.c:22046:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cc.c_pit_hostname ,pit_hostname);
data/iozone3-489/src/current/iozone.c:22047:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cc.c_pit_service ,pit_service);
data/iozone3-489/src/current/iozone.c:22048:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cc.c_client_name ,child_idents[x-1].child_name);
data/iozone3-489/src/current/iozone.c:22049:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cc.c_working_dir ,child_idents[x-1].workdir);
data/iozone3-489/src/current/iozone.c:22050:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cc.c_file_name ,child_idents[x-1].file_name);
data/iozone3-489/src/current/iozone.c:22051:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cc.c_write_traj_filename ,write_traj_filename);
data/iozone3-489/src/current/iozone.c:22052:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cc.c_read_traj_filename ,read_traj_filename);
data/iozone3-489/src/current/iozone.c:22236:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mc.m_host_name,controlling_host_name);
data/iozone3-489/src/current/iozone.c:22237:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mc.m_client_name,client_name);
data/iozone3-489/src/current/iozone.c:22268:2: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(cnc->c_client_name,"%s",cc.c_client_name);
data/iozone3-489/src/current/iozone.c:22270:2: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(cnc->c_host_name,"%s",cc.c_host_name);
data/iozone3-489/src/current/iozone.c:22271:2: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(cnc->c_pit_hostname,"%s",cc.c_pit_hostname);
data/iozone3-489/src/current/iozone.c:22318:2: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(cnc->c_pit_hostname,"%s",cc.c_pit_hostname);
data/iozone3-489/src/current/iozone.c:22319:2: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(cnc->c_pit_service,"%s",cc.c_pit_service);
data/iozone3-489/src/current/iozone.c:22322:2: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(cnc->c_working_dir,"%s",cc.c_working_dir);
data/iozone3-489/src/current/iozone.c:22323:2: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(cnc->c_file_name,"%s",cc.c_file_name);
data/iozone3-489/src/current/iozone.c:22324:2: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(cnc->c_write_traj_filename,"%s",cc.c_write_traj_filename);
data/iozone3-489/src/current/iozone.c:22325:2: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(cnc->c_read_traj_filename,"%s",cc.c_read_traj_filename);
data/iozone3-489/src/current/iozone.c:22398:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(write_traj_filename,cc.c_write_traj_filename);
data/iozone3-489/src/current/iozone.c:22399:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(read_traj_filename,cc.c_read_traj_filename);
data/iozone3-489/src/current/iozone.c:22401:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pit_hostname,cc.c_pit_hostname);
data/iozone3-489/src/current/iozone.c:22402:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pit_service,cc.c_pit_service);
data/iozone3-489/src/current/iozone.c:22411:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filearray[chid],cc.c_file_name);
data/iozone3-489/src/current/iozone.c:23121:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
num=sscanf(buffer,"%s %s %s %s\n",
data/iozone3-489/src/current/iozone.c:23159:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[i],"%s",filearray[i]);
data/iozone3-489/src/current/iozone.c:23163:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[i],"%s.DUMMY.%d",filearray[i],i);
data/iozone3-489/src/current/iozone.c:23366:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(shell,value);
data/iozone3-489/src/current/iozone.c:23391:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(imon_start,start);
data/iozone3-489/src/current/iozone.c:23396:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(imon_stop,stop);
data/iozone3-489/src/current/iozone.c:23485:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sp_master_host,controlling_host_name);
data/iozone3-489/src/current/iozone.c:23491:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sp_remote_host,client_name);
data/iozone3-489/src/current/iozone.c:23492:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sp_location,e_path);
data/iozone3-489/src/current/iozone.c:23520:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sp_command,"%s %s %s -+s -t 1 -r %d -s %d -+c %s -+t ",
data/iozone3-489/src/current/iozone.c:23525:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
junk=system(sp_command);
data/iozone3-489/src/current/iozone.c:24224:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(where,value);
data/iozone3-489/src/current/iozone.c:24255:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cp,THISVERSION);
data/iozone3-489/src/current/iozone.c:24346:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command_line,"%s %s",imon_start,test);
data/iozone3-489/src/current/iozone.c:24348:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command_line,"%s %s&",imon_start,test);
data/iozone3-489/src/current/iozone.c:24349:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
junk=system(command_line);
data/iozone3-489/src/current/iozone.c:24364:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command_line,"%s %s",imon_stop,test);
data/iozone3-489/src/current/iozone.c:24366:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command_line,"%s %s &",imon_stop,test);
data/iozone3-489/src/current/iozone.c:24367:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
junk=system(command_line);
data/iozone3-489/src/current/iozone.c:25054:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name,"%s_child_%d.txt","Iozone_histogram",id);
data/iozone3-489/src/current/iozone.c:25303:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:25305:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:25311:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx2],xx2);
data/iozone3-489/src/current/iozone.c:25313:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx2],xx2);
data/iozone3-489/src/current/iozone.c:25766:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:25768:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s",filearray[xx2]);
data/iozone3-489/src/current/iozone.c:25774:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%ld",filearray[xx2],xx2);
data/iozone3-489/src/current/iozone.c:25776:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dummyfile[xx],"%s.DUMMY.%lld",filearray[xx2],xx2);
data/iozone3-489/src/current/libbif.c:402:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(labelrec.str_array,string);
data/iozone3-489/src/current/pit_server.c:93:12: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, \
data/iozone3-489/src/current/pit_server.c:107:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, \
data/iozone3-489/src/current/pit_server.c:138:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(service_name,DFLT_SERVICE);
data/iozone3-489/src/current/pit_server.c:159:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(service_name,optarg);
data/iozone3-489/src/current/fileop.c:75:5: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int getopt();
data/iozone3-489/src/current/fileop.c:182:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((cret = getopt(argc,argv,"hbwetvf:s:l:u:d:U:i: ")) != EOF){
data/iozone3-489/src/current/iozone.c:126:6: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
long lrand48();
data/iozone3-489/src/current/iozone.c:1273:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *getenv();
data/iozone3-489/src/current/iozone.c:1299:6: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void srand(unsigned int);
data/iozone3-489/src/current/iozone.c:1360:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *getenv();
data/iozone3-489/src/current/iozone.c:1378:6: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void srand();
data/iozone3-489/src/current/iozone.c:1485:50: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random random bkwd record stride
data/iozone3-489/src/current/iozone.c:1485:60: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
random random bkwd record stride
data/iozone3-489/src/current/iozone.c:1876:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
evalue=(char *)getenv("CDEBUG");
data/iozone3-489/src/current/iozone.c:1880:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
evalue=(char *)getenv("MDEBUG");
data/iozone3-489/src/current/iozone.c:1884:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/iozone3-489/src/current/iozone.c:1989:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((cret = getopt(argc,argv,"ZQNIBDGCTOMREWovAxamwphcezKJ:j:k:V:r:t:s:f:F:d:l:u:U:S:L:H:+:P:i:b:X:Y:g:n:y:q: ")) != EOF){
data/iozone3-489/src/current/iozone.c:7454:10: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/iozone3-489/src/current/iozone.c:7591:10: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/iozone3-489/src/current/iozone.c:9313:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/iozone3-489/src/current/iozone.c:9316:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/iozone3-489/src/current/iozone.c:9346:27: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
big_rand = lrand48();
data/iozone3-489/src/current/iozone.c:9444:7: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/iozone3-489/src/current/iozone.c:9447:14: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/iozone3-489/src/current/iozone.c:9492:28: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
offset64 = reclen * (lrand48()%numrecs64);
data/iozone3-489/src/current/iozone.c:9602:28: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
offset64 = reclen * (lrand48()%numrecs64);
data/iozone3-489/src/current/iozone.c:11400:10: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/iozone3-489/src/current/iozone.c:11403:17: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/iozone3-489/src/current/iozone.c:11597:24: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
offset64 = reclen * (lrand48()%numrecs64);
data/iozone3-489/src/current/iozone.c:11731:10: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/iozone3-489/src/current/iozone.c:11734:17: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/iozone3-489/src/current/iozone.c:17684:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/iozone3-489/src/current/iozone.c:17687:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/iozone3-489/src/current/iozone.c:17717:27: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
big_rand = lrand48();
data/iozone3-489/src/current/iozone.c:17945:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/iozone3-489/src/current/iozone.c:17948:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/iozone3-489/src/current/iozone.c:17989:33: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
current_offset = reclen * (lrand48()%numrecs64);
data/iozone3-489/src/current/iozone.c:18323:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/iozone3-489/src/current/iozone.c:18326:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/iozone3-489/src/current/iozone.c:18356:27: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
big_rand = lrand48();
data/iozone3-489/src/current/iozone.c:18612:33: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
current_offset = reclen * (lrand48()%numrecs64);
data/iozone3-489/src/current/iozone.c:23363:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
value=(char *)getenv("RSH");
data/iozone3-489/src/current/iozone.c:23388:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
start=(char *)getenv("IMON_START");
data/iozone3-489/src/current/iozone.c:23393:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
stop=(char *)getenv("IMON_STOP");
data/iozone3-489/src/current/iozone.c:23398:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
sync=(char *)getenv("IMON_SYNC");
data/iozone3-489/src/current/iozone.c:24259:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(y);
data/iozone3-489/src/current/iozone.c:24411:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed+1+(((int)numrecs64)*dedup_mseed)); /* set random seed */
data/iozone3-489/src/current/iozone.c:24461:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(chid+1+dedup_mseed); /* set randdom seed */
data/iozone3-489/src/current/iozone.c:24513:17: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(1+seed+((chid+1)*(int)numrecs64)*dedup_mseed);
data/iozone3-489/src/current/iozone.c:24570:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(DEDUPSEED+dedup_mseed);
data/iozone3-489/src/current/iozone.c:26208:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(DEDUPSEED);
data/iozone3-489/src/current/iozone.c:26262:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed+1+(((int)numrecs64)*dedup_mseed)); /* set random seed */
data/iozone3-489/src/current/iozone.c:26283:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(chid+chid_skew+1+dedup_mseed); /* set randdom seed */
data/iozone3-489/src/current/iozone.c:26303:17: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(1+seed+((chid+chid_skew+1)*(int)numrecs64)*dedup_mseed);
data/iozone3-489/src/current/pit_server.c:148:20: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ( ( opt = getopt( argc, argv, VALIDOPTS ) ) >= 0 )
data/iozone3-489/src/current/fileop.c:134:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thedir[PATH_MAX]="."; /* Default is to use the current directory */
data/iozone3-489/src/current/fileop.c:151:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[PATH_MAX];
data/iozone3-489/src/current/fileop.c:152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/iozone3-489/src/current/fileop.c:157:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(command,"umount ");
data/iozone3-489/src/current/fileop.c:169:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(command,"mount ");
data/iozone3-489/src/current/fileop.c:199:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
incr=atoi(optarg);
data/iozone3-489/src/current/fileop.c:204:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x=atoi(optarg);
data/iozone3-489/src/current/fileop.c:209:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sz=atoi(optarg);
data/iozone3-489/src/current/fileop.c:212:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sz = (1024 * atoi(optarg));
data/iozone3-489/src/current/fileop.c:216:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sz = (1024 * 1024 * atoi(optarg));
data/iozone3-489/src/current/fileop.c:222:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lower=atoi(optarg);
data/iozone3-489/src/current/fileop.c:232:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
upper=atoi(optarg);
data/iozone3-489/src/current/fileop.c:597:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/iozone3-489/src/current/fileop.c:602:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d",i);
data/iozone3-489/src/current/fileop.c:623:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d_L2_%d",i,j);
data/iozone3-489/src/current/fileop.c:644:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_dir_%d_%d_%d",i,j,k);
data/iozone3-489/src/current/fileop.c:675:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/iozone3-489/src/current/fileop.c:681:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d",i);
data/iozone3-489/src/current/fileop.c:688:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d_L2_%d",i,j);
data/iozone3-489/src/current/fileop.c:695:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_dir_%d_%d_%d",i,j,k);
data/iozone3-489/src/current/fileop.c:744:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/iozone3-489/src/current/fileop.c:754:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d",i);
data/iozone3-489/src/current/fileop.c:764:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d_L2_%d",i,j);
data/iozone3-489/src/current/fileop.c:774:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_file_%d_%d_%d",i,j,k);
data/iozone3-489/src/current/fileop.c:832:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/iozone3-489/src/current/fileop.c:838:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d",i);
data/iozone3-489/src/current/fileop.c:842:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d_L2_%d",i,j);
data/iozone3-489/src/current/fileop.c:846:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_file_%d_%d_%d",i,j,k);
data/iozone3-489/src/current/fileop.c:875:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/iozone3-489/src/current/fileop.c:880:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d",i);
data/iozone3-489/src/current/fileop.c:884:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d_L2_%d",i,j);
data/iozone3-489/src/current/fileop.c:888:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_file_%d_%d_%d",i,j,k);
data/iozone3-489/src/current/fileop.c:918:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/iozone3-489/src/current/fileop.c:923:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d",i);
data/iozone3-489/src/current/fileop.c:927:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d_L2_%d",i,j);
data/iozone3-489/src/current/fileop.c:931:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_file_%d_%d_%d",i,j,k);
data/iozone3-489/src/current/fileop.c:961:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/iozone3-489/src/current/fileop.c:968:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d",i);
data/iozone3-489/src/current/fileop.c:972:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d_L2_%d",i,j);
data/iozone3-489/src/current/fileop.c:1013:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/iozone3-489/src/current/fileop.c:1014:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufn[100];
data/iozone3-489/src/current/fileop.c:1019:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d",i);
data/iozone3-489/src/current/fileop.c:1023:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d_L2_%d",i,j);
data/iozone3-489/src/current/fileop.c:1027:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_file_%d_%d_%d",i,j,k);
data/iozone3-489/src/current/fileop.c:1028:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bufn,"fileop_file_%d_%d_%dL",i,j,k);
data/iozone3-489/src/current/fileop.c:1057:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/iozone3-489/src/current/fileop.c:1058:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufn[100];
data/iozone3-489/src/current/fileop.c:1063:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d",i);
data/iozone3-489/src/current/fileop.c:1067:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d_L2_%d",i,j);
data/iozone3-489/src/current/fileop.c:1071:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_file_%d_%d_%d",i,j,k);
data/iozone3-489/src/current/fileop.c:1072:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bufn,"fileop_file_%d_%d_%dL",i,j,k);
data/iozone3-489/src/current/fileop.c:1101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/iozone3-489/src/current/fileop.c:1106:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d",i);
data/iozone3-489/src/current/fileop.c:1110:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d_L2_%d",i,j);
data/iozone3-489/src/current/fileop.c:1114:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_dir_%d_%d_%d",i,j,k);
data/iozone3-489/src/current/fileop.c:1131:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d_L2_%d",i,j);
data/iozone3-489/src/current/fileop.c:1146:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d",i);
data/iozone3-489/src/current/fileop.c:1166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/iozone3-489/src/current/fileop.c:1171:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d",i);
data/iozone3-489/src/current/fileop.c:1175:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d_L2_%d",i,j);
data/iozone3-489/src/current/fileop.c:1179:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_file_%d_%d_%d",i,j,k);
data/iozone3-489/src/current/fileop.c:1194:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d_L2_%d",i,j);
data/iozone3-489/src/current/fileop.c:1198:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d",i);
data/iozone3-489/src/current/fileop.c:1206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/iozone3-489/src/current/fileop.c:1214:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d",i);
data/iozone3-489/src/current/fileop.c:1218:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_L1_%d_L2_%d",i,j);
data/iozone3-489/src/current/fileop.c:1222:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"fileop_file_%d_%d_%d",i,j,k);
data/iozone3-489/src/current/fileop.c:1225:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=open(buf,O_RDONLY);
data/iozone3-489/src/current/iozone.c:117:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int atoi();
data/iozone3-489/src/current/iozone.c:541:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_host_name[100];
data/iozone3-489/src/current/iozone.c:542:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_pit_hostname[40];
data/iozone3-489/src/current/iozone.c:543:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_pit_service[8];
data/iozone3-489/src/current/iozone.c:544:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_client_name[100];
data/iozone3-489/src/current/iozone.c:545:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_working_dir[200];
data/iozone3-489/src/current/iozone.c:546:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_file_name[200];
data/iozone3-489/src/current/iozone.c:547:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_path_dir[200];
data/iozone3-489/src/current/iozone.c:548:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_execute_name[200];
data/iozone3-489/src/current/iozone.c:549:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_write_traj_filename[200];
data/iozone3-489/src/current/iozone.c:550:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_read_traj_filename[200];
data/iozone3-489/src/current/iozone.c:650:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_host_name[100];
data/iozone3-489/src/current/iozone.c:651:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_pit_hostname[40];
data/iozone3-489/src/current/iozone.c:652:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_pit_service[8];
data/iozone3-489/src/current/iozone.c:653:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_client_name[100];
data/iozone3-489/src/current/iozone.c:654:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_working_dir[200];
data/iozone3-489/src/current/iozone.c:655:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_file_name[200];
data/iozone3-489/src/current/iozone.c:656:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_path_dir[200];
data/iozone3-489/src/current/iozone.c:657:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_execute_name[200];
data/iozone3-489/src/current/iozone.c:658:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_write_traj_filename[200];
data/iozone3-489/src/current/iozone.c:659:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_read_traj_filename[200];
data/iozone3-489/src/current/iozone.c:660:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_oflag[2];
data/iozone3-489/src/current/iozone.c:661:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_mfflag[2];
data/iozone3-489/src/current/iozone.c:662:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_unbuffered[2];
data/iozone3-489/src/current/iozone.c:663:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_noretest[2];
data/iozone3-489/src/current/iozone.c:664:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_notruncate[2];
data/iozone3-489/src/current/iozone.c:665:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_read_sync[2];
data/iozone3-489/src/current/iozone.c:666:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_jflag[2];
data/iozone3-489/src/current/iozone.c:667:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_async_flag[2];
data/iozone3-489/src/current/iozone.c:668:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_k_flag[2];
data/iozone3-489/src/current/iozone.c:669:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_h_flag[2];
data/iozone3-489/src/current/iozone.c:670:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_mflag[2];
data/iozone3-489/src/current/iozone.c:671:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_pflag[2];
data/iozone3-489/src/current/iozone.c:672:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_stride_flag[2];
data/iozone3-489/src/current/iozone.c:673:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_verify[2];
data/iozone3-489/src/current/iozone.c:674:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_sverify[2];
data/iozone3-489/src/current/iozone.c:675:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_odsync[2];
data/iozone3-489/src/current/iozone.c:676:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_diag_v[2];
data/iozone3-489/src/current/iozone.c:677:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_zero_pct[4];
data/iozone3-489/src/current/iozone.c:678:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_N_special[4];
data/iozone3-489/src/current/iozone.c:679:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_dedup_granule_size[8];
data/iozone3-489/src/current/iozone.c:680:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_dedup[4];
data/iozone3-489/src/current/iozone.c:681:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_dedup_flag[4];
data/iozone3-489/src/current/iozone.c:682:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_dedup_iflag[4];
data/iozone3-489/src/current/iozone.c:683:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_dedup_bflag[4];
data/iozone3-489/src/current/iozone.c:684:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_dedup_interior[4];
data/iozone3-489/src/current/iozone.c:685:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_dedup_compress[4];
data/iozone3-489/src/current/iozone.c:686:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_dedup_mseed[4];
data/iozone3-489/src/current/iozone.c:687:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_chid_skew[4];
data/iozone3-489/src/current/iozone.c:688:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_hist_summary[4];
data/iozone3-489/src/current/iozone.c:689:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_op_rate[4];
data/iozone3-489/src/current/iozone.c:690:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_op_rate_flag[2];
data/iozone3-489/src/current/iozone.c:691:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_Q_flag[2];
data/iozone3-489/src/current/iozone.c:692:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_inc_think[2];
data/iozone3-489/src/current/iozone.c:693:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_L_flag[2];
data/iozone3-489/src/current/iozone.c:694:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_OPS_flag[2];
data/iozone3-489/src/current/iozone.c:695:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_mmapflag[2];
data/iozone3-489/src/current/iozone.c:696:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_mmapasflag[2];
data/iozone3-489/src/current/iozone.c:697:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_mmapnsflag[2];
data/iozone3-489/src/current/iozone.c:698:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_mmapssflag[2];
data/iozone3-489/src/current/iozone.c:699:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_no_copy_flag[2];
data/iozone3-489/src/current/iozone.c:700:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_include_close[2];
data/iozone3-489/src/current/iozone.c:701:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_include_flush[2];
data/iozone3-489/src/current/iozone.c:702:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_disrupt_flag[2];
data/iozone3-489/src/current/iozone.c:703:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_compute_flag[2];
data/iozone3-489/src/current/iozone.c:704:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_stop_flag[2];
data/iozone3-489/src/current/iozone.c:705:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_xflag[2];
data/iozone3-489/src/current/iozone.c:706:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_MS_flag[2];
data/iozone3-489/src/current/iozone.c:707:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_mmap_mix[2];
data/iozone3-489/src/current/iozone.c:708:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_Kplus_flag[2];
data/iozone3-489/src/current/iozone.c:709:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_w_traj_flag[2]; /* small int */
data/iozone3-489/src/current/iozone.c:710:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_r_traj_flag[2]; /* small int */
data/iozone3-489/src/current/iozone.c:711:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_direct_flag[2]; /* small int */
data/iozone3-489/src/current/iozone.c:712:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_cpuutilflag[2]; /* small int */
data/iozone3-489/src/current/iozone.c:713:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_seq_mix[2]; /* small int */
data/iozone3-489/src/current/iozone.c:714:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_del_flag[2]; /* small int */
data/iozone3-489/src/current/iozone.c:715:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_stride[10]; /* small long long */
data/iozone3-489/src/current/iozone.c:716:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_rest_val[10]; /* small long long */
data/iozone3-489/src/current/iozone.c:717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_purge[10]; /* very small long long */
data/iozone3-489/src/current/iozone.c:718:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_fetchon[10]; /* very small long long */
data/iozone3-489/src/current/iozone.c:719:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_multiplier[10]; /* small int */
data/iozone3-489/src/current/iozone.c:720:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_share_file[10]; /* small int */
data/iozone3-489/src/current/iozone.c:721:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_file_lock[10]; /* small int */
data/iozone3-489/src/current/iozone.c:722:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_rec_lock[10]; /* small int */
data/iozone3-489/src/current/iozone.c:723:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_Kplus_readers[10]; /* small int */
data/iozone3-489/src/current/iozone.c:724:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_client_number[20]; /* int */
data/iozone3-489/src/current/iozone.c:725:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_command[20]; /* int */
data/iozone3-489/src/current/iozone.c:726:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_testnum[20]; /* int */
data/iozone3-489/src/current/iozone.c:727:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_no_unlink[4]; /* int */
data/iozone3-489/src/current/iozone.c:728:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_no_write[4]; /* int */
data/iozone3-489/src/current/iozone.c:729:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_pattern[20]; /* int */
data/iozone3-489/src/current/iozone.c:730:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_version[20]; /* int */
data/iozone3-489/src/current/iozone.c:731:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_base_time[20]; /* int */
data/iozone3-489/src/current/iozone.c:732:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_num_child[20]; /* int */
data/iozone3-489/src/current/iozone.c:733:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_pct_read[6]; /* small int */
data/iozone3-489/src/current/iozone.c:734:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_advise_op[4]; /* small int */
data/iozone3-489/src/current/iozone.c:735:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_advise_flag[4]; /* small int */
data/iozone3-489/src/current/iozone.c:736:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_restf[4]; /* small int */
data/iozone3-489/src/current/iozone.c:737:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_mygen[20]; /* long */
data/iozone3-489/src/current/iozone.c:738:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_depth[20]; /* small long long */
data/iozone3-489/src/current/iozone.c:739:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_child_flag[40]; /* small long long */
data/iozone3-489/src/current/iozone.c:740:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_delay[80]; /* long long */
data/iozone3-489/src/current/iozone.c:741:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_numrecs64[80]; /* long long */
data/iozone3-489/src/current/iozone.c:742:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_reclen[80]; /* long long */
data/iozone3-489/src/current/iozone.c:743:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_delay_start[80]; /* long long */
data/iozone3-489/src/current/iozone.c:744:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_compute_time[80]; /* float */
data/iozone3-489/src/current/iozone.c:753:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_host_name[100];
data/iozone3-489/src/current/iozone.c:754:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_client_name[100];
data/iozone3-489/src/current/iozone.c:778:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_host_name[100];
data/iozone3-489/src/current/iozone.c:779:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_client_name[100];
data/iozone3-489/src/current/iozone.c:780:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_client_number[20]; /* int */
data/iozone3-489/src/current/iozone.c:781:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_client_error[20]; /* int */
data/iozone3-489/src/current/iozone.c:782:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_stop_flag[4]; /* char +space */
data/iozone3-489/src/current/iozone.c:783:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_child_port[20]; /* int */
data/iozone3-489/src/current/iozone.c:784:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_child_async_port[20]; /* int */
data/iozone3-489/src/current/iozone.c:785:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_command[20]; /* int */
data/iozone3-489/src/current/iozone.c:786:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_testnum[20]; /* int */
data/iozone3-489/src/current/iozone.c:787:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_version[20]; /* int */
data/iozone3-489/src/current/iozone.c:788:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_mygen[20]; /* int */
data/iozone3-489/src/current/iozone.c:789:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_throughput[80]; /* float */
data/iozone3-489/src/current/iozone.c:790:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_cputime[80]; /* float */
data/iozone3-489/src/current/iozone.c:791:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_walltime[80]; /* float */
data/iozone3-489/src/current/iozone.c:792:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_actual[80]; /* float */
data/iozone3-489/src/current/iozone.c:793:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_child_flag[80]; /* long long */
data/iozone3-489/src/current/iozone.c:1432:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define I_OPEN(x,y,z) open(x,(int)(y),(int)(z))
data/iozone3-489/src/current/iozone.c:1434:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define I_FOPEN(x,y) fopen(x,y)
data/iozone3-489/src/current/iozone.c:1542:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *barray[MAXSTREAMS];
data/iozone3-489/src/current/iozone.c:1582:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imon_start[256],imon_stop[256];
data/iozone3-489/src/current/iozone.c:1635:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bif_filename [MAXNAMESIZE]; /* name of biff file */
data/iozone3-489/src/current/iozone.c:1636:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename [MAXNAMESIZE]; /* name of temporary file */
data/iozone3-489/src/current/iozone.c:1637:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mountname [MAXNAMESIZE]; /* name of device */
data/iozone3-489/src/current/iozone.c:1638:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummyfile [MAXSTREAMS][MAXNAMESIZE]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:1639:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummyfile1 [MAXNAMESIZE]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:1640:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *filearray[MAXSTREAMS]; /* array of file names */
data/iozone3-489/src/current/iozone.c:1642:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tfile[MAXNAMESIZE];
data/iozone3-489/src/current/iozone.c:1664:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command_line[1024] = "\0";
data/iozone3-489/src/current/iozone.c:1671:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char splash[80][80];
data/iozone3-489/src/current/iozone.c:1673:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_filename[256];
data/iozone3-489/src/current/iozone.c:1674:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remote_shell[256];
data/iozone3-489/src/current/iozone.c:1677:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pit_hostname[40];
data/iozone3-489/src/current/iozone.c:1678:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pit_service[8];
data/iozone3-489/src/current/iozone.c:1737:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char master_rcv_buf[4096]; /* Master's receive buffer */
data/iozone3-489/src/current/iozone.c:1739:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char master_send_buf[4096]; /* Master's send buffer */
data/iozone3-489/src/current/iozone.c:1740:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char child_rcv_buf[4096]; /* Child's receive buffer */
data/iozone3-489/src/current/iozone.c:1741:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char child_async_rcv_buf[4096]; /* Child's async recieve buffer */
data/iozone3-489/src/current/iozone.c:1742:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char child_send_buf[4096]; /* Child's send buffer */
data/iozone3-489/src/current/iozone.c:1753:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toutput[20][20]; /* Used to help format the output */
data/iozone3-489/src/current/iozone.c:1770:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char controlling_host_name[100];
data/iozone3-489/src/current/iozone.c:1772:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char child_name[100];
data/iozone3-489/src/current/iozone.c:1773:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workdir[200];
data/iozone3-489/src/current/iozone.c:1774:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char execute_path[200];
data/iozone3-489/src/current/iozone.c:1775:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[200];
data/iozone3-489/src/current/iozone.c:1784:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char write_traj_filename [MAXNAMESIZE]; /* name of write telemetry file */
data/iozone3-489/src/current/iozone.c:1785:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char read_traj_filename [MAXNAMESIZE]; /* name of read telemetry file */
data/iozone3-489/src/current/iozone.c:1855:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[IBUFSIZE];
data/iozone3-489/src/current/iozone.c:1865:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tfile,"iozone"); /* Dummy name prefix */
data/iozone3-489/src/current/iozone.c:1878:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cdebug=atoi(evalue);
data/iozone3-489/src/current/iozone.c:1882:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mdebug=atoi(evalue);
data/iozone3-489/src/current/iozone.c:1910:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tIozone: Performance Test of File I/O\n");
data/iozone3-489/src/current/iozone.c:1913:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tContributors:William Norcott, Don Capps, Isom Crawford, Kirby Collins\n");
data/iozone3-489/src/current/iozone.c:1914:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t Al Slater, Scott Rhine, Mike Wisner, Ken Goss\n");
data/iozone3-489/src/current/iozone.c:1915:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t Steve Landherr, Brad Smith, Mark Kelly, Dr. Alain CYR,\n");
data/iozone3-489/src/current/iozone.c:1916:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t Randy Dunlap, Mark Montague, Dan Million, Gavin Brebner,\n");
data/iozone3-489/src/current/iozone.c:1917:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t Jean-Marc Zucconi, Jeff Blomberg, Benny Halevy, Dave Boone,\n");
data/iozone3-489/src/current/iozone.c:1918:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t Erik Habbinga, Kris Strecker, Walter Wong, Joshua Root,\n");
data/iozone3-489/src/current/iozone.c:1919:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t Fabrice Bacchella, Zhenghua Xue, Qin Li, Darren Sawyer,\n");
data/iozone3-489/src/current/iozone.c:1920:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t Vangel Bojaxhi, Ben England, Vikentsi Lapa,\n");
data/iozone3-489/src/current/iozone.c:1921:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t Alexey Skidanov, Sudhir Kumar.\n\n");
data/iozone3-489/src/current/iozone.c:1992:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
depth = (long long)(atoi(optarg));
data/iozone3-489/src/current/iozone.c:2000:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tPOSIX Async I/O (no bcopy). Depth %ld \n",depth);
data/iozone3-489/src/current/iozone.c:2002:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tPOSIX Async I/O (no bcopy). Depth %lld \n",(long long)depth);
data/iozone3-489/src/current/iozone.c:2018:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
depth = (long long)(atoi(optarg));
data/iozone3-489/src/current/iozone.c:2030:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tPOSIX async I/O (with bcopy). Depth %ld\n",depth);
data/iozone3-489/src/current/iozone.c:2032:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tPOSIX async I/O (with bcopy). Depth %lld\n",(long long)depth);
data/iozone3-489/src/current/iozone.c:2039:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tVxFS advanced feature SET_CACHE, VX_DIRECT enabled\n");
data/iozone3-489/src/current/iozone.c:2046:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tF_NOCACHE=1 - Turns data caching off\n");
data/iozone3-489/src/current/iozone.c:2048:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tO_DIRECT feature enabled\n");
data/iozone3-489/src/current/iozone.c:2055:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tO_DIRECTIO feature enabled\n");
data/iozone3-489/src/current/iozone.c:2060:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tO_DIRECTIO feature not available in Windows version.\n");
data/iozone3-489/src/current/iozone.c:2065:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tUsing mmap files\n");
data/iozone3-489/src/current/iozone.c:2070:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tUsing msync(MS_ASYNC) on mmap files\n");
data/iozone3-489/src/current/iozone.c:2076:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tUsing msync(MS_SYNC) on mmap files\n");
data/iozone3-489/src/current/iozone.c:2084:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tOffset/latency files enabled.\n");
data/iozone3-489/src/current/iozone.c:2088:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tStonewall disabled\n");
data/iozone3-489/src/current/iozone.c:2098:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tAuto Mode\n");
data/iozone3-489/src/current/iozone.c:2102:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tInclude close in write timing\n");
data/iozone3-489/src/current/iozone.c:2106:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tInclude fsync in write timing\n");
data/iozone3-489/src/current/iozone.c:2114:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tAuto Mode 2. This option is obsolete. Use -az -i0 -i1 \n");
data/iozone3-489/src/current/iozone.c:2147:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tFile size set to %ld kB\n",(long long)kilobytes64);
data/iozone3-489/src/current/iozone.c:2149:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tFile size set to %lld kB\n",(long long)kilobytes64);
data/iozone3-489/src/current/iozone.c:2154:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mint = (long long)(atoi(optarg));
data/iozone3-489/src/current/iozone.c:2175:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxt = (long long)(atoi(optarg));
data/iozone3-489/src/current/iozone.c:2200:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tMulti_buffer. Work area %d bytes\n",
data/iozone3-489/src/current/iozone.c:2208:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\n\tError using popen() on uname\n");
data/iozone3-489/src/current/iozone.c:2209:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t-M option suppressed.\n");
data/iozone3-489/src/current/iozone.c:2235:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
begin_proc = atoi(optarg);
data/iozone3-489/src/current/iozone.c:2240:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tBinding of processors beginning with %d \n",begin_proc);
data/iozone3-489/src/current/iozone.c:2243:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tProcessor binding not available in this version\n");
data/iozone3-489/src/current/iozone.c:2248:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tPurge Mode On\n");
data/iozone3-489/src/current/iozone.c:2263:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tExcel chart generation enabled\n");
data/iozone3-489/src/current/iozone.c:2266:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tSYNC Mode. \n");
data/iozone3-489/src/current/iozone.c:2270:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tOPS Mode. Output is in operations per second.\n");
data/iozone3-489/src/current/iozone.c:2274:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tMicroseconds/op Mode. Output is in microseconds per operation.\n");
data/iozone3-489/src/current/iozone.c:2279:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
inp_pat = (char)(atoi(optarg));
data/iozone3-489/src/current/iozone.c:2285:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tVerify Mode. Pattern %x\n",pattern);
data/iozone3-489/src/current/iozone.c:2286:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tPerformance measurements are invalid in this mode.\n");
data/iozone3-489/src/current/iozone.c:2289:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cache_size = (long)(atoi(optarg)*1024);
data/iozone3-489/src/current/iozone.c:2294:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cache_line_size = (long)(atoi(optarg));
data/iozone3-489/src/current/iozone.c:2360:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tRecord Size %ld kB\n",reclen/1024);
data/iozone3-489/src/current/iozone.c:2362:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tRecord Size %lld kB\n",reclen/1024);
data/iozone3-489/src/current/iozone.c:2376:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
compute_time = (float)(atoi(optarg));
data/iozone3-489/src/current/iozone.c:2385:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stride = (long long)(atoi(optarg));
data/iozone3-489/src/current/iozone.c:2391:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num_child1=(atoi(optarg));
data/iozone3-489/src/current/iozone.c:2424:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
delay_start = (long long)(atoi(optarg));
data/iozone3-489/src/current/iozone.c:2429:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tval=(long long)(atoi(optarg));
data/iozone3-489/src/current/iozone.c:2441:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tSelected test not available on the version.\n");
data/iozone3-489/src/current/iozone.c:2463:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tSetting no_unlink\n");
data/iozone3-489/src/current/iozone.c:2467:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tEnable mmap & file I/O mixing.\n");
data/iozone3-489/src/current/iozone.c:2472:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tLock file when reading/writing.\n");
data/iozone3-489/src/current/iozone.c:2476:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tDisrupted read patterns selected.\n");
data/iozone3-489/src/current/iozone.c:2524:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tUsing minimum file size of %ld kilobytes.\n",(long long)minimum_file_size);
data/iozone3-489/src/current/iozone.c:2526:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tUsing minimum file size of %lld kilobytes.\n",(long long)minimum_file_size);
data/iozone3-489/src/current/iozone.c:2547:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tUsing maximum file size of %ld kilobytes.\n",(long long)maximum_file_size);
data/iozone3-489/src/current/iozone.c:2549:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tUsing maximum file size of %lld kilobytes.\n",(long long)maximum_file_size);
data/iozone3-489/src/current/iozone.c:2553:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tCross over of record size disabled.\n");
data/iozone3-489/src/current/iozone.c:2574:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tUsing Minimum Record Size %ld kB\n", min_rec_size/1024LL);
data/iozone3-489/src/current/iozone.c:2576:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tUsing Minimum Record Size %lld kB\n", min_rec_size/1024LL);
data/iozone3-489/src/current/iozone.c:2607:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tUsing Maximum Record Size %ld kB\n", max_rec_size/1024);
data/iozone3-489/src/current/iozone.c:2609:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tUsing Maximum Record Size %lld kB\n", max_rec_size/1024);
data/iozone3-489/src/current/iozone.c:2631:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
zero_pct = atoi(subarg);
data/iozone3-489/src/current/iozone.c:2634:41: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tZero Percent %d\n ",zero_pct);
data/iozone3-489/src/current/iozone.c:2643:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dedup_granule_size = atoi(subarg);
data/iozone3-489/src/current/iozone.c:2646:41: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tDedup granule size %d\n",dedup_granule_size);
data/iozone3-489/src/current/iozone.c:2669:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
burst_sleep_duration_msec = atoi(strchr(subarg,',') + 1);
data/iozone3-489/src/current/iozone.c:2703:41: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tDedup+compress enabled\n ");
data/iozone3-489/src/current/iozone.c:2728:40: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(subarg, "r");
data/iozone3-489/src/current/iozone.c:2800:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tNetwork distribution mode enabled.\n");
data/iozone3-489/src/current/iozone.c:2808:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tCPU utilization Resolution = %5.3f seconds.\n",cputime_res);
data/iozone3-489/src/current/iozone.c:2809:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tCPU utilization Excel chart enabled\n");
data/iozone3-489/src/current/iozone.c:2816:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t>>> I/O Diagnostic mode enabled. <<<\n");
data/iozone3-489/src/current/iozone.c:2817:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tPerformance measurements are invalid in this mode.\n");
data/iozone3-489/src/current/iozone.c:2828:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
multiplier = atoi(subarg);
data/iozone3-489/src/current/iozone.c:2839:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
controlling_host_port = atoi(subarg);
data/iozone3-489/src/current/iozone.c:2848:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pct_read = atoi(subarg);
data/iozone3-489/src/current/iozone.c:2853:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tPercent read in mix test is %d\n",pct_read);
data/iozone3-489/src/current/iozone.c:2861:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tRead & Write sync mode active.\n");
data/iozone3-489/src/current/iozone.c:2873:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
advise_op=atoi(subarg);
data/iozone3-489/src/current/iozone.c:2874:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tMadvise enabled: %d\n",advise_op);
data/iozone3-489/src/current/iozone.c:2879:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tNo retest option selected\n");
data/iozone3-489/src/current/iozone.c:2891:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rest_val = (long long)atoi(subarg);
data/iozone3-489/src/current/iozone.c:2895:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tDelay %d seconds between tests enabled.\n",atoi(subarg));
data/iozone3-489/src/current/iozone.c:2895:82: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sprintf(splash[splash_line++],"\tDelay %d seconds between tests enabled.\n",atoi(subarg));
data/iozone3-489/src/current/iozone.c:2899:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t>>> O_DSYNC mode enabled. <<<\n");
data/iozone3-489/src/current/iozone.c:2904:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t>>> Record locking mode enabled. <<<\n");
data/iozone3-489/src/current/iozone.c:2908:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t>>> Record locking, shared file mode enabled. <<<\n");
data/iozone3-489/src/current/iozone.c:2913:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t>>> Think time is included in throughput cal. <<<\n");
data/iozone3-489/src/current/iozone.c:2917:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t>>> Shared file mode enabled. <<<\n");
data/iozone3-489/src/current/iozone.c:2921:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t>>> Sequential Mixed workload. <<<\n");
data/iozone3-489/src/current/iozone.c:2931:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t>>> No Verify mode. <<<\n");
data/iozone3-489/src/current/iozone.c:2947:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tShort circuit mode. For\n");
data/iozone3-489/src/current/iozone.c:2948:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t filesystem development testing ONLY !\n");
data/iozone3-489/src/current/iozone.c:2958:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tUsing old data sets.\n");
data/iozone3-489/src/current/iozone.c:2959:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t Performance measurements may be invalid in this\n");
data/iozone3-489/src/current/iozone.c:2960:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\t mode due to published hack.\n");
data/iozone3-489/src/current/iozone.c:2965:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tUnbuffered Windows API usage. >>> Very Experimental <<<\n");
data/iozone3-489/src/current/iozone.c:2975:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Kplus_readers = (int)atoi(subarg);
data/iozone3-489/src/current/iozone.c:2979:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tManual control of test 8. >>> Very Experimental. Sony special <<<\n");
data/iozone3-489/src/current/iozone.c:2989:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dedup = atoi(subarg);
data/iozone3-489/src/current/iozone.c:2995:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tDedup activated %d percent.\n",dedup);
data/iozone3-489/src/current/iozone.c:3005:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dedup_interior = atoi(subarg);
data/iozone3-489/src/current/iozone.c:3011:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tDedup within & across %d percent.\n",dedup_interior);
data/iozone3-489/src/current/iozone.c:3021:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dedup_compress = atoi(subarg);
data/iozone3-489/src/current/iozone.c:3027:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tDedup within %d percent.\n",dedup_compress);
data/iozone3-489/src/current/iozone.c:3036:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dedup_mseed = atoi(subarg);
data/iozone3-489/src/current/iozone.c:3039:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tDedup manual seed %d .\n",dedup_mseed);
data/iozone3-489/src/current/iozone.c:3048:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chid_skew = atoi(subarg);
data/iozone3-489/src/current/iozone.c:3049:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tDedup chid_skew %d .\n",chid_skew);
data/iozone3-489/src/current/iozone.c:3074:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tHistogram summary enabled.\n");
data/iozone3-489/src/current/iozone.c:3083:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
op_rate = atoi(subarg);
data/iozone3-489/src/current/iozone.c:3087:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(splash[splash_line++],"\tRate control active %d Ops/sec .\n",op_rate);
data/iozone3-489/src/current/iozone.c:4130:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
barray[xx] =(char *)(((long)barray[xx] + cache_size ) &
data/iozone3-489/src/current/iozone.c:4381:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
barray[xx] =(char *)(((long)barray[xx] + cache_size ) &
data/iozone3-489/src/current/iozone.c:4626:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
barray[xx] =(char *)(((long)barray[xx] + cache_size ) &
data/iozone3-489/src/current/iozone.c:4861:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
barray[xx] =(char *)(((long)barray[xx] + cache_size ) &
data/iozone3-489/src/current/iozone.c:5101:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
barray[xx] =(char *)(((long)barray[xx] + cache_size ) &
data/iozone3-489/src/current/iozone.c:5335:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
barray[xx] =(char *)(((long)barray[xx] + cache_size ) &
data/iozone3-489/src/current/iozone.c:5570:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
barray[xx] =(char *)(((long)barray[xx] + cache_size ) &
data/iozone3-489/src/current/iozone.c:5800:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
barray[xx] =(char *)(((long)barray[xx] + cache_size ) &
data/iozone3-489/src/current/iozone.c:6030:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
barray[xx] =(char *)(((long)barray[xx] + cache_size ) &
data/iozone3-489/src/current/iozone.c:6263:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
barray[xx] =(char *)(((long)barray[xx] + cache_size ) &
data/iozone3-489/src/current/iozone.c:6498:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
barray[xx] =(char *)(((long)barray[xx] + cache_size ) &
data/iozone3-489/src/current/iozone.c:6723:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
barray[xx] =(char *)(((long)barray[xx] + cache_size ) &
data/iozone3-489/src/current/iozone.c:6953:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
barray[xx] =(char *)(((long)barray[xx] + cache_size ) &
data/iozone3-489/src/current/iozone.c:7758:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
wqfd=fopen("wol.dat","a");
data/iozone3-489/src/current/iozone.c:7765:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rwqfd=fopen("rwol.dat","a");
data/iozone3-489/src/current/iozone.c:8378:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((stream=(FILE *)fopen(filename,how)) == 0)
data/iozone3-489/src/current/iozone.c:8596:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((stream=(FILE *)fopen(filename,"r")) == 0)
data/iozone3-489/src/current/iozone.c:8826:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rqfd=fopen("rol.dat","a");
data/iozone3-489/src/current/iozone.c:8833:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rrqfd=fopen("rrol.dat","a");
data/iozone3-489/src/current/iozone.c:12625:6: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
tfd=mkstemp(mmapFileName);
data/iozone3-489/src/current/iozone.c:12641:6: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
tfd=mkstemp(mmapFileName);
data/iozone3-489/src/current/iozone.c:12793:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/iozone3-489/src/current/iozone.c:12795:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(command,"umount ");
data/iozone3-489/src/current/iozone.c:12807:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(command,"mount ");
data/iozone3-489/src/current/iozone.c:12855:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dummyfile [MAXSTREAMS]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:12859:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char now_string[30];
data/iozone3-489/src/current/iozone.c:12865:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[256];
data/iozone3-489/src/current/iozone.c:13117:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d_wol.dat",(int)xx);
data/iozone3-489/src/current/iozone.c:13118:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_wqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:13131:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d.log",(int)xx);
data/iozone3-489/src/current/iozone.c:13132:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_Lwqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:13569:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dummyfile [MAXSTREAMS]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:13573:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char now_string[30];
data/iozone3-489/src/current/iozone.c:13579:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[256];
data/iozone3-489/src/current/iozone.c:13812:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d_pwol.dat",(int)xx);
data/iozone3-489/src/current/iozone.c:13813:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_wqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:13826:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d.log",(int)xx);
data/iozone3-489/src/current/iozone.c:13827:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_Lwqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:14209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dummyfile [MAXSTREAMS]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:14213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char now_string[30];
data/iozone3-489/src/current/iozone.c:14216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[256];
data/iozone3-489/src/current/iozone.c:14412:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d_rwol.dat",(int)xx);
data/iozone3-489/src/current/iozone.c:14413:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_rwqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:14426:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d.log",(int)xx);
data/iozone3-489/src/current/iozone.c:14427:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_Lwqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:14809:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dummyfile[MAXSTREAMS]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:14813:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[256];
data/iozone3-489/src/current/iozone.c:14815:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char now_string[30];
data/iozone3-489/src/current/iozone.c:15001:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d_rol.dat",(int)xx);
data/iozone3-489/src/current/iozone.c:15002:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_rqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:15015:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d.log",(int)xx);
data/iozone3-489/src/current/iozone.c:15016:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_Lwqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:15397:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dummyfile[MAXSTREAMS]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:15401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[256];
data/iozone3-489/src/current/iozone.c:15402:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char now_string[30];
data/iozone3-489/src/current/iozone.c:15562:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d_prol.dat",(int)xx);
data/iozone3-489/src/current/iozone.c:15563:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_rqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:15576:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d.log",(int)xx);
data/iozone3-489/src/current/iozone.c:15577:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_Lwqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:15925:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dummyfile[MAXSTREAMS]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:15928:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char now_string[30];
data/iozone3-489/src/current/iozone.c:15932:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[256];
data/iozone3-489/src/current/iozone.c:16116:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d_rrol.dat",(int)xx);
data/iozone3-489/src/current/iozone.c:16117:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_rrqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:16130:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d.log",(int)xx);
data/iozone3-489/src/current/iozone.c:16131:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_Lwqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:16502:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dummyfile[MAXSTREAMS]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:16505:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char now_string[30];
data/iozone3-489/src/current/iozone.c:16509:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[256];
data/iozone3-489/src/current/iozone.c:16676:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d_revol.dat",(int)xx);
data/iozone3-489/src/current/iozone.c:16677:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_revqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:16690:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d.log",(int)xx);
data/iozone3-489/src/current/iozone.c:16691:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_Lwqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:17038:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dummyfile[MAXSTREAMS]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:17044:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[256];
data/iozone3-489/src/current/iozone.c:17045:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char now_string[30];
data/iozone3-489/src/current/iozone.c:17212:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d_strol.dat",(int)xx);
data/iozone3-489/src/current/iozone.c:17213:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_strqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:17226:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d.log",(int)xx);
data/iozone3-489/src/current/iozone.c:17227:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_Lwqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:17650:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dummyfile[MAXSTREAMS]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:17658:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[256];
data/iozone3-489/src/current/iozone.c:17659:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char now_string[30];
data/iozone3-489/src/current/iozone.c:17894:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d_randrol.dat",(int)xx);
data/iozone3-489/src/current/iozone.c:17895:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_randrfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:17908:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d.log",(int)xx);
data/iozone3-489/src/current/iozone.c:17909:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_Lwqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:18277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dummyfile [MAXSTREAMS]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:18285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[256];
data/iozone3-489/src/current/iozone.c:18286:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char now_string[30];
data/iozone3-489/src/current/iozone.c:18556:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d_randwol.dat",(int)xx);
data/iozone3-489/src/current/iozone.c:18557:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_randwqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:18570:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d.log",(int)xx);
data/iozone3-489/src/current/iozone.c:18571:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_Lwqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:18958:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dummyfile[MAXSTREAMS]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:19055:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foo[10];
data/iozone3-489/src/current/iozone.c:19061:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(foo,"%x",x);
data/iozone3-489/src/current/iozone.c:19075:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&ts,&p_childids[meme],sizeof(pthread_t));
data/iozone3-489/src/current/iozone.c:19184:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&p_childids[tid],&eek,sizeof(pthread_t));
data/iozone3-489/src/current/iozone.c:19221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char print_str[300];
data/iozone3-489/src/current/iozone.c:19243:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(print_str, "Record size = %ld kBytes", (long)(reclen/1024));
data/iozone3-489/src/current/iozone.c:19245:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(print_str, "Record size = %lld kBytes", (long long)(reclen/1024));
data/iozone3-489/src/current/iozone.c:19248:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(print_str, "Output is in CPU%%");
data/iozone3-489/src/current/iozone.c:19290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char print_str[300];
data/iozone3-489/src/current/iozone.c:19322:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(print_str,"Record size = %ld kBytes",(long)(reclen/1024));
data/iozone3-489/src/current/iozone.c:19324:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(print_str,"Record size = %lld kBytes",(long long)(reclen/1024));
data/iozone3-489/src/current/iozone.c:19611:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((void *)src_buffer,(void *)dest_buffer,(size_t)length);
data/iozone3-489/src/current/iozone.c:20201:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/iozone3-489/src/current/iozone.c:20202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[200];
data/iozone3-489/src/current/iozone.c:20287:5: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=fopen(read_traj_filename,"r");
data/iozone3-489/src/current/iozone.c:20309:5: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=fopen(write_traj_filename,"r");
data/iozone3-489/src/current/iozone.c:20341:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/iozone3-489/src/current/iozone.c:20342:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[200];
data/iozone3-489/src/current/iozone.c:20346:5: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=fopen(read_traj_filename,"r");
data/iozone3-489/src/current/iozone.c:20440:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/iozone3-489/src/current/iozone.c:20441:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[200];
data/iozone3-489/src/current/iozone.c:20446:5: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=fopen(write_traj_filename,"r");
data/iozone3-489/src/current/iozone.c:20529:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/iozone3-489/src/current/iozone.c:20536:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=fopen(read_traj_filename,"r");
data/iozone3-489/src/current/iozone.c:20566:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=fopen(write_traj_filename,"r");
data/iozone3-489/src/current/iozone.c:21130:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_client_number,"%d",send_buffer->m_client_number);
data/iozone3-489/src/current/iozone.c:21131:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_client_error,"%d",send_buffer->m_client_error);
data/iozone3-489/src/current/iozone.c:21132:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_child_port,"%d",send_buffer->m_child_port);
data/iozone3-489/src/current/iozone.c:21133:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_child_async_port,"%d",send_buffer->m_child_async_port);
data/iozone3-489/src/current/iozone.c:21134:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_command,"%d",send_buffer->m_command);
data/iozone3-489/src/current/iozone.c:21135:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_testnum,"%d",send_buffer->m_testnum);
data/iozone3-489/src/current/iozone.c:21136:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_version,"%d",send_buffer->m_version);
data/iozone3-489/src/current/iozone.c:21137:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_mygen,"%d",send_buffer->m_mygen);
data/iozone3-489/src/current/iozone.c:21138:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_throughput,"%f",send_buffer->m_throughput);
data/iozone3-489/src/current/iozone.c:21139:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_cputime,"%f", send_buffer->m_cputime);
data/iozone3-489/src/current/iozone.c:21140:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_walltime,"%f",send_buffer->m_walltime);
data/iozone3-489/src/current/iozone.c:21141:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_stop_flag,"%d",send_buffer->m_stop_flag);
data/iozone3-489/src/current/iozone.c:21142:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_actual,"%f",send_buffer->m_actual);
data/iozone3-489/src/current/iozone.c:21144:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_child_flag,"%ld",(long)(send_buffer->m_child_flag));
data/iozone3-489/src/current/iozone.c:21146:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.m_child_flag,"%lld",(long long)(send_buffer->m_child_flag));
data/iozone3-489/src/current/iozone.c:21196:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_oflag,"%d",send_buffer->c_oflag);
data/iozone3-489/src/current/iozone.c:21197:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_mfflag,"%d",send_buffer->c_mfflag);
data/iozone3-489/src/current/iozone.c:21198:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_unbuffered,"%d",send_buffer->c_unbuffered);
data/iozone3-489/src/current/iozone.c:21199:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_noretest,"%d",send_buffer->c_noretest);
data/iozone3-489/src/current/iozone.c:21200:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_notruncate,"%d",send_buffer->c_notruncate);
data/iozone3-489/src/current/iozone.c:21201:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_read_sync,"%d",send_buffer->c_read_sync);
data/iozone3-489/src/current/iozone.c:21202:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_jflag,"%d",send_buffer->c_jflag);
data/iozone3-489/src/current/iozone.c:21203:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_async_flag,"%d",send_buffer->c_async_flag);
data/iozone3-489/src/current/iozone.c:21204:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_mmapflag,"%d",send_buffer->c_mmapflag);
data/iozone3-489/src/current/iozone.c:21205:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_k_flag,"%d",send_buffer->c_k_flag);
data/iozone3-489/src/current/iozone.c:21206:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_h_flag,"%d",send_buffer->c_h_flag);
data/iozone3-489/src/current/iozone.c:21207:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_mflag,"%d",send_buffer->c_mflag);
data/iozone3-489/src/current/iozone.c:21208:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_pflag,"%d",send_buffer->c_pflag);
data/iozone3-489/src/current/iozone.c:21209:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_stride_flag,"%d",send_buffer->c_stride_flag);
data/iozone3-489/src/current/iozone.c:21210:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_verify,"%d",send_buffer->c_verify);
data/iozone3-489/src/current/iozone.c:21211:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_sverify,"%d",send_buffer->c_sverify);
data/iozone3-489/src/current/iozone.c:21212:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_odsync,"%d",send_buffer->c_odsync);
data/iozone3-489/src/current/iozone.c:21213:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_diag_v,"%d",send_buffer->c_diag_v);
data/iozone3-489/src/current/iozone.c:21214:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_zero_pct,"%d",send_buffer->c_zero_pct);
data/iozone3-489/src/current/iozone.c:21215:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_N_special,"%d",send_buffer->c_N_special);
data/iozone3-489/src/current/iozone.c:21216:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_dedup_granule_size,"%d",send_buffer->c_dedup_granule_size);
data/iozone3-489/src/current/iozone.c:21217:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_dedup,"%d",send_buffer->c_dedup);
data/iozone3-489/src/current/iozone.c:21218:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_dedup_flag,"%d",send_buffer->c_dedup_flag);
data/iozone3-489/src/current/iozone.c:21219:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_dedup_iflag,"%d",send_buffer->c_dedup_iflag);
data/iozone3-489/src/current/iozone.c:21220:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_dedup_bflag,"%d",send_buffer->c_dedup_bflag);
data/iozone3-489/src/current/iozone.c:21221:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_dedup_interior,"%d",send_buffer->c_dedup_interior);
data/iozone3-489/src/current/iozone.c:21222:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_dedup_compress,"%d",send_buffer->c_dedup_compress);
data/iozone3-489/src/current/iozone.c:21223:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_dedup_mseed,"%d",send_buffer->c_dedup_mseed);
data/iozone3-489/src/current/iozone.c:21224:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_chid_skew,"%d",send_buffer->c_chid_skew);
data/iozone3-489/src/current/iozone.c:21225:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_hist_summary,"%d",send_buffer->c_hist_summary);
data/iozone3-489/src/current/iozone.c:21226:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_op_rate,"%d",send_buffer->c_op_rate);
data/iozone3-489/src/current/iozone.c:21227:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_op_rate_flag,"%d",send_buffer->c_op_rate_flag);
data/iozone3-489/src/current/iozone.c:21228:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_Q_flag,"%d",send_buffer->c_Q_flag);
data/iozone3-489/src/current/iozone.c:21229:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_inc_think,"%d",send_buffer->c_inc_think);
data/iozone3-489/src/current/iozone.c:21230:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_L_flag,"%d",send_buffer->c_L_flag);
data/iozone3-489/src/current/iozone.c:21231:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_include_flush,"%d",send_buffer->c_include_flush);
data/iozone3-489/src/current/iozone.c:21232:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_OPS_flag,"%d",send_buffer->c_OPS_flag);
data/iozone3-489/src/current/iozone.c:21233:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_mmapnsflag,"%d",send_buffer->c_mmapnsflag);
data/iozone3-489/src/current/iozone.c:21234:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_mmapssflag,"%d",send_buffer->c_mmapssflag);
data/iozone3-489/src/current/iozone.c:21235:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_mmapasflag,"%d",send_buffer->c_mmapasflag);
data/iozone3-489/src/current/iozone.c:21236:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_no_copy_flag,"%d",send_buffer->c_no_copy_flag);
data/iozone3-489/src/current/iozone.c:21237:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_include_close,"%d",send_buffer->c_include_close);
data/iozone3-489/src/current/iozone.c:21238:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_disrupt_flag,"%d",send_buffer->c_disrupt_flag);
data/iozone3-489/src/current/iozone.c:21239:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_compute_flag,"%d",send_buffer->c_compute_flag);
data/iozone3-489/src/current/iozone.c:21240:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_xflag,"%d",send_buffer->c_xflag);
data/iozone3-489/src/current/iozone.c:21241:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_MS_flag,"%d",send_buffer->c_MS_flag);
data/iozone3-489/src/current/iozone.c:21242:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_mmap_mix,"%d",send_buffer->c_mmap_mix);
data/iozone3-489/src/current/iozone.c:21243:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_Kplus_flag,"%d",send_buffer->c_Kplus_flag);
data/iozone3-489/src/current/iozone.c:21244:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_w_traj_flag,"%d",send_buffer->c_w_traj_flag);
data/iozone3-489/src/current/iozone.c:21245:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_r_traj_flag,"%d",send_buffer->c_r_traj_flag);
data/iozone3-489/src/current/iozone.c:21246:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_direct_flag,"%d",send_buffer->c_direct_flag);
data/iozone3-489/src/current/iozone.c:21247:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_cpuutilflag,"%d",send_buffer->c_cpuutilflag);
data/iozone3-489/src/current/iozone.c:21248:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_seq_mix,"%d",send_buffer->c_seq_mix);
data/iozone3-489/src/current/iozone.c:21249:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_del_flag,"%d",send_buffer->c_del_flag);
data/iozone3-489/src/current/iozone.c:21250:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_client_number,"%d",send_buffer->c_client_number);
data/iozone3-489/src/current/iozone.c:21251:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_command,"%d",send_buffer->c_command);
data/iozone3-489/src/current/iozone.c:21252:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_testnum,"%d",send_buffer->c_testnum);
data/iozone3-489/src/current/iozone.c:21253:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_no_unlink,"%d",send_buffer->c_no_unlink);
data/iozone3-489/src/current/iozone.c:21254:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_no_write,"%d",send_buffer->c_no_write);
data/iozone3-489/src/current/iozone.c:21255:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_file_lock,"%d",send_buffer->c_file_lock);
data/iozone3-489/src/current/iozone.c:21256:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_rec_lock,"%d",send_buffer->c_rec_lock);
data/iozone3-489/src/current/iozone.c:21257:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_Kplus_readers,"%d",send_buffer->c_Kplus_readers);
data/iozone3-489/src/current/iozone.c:21258:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_multiplier,"%d",send_buffer->c_multiplier);
data/iozone3-489/src/current/iozone.c:21259:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_share_file,"%d",send_buffer->c_share_file);
data/iozone3-489/src/current/iozone.c:21260:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_pattern,"%d",send_buffer->c_pattern);
data/iozone3-489/src/current/iozone.c:21261:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_version,"%d",send_buffer->c_version);
data/iozone3-489/src/current/iozone.c:21262:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_base_time,"%d",send_buffer->c_base_time);
data/iozone3-489/src/current/iozone.c:21263:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_num_child,"%d",send_buffer->c_num_child);
data/iozone3-489/src/current/iozone.c:21264:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_pct_read,"%d",send_buffer->c_pct_read);
data/iozone3-489/src/current/iozone.c:21265:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_advise_op,"%d",send_buffer->c_advise_op);
data/iozone3-489/src/current/iozone.c:21266:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_advise_flag,"%d",send_buffer->c_advise_flag);
data/iozone3-489/src/current/iozone.c:21267:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_restf,"%d",send_buffer->c_restf);
data/iozone3-489/src/current/iozone.c:21268:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_mygen,"%d",send_buffer->c_mygen);
data/iozone3-489/src/current/iozone.c:21271:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_rest_val,"%ld",(long)(send_buffer->c_rest_val));
data/iozone3-489/src/current/iozone.c:21272:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_delay,"%ld",(long)(send_buffer->c_delay));
data/iozone3-489/src/current/iozone.c:21273:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_purge,"%ld",(long)(send_buffer->c_purge));
data/iozone3-489/src/current/iozone.c:21274:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_fetchon,"%ld",(long)(send_buffer->c_fetchon));
data/iozone3-489/src/current/iozone.c:21275:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_numrecs64,"%ld",(long)(send_buffer->c_numrecs64));
data/iozone3-489/src/current/iozone.c:21276:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_reclen,"%ld",(long)(send_buffer->c_reclen));
data/iozone3-489/src/current/iozone.c:21277:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_child_flag,"%ld",(long)(send_buffer->c_child_flag));
data/iozone3-489/src/current/iozone.c:21278:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_delay_start,"%ld",(long)(send_buffer->c_delay_start));
data/iozone3-489/src/current/iozone.c:21279:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_depth,"%ld",(long)(send_buffer->c_depth));
data/iozone3-489/src/current/iozone.c:21281:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_delay,"%lld",(long long)(send_buffer->c_delay));
data/iozone3-489/src/current/iozone.c:21282:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_stride,"%lld",(long long)(send_buffer->c_stride));
data/iozone3-489/src/current/iozone.c:21283:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_rest_val,"%lld",(long long)(send_buffer->c_rest_val));
data/iozone3-489/src/current/iozone.c:21284:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_purge,"%lld",(long long)(send_buffer->c_purge));
data/iozone3-489/src/current/iozone.c:21285:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_fetchon,"%lld",(long long)(send_buffer->c_fetchon));
data/iozone3-489/src/current/iozone.c:21286:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_numrecs64,"%lld",(long long)(send_buffer->c_numrecs64));
data/iozone3-489/src/current/iozone.c:21287:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_reclen,"%lld",(long long)(send_buffer->c_reclen));
data/iozone3-489/src/current/iozone.c:21288:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_child_flag,"%lld",(long long)(send_buffer->c_child_flag));
data/iozone3-489/src/current/iozone.c:21289:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_delay_start,"%lld",(long long)(send_buffer->c_delay_start));
data/iozone3-489/src/current/iozone.c:21290:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_depth,"%lld",(long long)(send_buffer->c_depth));
data/iozone3-489/src/current/iozone.c:21292:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_stop_flag,"%d",send_buffer->c_stop_flag);
data/iozone3-489/src/current/iozone.c:21293:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf.c_compute_time,"%f",send_buffer->c_compute_time);
data/iozone3-489/src/current/iozone.c:21954:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[512];
data/iozone3-489/src/current/iozone.c:21956:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char my_port_num[12];
data/iozone3-489/src/current/iozone.c:21972:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command," -n '");
data/iozone3-489/src/current/iozone.c:21974:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command," -+s -t 1 -r 4 -s 4 -+c ");
data/iozone3-489/src/current/iozone.c:21978:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(my_port_num," -+i %d",master_listen_port);
data/iozone3-489/src/current/iozone.c:21981:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(command," '");
data/iozone3-489/src/current/iozone.c:22197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_name[100];
data/iozone3-489/src/current/iozone.c:23069:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[800];
data/iozone3-489/src/current/iozone.c:23071:5: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=fopen(client_filename,"r");
data/iozone3-489/src/current/iozone.c:23155:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dummyfile[MAXSTREAMS]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:23370:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(shell,"remsh");
data/iozone3-489/src/current/iozone.c:23372:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(shell,"rsh");
data/iozone3-489/src/current/iozone.c:23448:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sp_command[1024];
data/iozone3-489/src/current/iozone.c:23449:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sp_remote_shell[100];
data/iozone3-489/src/current/iozone.c:23460:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sp_remote_host[256];
data/iozone3-489/src/current/iozone.c:23461:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sp_master_host[256];
data/iozone3-489/src/current/iozone.c:23462:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sp_location[256];
data/iozone3-489/src/current/iozone.c:23564:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mybuf[1024];
data/iozone3-489/src/current/iozone.c:23598:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mybuf[1024];
data/iozone3-489/src/current/iozone.c:23599:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mybuf,"%d %f",count, throughput);
data/iozone3-489/src/current/iozone.c:24248:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cp[100],*ptr;
data/iozone3-489/src/current/iozone.c:24342:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command_line[256];
data/iozone3-489/src/current/iozone.c:24360:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command_line[256];
data/iozone3-489/src/current/iozone.c:24946:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bfr[ MAXBFRSIZE+1 ];
data/iozone3-489/src/current/iozone.c:25052:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/iozone3-489/src/current/iozone.c:25056:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(name,"a");
data/iozone3-489/src/current/iozone.c:25206:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dummyfile [MAXSTREAMS]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:25210:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char now_string[30];
data/iozone3-489/src/current/iozone.c:25216:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[256];
data/iozone3-489/src/current/iozone.c:25340:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((stream=(FILE *)fopen(filename,how)) == 0)
data/iozone3-489/src/current/iozone.c:25415:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d_fwol.dat",(int)xx);
data/iozone3-489/src/current/iozone.c:25416:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_wqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:25429:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d.log",(int)xx);
data/iozone3-489/src/current/iozone.c:25430:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_Lwqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:25678:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dummyfile [MAXSTREAMS]; /* name of dummy file */
data/iozone3-489/src/current/iozone.c:25682:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char now_string[30];
data/iozone3-489/src/current/iozone.c:25688:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[256];
data/iozone3-489/src/current/iozone.c:25792:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((stream=(FILE *)fopen(filename,"r")) == 0)
data/iozone3-489/src/current/iozone.c:25861:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d_frol.dat",(int)xx);
data/iozone3-489/src/current/iozone.c:25862:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_wqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/iozone.c:25875:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpname,"Child_%d.log",(int)xx);
data/iozone3-489/src/current/iozone.c:25876:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
thread_Lwqfd=fopen(tmpname,"a");
data/iozone3-489/src/current/libbif.c:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_array[256];
data/iozone3-489/src/current/libbif.c:212:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=open(name,O_BINARY|O_CREAT|O_RDWR,0666);
data/iozone3-489/src/current/libbif.c:214:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=open(name,O_CREAT|O_RDWR,0666);
data/iozone3-489/src/current/pit_server.c:69:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int openSckt( const char *service,
data/iozone3-489/src/current/pit_server.c:70:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *protocol,
data/iozone3-489/src/current/pit_server.c:80:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hostBfr[ NI_MAXHOST ]; /* For use w/getnameinfo(3). */
data/iozone3-489/src/current/pit_server.c:82:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char servBfr[ NI_MAXSERV ]; /* For use w/getnameinfo(3). */
data/iozone3-489/src/current/pit_server.c:85:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeStr[40]; /* String for time in microseconds */
data/iozone3-489/src/current/pit_server.c:86:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char service_name[20];
data/iozone3-489/src/current/pit_server.c:130:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[ ] )
data/iozone3-489/src/current/pit_server.c:231:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int openSckt( const char *service,
data/iozone3-489/src/current/pit_server.c:232:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *protocol,
data/iozone3-489/src/current/pit_server.c:494:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bfr[ 256 ];
data/iozone3-489/src/current/pit_server.c:574:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
ret = sprintf(timeStr,"%llu",secs);
data/iozone3-489/src/current/fileop.c:189:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen=strlen(optarg);
data/iozone3-489/src/current/fileop.c:192:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(thedir, optarg, dirlen);
data/iozone3-489/src/current/fileop.c:210:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='k' ||
data/iozone3-489/src/current/fileop.c:211:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='K'){
data/iozone3-489/src/current/fileop.c:214:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='m' ||
data/iozone3-489/src/current/fileop.c:215:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='M'){
data/iozone3-489/src/current/fileop.c:1243:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
y=read(fd,mbuffer,sz);
data/iozone3-489/src/current/iozone.c:1486:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
write rewrite read reread read write read rewrite read fwrite frewrite fread freread pwv prwv prv prrv
data/iozone3-489/src/current/iozone.c:1486:52: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
write rewrite read reread read write read rewrite read fwrite frewrite fread freread pwv prwv prv prrv
data/iozone3-489/src/current/iozone.c:1486:71: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
write rewrite read reread read write read rewrite read fwrite frewrite fread freread pwv prwv prv prrv
data/iozone3-489/src/current/iozone.c:1486:91: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
write rewrite read reread read write read rewrite read fwrite frewrite fread freread pwv prwv prv prrv
data/iozone3-489/src/current/iozone.c:2127:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='k' ||
data/iozone3-489/src/current/iozone.c:2128:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='K'){
data/iozone3-489/src/current/iozone.c:2131:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='m' ||
data/iozone3-489/src/current/iozone.c:2132:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='M'){
data/iozone3-489/src/current/iozone.c:2135:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='g' ||
data/iozone3-489/src/current/iozone.c:2136:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='G'){
data/iozone3-489/src/current/iozone.c:2341:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='k' ||
data/iozone3-489/src/current/iozone.c:2342:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='K'){
data/iozone3-489/src/current/iozone.c:2345:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='m' ||
data/iozone3-489/src/current/iozone.c:2346:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='M'){
data/iozone3-489/src/current/iozone.c:2349:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='g' ||
data/iozone3-489/src/current/iozone.c:2350:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='G'){
data/iozone3-489/src/current/iozone.c:2447:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(ind=0; strlen(head1[ind]); ind++)
data/iozone3-489/src/current/iozone.c:2507:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='k' ||
data/iozone3-489/src/current/iozone.c:2508:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='K'){
data/iozone3-489/src/current/iozone.c:2511:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='m' ||
data/iozone3-489/src/current/iozone.c:2512:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='M'){
data/iozone3-489/src/current/iozone.c:2515:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='g' ||
data/iozone3-489/src/current/iozone.c:2516:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='G'){
data/iozone3-489/src/current/iozone.c:2532:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='k' ||
data/iozone3-489/src/current/iozone.c:2533:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='K'){
data/iozone3-489/src/current/iozone.c:2536:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='m' ||
data/iozone3-489/src/current/iozone.c:2537:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='M'){
data/iozone3-489/src/current/iozone.c:2540:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='g' ||
data/iozone3-489/src/current/iozone.c:2541:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='G'){
data/iozone3-489/src/current/iozone.c:2559:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='k' ||
data/iozone3-489/src/current/iozone.c:2560:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='K'){
data/iozone3-489/src/current/iozone.c:2563:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='m' ||
data/iozone3-489/src/current/iozone.c:2564:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='M'){
data/iozone3-489/src/current/iozone.c:2567:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='g' ||
data/iozone3-489/src/current/iozone.c:2568:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='G'){
data/iozone3-489/src/current/iozone.c:2582:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='k' ||
data/iozone3-489/src/current/iozone.c:2583:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='K'){
data/iozone3-489/src/current/iozone.c:2586:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='m' ||
data/iozone3-489/src/current/iozone.c:2587:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='M'){
data/iozone3-489/src/current/iozone.c:2590:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(optarg[strlen(optarg)-1]=='g' ||
data/iozone3-489/src/current/iozone.c:2591:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
optarg[strlen(optarg)-1]=='G'){
data/iozone3-489/src/current/iozone.c:2680:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(subarg[strlen(subarg)-1]=='k' ||
data/iozone3-489/src/current/iozone.c:2681:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subarg[strlen(subarg)-1]=='K'){
data/iozone3-489/src/current/iozone.c:2684:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(subarg[strlen(subarg)-1]=='m' ||
data/iozone3-489/src/current/iozone.c:2685:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subarg[strlen(subarg)-1]=='M'){
data/iozone3-489/src/current/iozone.c:2688:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(subarg[strlen(optarg)-1]=='g' ||
data/iozone3-489/src/current/iozone.c:2689:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subarg[strlen(optarg)-1]=='G'){
data/iozone3-489/src/current/iozone.c:2696:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(subarg + strlen(subarg)) = ','; /* so it will be printed when dumping the argsuments */
data/iozone3-489/src/current/iozone.c:2735:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(lbuffer) > 0)
data/iozone3-489/src/current/iozone.c:2738:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(lbuffer[strlen(lbuffer)-1] == '\n')
data/iozone3-489/src/current/iozone.c:2739:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuffer[strlen(lbuffer)-1] = 0;
data/iozone3-489/src/current/iozone.c:3554:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len + strlen(argv[ix])) < sizeof(command_line)) {
data/iozone3-489/src/current/iozone.c:3556:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (command_line, " ");
data/iozone3-489/src/current/iozone.c:3557:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(argv[ix]) + 1;
data/iozone3-489/src/current/iozone.c:3721:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; strlen(help[i]); i++)
data/iozone3-489/src/current/iozone.c:8935:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read(fd, (void *)nbuff, (size_t) reclen) != reclen)
data/iozone3-489/src/current/iozone.c:9051:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
wval=read((int)fd, (void*)nbuff, (size_t) reclen);
data/iozone3-489/src/current/iozone.c:9530:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read(fd, (void *)nbuff, (size_t)reclen) != reclen)
data/iozone3-489/src/current/iozone.c:9972:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read((int)fd, (void*)nbuff, (size_t) reclen) != reclen)
data/iozone3-489/src/current/iozone.c:10576:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if((uu=read((int)fd, (void*)nbuff, (size_t) reclen)) != reclen)
data/iozone3-489/src/current/iozone.c:15137:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
wval=read((int)fd, (void*)nbuff, (size_t) reclen);
data/iozone3-489/src/current/iozone.c:16250:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
wval=read((int)fd, (void*)nbuff, (size_t) reclen);
data/iozone3-489/src/current/iozone.c:16802:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read((int)fd, (void*)nbuff, (size_t) reclen) != reclen)
data/iozone3-489/src/current/iozone.c:17312:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read((int)fd, (void*)nbuff, (size_t) reclen) != reclen)
data/iozone3-489/src/current/iozone.c:18035:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read((int)fd, (void*)nbuff, (size_t)reclen) != reclen)
data/iozone3-489/src/current/iozone.c:19694:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(usecs); /* sleep for big chunk of time */
data/iozone3-489/src/current/iozone.c:20102:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
junk=read(fd,nbuff,page_size);
data/iozone3-489/src/current/iozone.c:20104:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
junk=read(fd,nbuff,1);
data/iozone3-489/src/current/iozone.c:20111:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
junk=read(fd,nbuff,page_size);
data/iozone3-489/src/current/iozone.c:20113:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
junk=read(fd,nbuff,1);
data/iozone3-489/src/current/iozone.c:21000:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret=read(ns,mnc,tsize);
data/iozone3-489/src/current/iozone.c:21535:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc=read(s,cnc,size_of_message);
data/iozone3-489/src/current/iozone.c:21656:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc=read(s,cnc,size_of_message);
data/iozone3-489/src/current/iozone.c:21982:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000); /* Don't spawn rsh too fast... */
data/iozone3-489/src/current/iozone.c:23571:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
xx=read(tcfd,&mybuf[sp_offset],1024);
data/iozone3-489/src/current/iozone.c:23856:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
y=read(sp_crfd,&sp_buf[offset],sp_msize-offset);
data/iozone3-489/src/current/iozone.c:23956:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
y=read(sp_mrfd,&sp_buf[sp_offset],sp_msize-sp_offset);
data/iozone3-489/src/current/iozone.c:24256:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x=strlen(THISVERSION);
data/iozone3-489/src/current/iozone.c:24317:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name)==0)
data/iozone3-489/src/current/iozone.c:24343:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(imon_start)!=0)
data/iozone3-489/src/current/iozone.c:24361:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(imon_stop)!=0)
data/iozone3-489/src/current/iozone.c:24957:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inBytes = read( sckt, bfr, MAXBFRSIZE );
data/iozone3-489/src/current/libbif.c:386:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i=strlen(string);
data/iozone3-489/src/current/libbif.c:401:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i=strlen(string);
data/iozone3-489/src/current/pit_server.c:575:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
timeLen = strlen( timeStr );
ANALYSIS SUMMARY:
Hits = 967
Lines analyzed = 30236 in approximately 0.88 seconds (34394 lines/second)
Physical Source Lines of Code (SLOC) = 26548
Hits@level = [0] 1615 [1] 92 [2] 633 [3] 51 [4] 190 [5] 1
Hits@level+ = [0+] 2582 [1+] 967 [2+] 875 [3+] 242 [4+] 191 [5+] 1
Hits/KSLOC@level+ = [0+] 97.2578 [1+] 36.4246 [2+] 32.9592 [3+] 9.11556 [4+] 7.19452 [5+] 0.0376676
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.