Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/jfsutils-1.1.15/fsck/dirindex.c
Examining data/jfsutils-1.1.15/fsck/fsck_message.c
Examining data/jfsutils-1.1.15/fsck/fsckbmap.c
Examining data/jfsutils-1.1.15/fsck/fsckconn.c
Examining data/jfsutils-1.1.15/fsck/fsckdire.c
Examining data/jfsutils-1.1.15/fsck/fsckdtre.c
Examining data/jfsutils-1.1.15/fsck/fsckea.c
Examining data/jfsutils-1.1.15/fsck/fsckimap.c
Examining data/jfsutils-1.1.15/fsck/fsckino.c
Examining data/jfsutils-1.1.15/fsck/fsckmeta.c
Examining data/jfsutils-1.1.15/fsck/fsckpfs.c
Examining data/jfsutils-1.1.15/fsck/fsckpfs.h
Examining data/jfsutils-1.1.15/fsck/fsckruns.c
Examining data/jfsutils-1.1.15/fsck/fsckwsp.c
Examining data/jfsutils-1.1.15/fsck/fsckxtre.c
Examining data/jfsutils-1.1.15/fsck/xchkdsk.c
Examining data/jfsutils-1.1.15/fsck/xchkdsk.h
Examining data/jfsutils-1.1.15/fsck/xfsck.h
Examining data/jfsutils-1.1.15/fsck/xfsckint.h
Examining data/jfsutils-1.1.15/fscklog/jfs_fscklog.h
Examining data/jfsutils-1.1.15/fscklog/extract.c
Examining data/jfsutils-1.1.15/fscklog/fscklog.c
Examining data/jfsutils-1.1.15/fscklog/display.c
Examining data/jfsutils-1.1.15/include/jfs_btree.h
Examining data/jfsutils-1.1.15/include/jfs_byteorder.h
Examining data/jfsutils-1.1.15/include/jfs_dinode.h
Examining data/jfsutils-1.1.15/include/jfs_dmap.h
Examining data/jfsutils-1.1.15/include/jfs_dtree.h
Examining data/jfsutils-1.1.15/include/jfs_filsys.h
Examining data/jfsutils-1.1.15/include/jfs_imap.h
Examining data/jfsutils-1.1.15/include/jfs_logmgr.h
Examining data/jfsutils-1.1.15/include/jfs_superblock.h
Examining data/jfsutils-1.1.15/include/jfs_types.h
Examining data/jfsutils-1.1.15/include/jfs_unicode.h
Examining data/jfsutils-1.1.15/include/jfs_version.h
Examining data/jfsutils-1.1.15/include/jfs_xtree.h
Examining data/jfsutils-1.1.15/libfs/debug.h
Examining data/jfsutils-1.1.15/libfs/devices.h
Examining data/jfsutils-1.1.15/libfs/diskmap.c
Examining data/jfsutils-1.1.15/libfs/diskmap.h
Examining data/jfsutils-1.1.15/libfs/fsck_base.h
Examining data/jfsutils-1.1.15/libfs/fsck_message.h
Examining data/jfsutils-1.1.15/libfs/fsckcbbl.h
Examining data/jfsutils-1.1.15/libfs/fscklog.h
Examining data/jfsutils-1.1.15/libfs/fsckmsgdef.c
Examining data/jfsutils-1.1.15/libfs/fsckwsp.h
Examining data/jfsutils-1.1.15/libfs/fssubs.c
Examining data/jfsutils-1.1.15/libfs/inode.c
Examining data/jfsutils-1.1.15/libfs/inode.h
Examining data/jfsutils-1.1.15/libfs/jfs_endian.c
Examining data/jfsutils-1.1.15/libfs/jfs_endian.h
Examining data/jfsutils-1.1.15/libfs/libjufs.h
Examining data/jfsutils-1.1.15/libfs/log_dump.c
Examining data/jfsutils-1.1.15/libfs/log_map.c
Examining data/jfsutils-1.1.15/libfs/log_read.c
Examining data/jfsutils-1.1.15/libfs/logform.c
Examining data/jfsutils-1.1.15/libfs/logform.h
Examining data/jfsutils-1.1.15/libfs/logredo.h
Examining data/jfsutils-1.1.15/libfs/message.c
Examining data/jfsutils-1.1.15/libfs/message.h
Examining data/jfsutils-1.1.15/libfs/open_by_label.c
Examining data/jfsutils-1.1.15/libfs/super.c
Examining data/jfsutils-1.1.15/libfs/super.h
Examining data/jfsutils-1.1.15/libfs/unicode_to_utf8.c
Examining data/jfsutils-1.1.15/libfs/unicode_to_utf8.h
Examining data/jfsutils-1.1.15/libfs/uniupr.c
Examining data/jfsutils-1.1.15/libfs/utilsubs.c
Examining data/jfsutils-1.1.15/libfs/utilsubs.h
Examining data/jfsutils-1.1.15/libfs/log_work.c
Examining data/jfsutils-1.1.15/libfs/devices.c
Examining data/jfsutils-1.1.15/libfs/logredo.c
Examining data/jfsutils-1.1.15/logdump/logdump.c
Examining data/jfsutils-1.1.15/logdump/helpers.c
Examining data/jfsutils-1.1.15/mkfs/initmap.c
Examining data/jfsutils-1.1.15/mkfs/initmap.h
Examining data/jfsutils-1.1.15/mkfs/inodemap.c
Examining data/jfsutils-1.1.15/mkfs/inodemap.h
Examining data/jfsutils-1.1.15/mkfs/inodes.c
Examining data/jfsutils-1.1.15/mkfs/inodes.h
Examining data/jfsutils-1.1.15/mkfs/mkfs.c
Examining data/jfsutils-1.1.15/tune/super.c
Examining data/jfsutils-1.1.15/tune/tune.c
Examining data/jfsutils-1.1.15/xpeek/alter.c
Examining data/jfsutils-1.1.15/xpeek/directory.c
Examining data/jfsutils-1.1.15/xpeek/display.c
Examining data/jfsutils-1.1.15/xpeek/dmap.c
Examining data/jfsutils-1.1.15/xpeek/fsckcbbl.c
Examining data/jfsutils-1.1.15/xpeek/help.c
Examining data/jfsutils-1.1.15/xpeek/iag.c
Examining data/jfsutils-1.1.15/xpeek/inode.c
Examining data/jfsutils-1.1.15/xpeek/io.c
Examining data/jfsutils-1.1.15/xpeek/super.c
Examining data/jfsutils-1.1.15/xpeek/super2.c
Examining data/jfsutils-1.1.15/xpeek/ui.c
Examining data/jfsutils-1.1.15/xpeek/xpeek.c
Examining data/jfsutils-1.1.15/xpeek/xpeek.h
FINAL RESULTS:
data/jfsutils-1.1.15/fsck/fsck_message.c:99:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msg_string, sizeof(msg_string), message->msg_txt, args);
data/jfsutils-1.1.15/fsck/fsck_message.c:102:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(debug_detail, " [%s:%d]\n", basename(file_name), line_number);
data/jfsutils-1.1.15/fsck/fsckdtre.c:3906:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ino_name, "%s%06d%s",
data/jfsutils-1.1.15/fsck/fsckdtre.c:3911:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ino_name, "%s%06d%s",
data/jfsutils-1.1.15/fscklog/extract.c:659:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, msg_txt);
data/jfsutils-1.1.15/fscklog/fscklog.c:250:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msg_string, sizeof(msg_string), message->msg_txt, args);
data/jfsutils-1.1.15/fscklog/fscklog.c:253:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(debug_detail, " [%s:%d]\n", basename(file_name), line_number);
data/jfsutils-1.1.15/libfs/debug.h:25:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DBG_TRACE(a) {printf a; fflush(stdout);}
data/jfsutils-1.1.15/libfs/debug.h:31:20: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DBG_IO(a) {printf a; fflush(stderr);}
data/jfsutils-1.1.15/libfs/debug.h:37:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DBG_ERROR(a) {printf a; fflush(stdout);}
data/jfsutils-1.1.15/libfs/open_by_label.c:129:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, lv_ent->d_name);
data/jfsutils-1.1.15/libfs/open_by_label.c:191:8: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(line, " %*d %*d %*d %*s %*s %s", device)
data/jfsutils-1.1.15/libfs/open_by_label.c:198:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dev, device);
data/jfsutils-1.1.15/libfs/open_by_label.c:217:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dev, device);
data/jfsutils-1.1.15/libfs/open_by_label.c:232:8: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(line, "%s : active %1s", part_name, tmp) != 2)
data/jfsutils-1.1.15/libfs/open_by_label.c:235:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(device, "/dev/%s", part_name);
data/jfsutils-1.1.15/libfs/open_by_label.c:240:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dev, device);
data/jfsutils-1.1.15/libfs/open_by_label.c:253:8: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(line, " %*d %*d %d %s", &size, part_name) != 2)
data/jfsutils-1.1.15/libfs/open_by_label.c:257:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(device, "/dev/%s", part_name);
data/jfsutils-1.1.15/libfs/open_by_label.c:262:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dev, device);
data/jfsutils-1.1.15/libfs/open_by_label.c:276:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lv_dirname, "/proc/lvm/VGs/%s/LVs", vg_ent->d_name);
data/jfsutils-1.1.15/libfs/open_by_label.c:284:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(device, "/dev/%s/%s", vg_ent->d_name, lv_ent->d_name);
data/jfsutils-1.1.15/libfs/open_by_label.c:289:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dev, device);
data/jfsutils-1.1.15/logdump/helpers.c:93:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msg_string, sizeof(msg_string), message->msg_txt, args);
data/jfsutils-1.1.15/logdump/helpers.c:96:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(debug_detail, " [%s:%d]\n", file_name, line_number);
data/jfsutils-1.1.15/mkfs/mkfs.c:618:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(journal_device, ((char *) opts + 7));
data/jfsutils-1.1.15/mkfs/mkfs.c:713:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logdev, optarg);
data/jfsutils-1.1.15/mkfs/mkfs.c:776:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logdev, argv[optind]);
data/jfsutils-1.1.15/mkfs/mkfs.c:882:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msgstr, MINJFSTEXT);
data/jfsutils-1.1.15/mkfs/mkfs.c:903:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msgstr, MINJFSTEXT);
data/jfsutils-1.1.15/tune/tune.c:95:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logdev, ((char *) opts + 7));
data/jfsutils-1.1.15/fsck/xchkdsk.c:1683:14: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, short_opts, long_opts, NULL))
data/jfsutils-1.1.15/fscklog/fscklog.c:173:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "de:f:pV")) != EOF) {
data/jfsutils-1.1.15/mkfs/mkfs.c:695:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "cj:J:fL:Oqs:V")) != EOF) {
data/jfsutils-1.1.15/tune/tune.c:133:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "J:lL:U:V")) != EOF) {
data/jfsutils-1.1.15/fsck/fsck_message.c:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_entry[max_log_entry_length];
data/jfsutils-1.1.15/fsck/fsck_message.c:69:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) buf_entry_ptr, (void *) hdptr, entry_length);
data/jfsutils-1.1.15/fsck/fsck_message.c:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg_string[max_log_entry_length - 4];
data/jfsutils-1.1.15/fsck/fsck_message.c:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debug_detail[100];
data/jfsutils-1.1.15/fsck/fsckbmap.c:883:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(bmap_recptr->eyecatcher), (void *) "bmaprecd", 8);
data/jfsutils-1.1.15/fsck/fsckbmap.c:884:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(bmap_recptr->bmpctlinf_eyecatcher),
data/jfsutils-1.1.15/fsck/fsckbmap.c:886:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(bmap_recptr->AGinf_eyecatcher), (void *) "AG info ",
data/jfsutils-1.1.15/fsck/fsckbmap.c:888:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(bmap_recptr->dmapinf_eyecatcher), (void *) "dmapinfo",
data/jfsutils-1.1.15/fsck/fsckbmap.c:890:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(bmap_recptr->L0inf_eyecatcher), (void *) "L0 info ",
data/jfsutils-1.1.15/fsck/fsckbmap.c:892:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(bmap_recptr->L1inf_eyecatcher), (void *) "L1 info ",
data/jfsutils-1.1.15/fsck/fsckbmap.c:894:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(bmap_recptr->L2inf_eyecatcher), (void *) "L2 info ",
data/jfsutils-1.1.15/fsck/fsckdire.c:175:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(source, dest, count) memcpy(dest, source, count)
data/jfsutils-1.1.15/fsck/fsckdire.c:175:36: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(source, dest, count) memcpy(dest, source, count)
data/jfsutils-1.1.15/fsck/fsckdire.c:1051:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(sp->header.stbl, stbl, sp->header.nextindex);
data/jfsutils-1.1.15/fsck/fsckdire.c:1055:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&sp->slot[1], &rp->slot[1], IDATASIZE);
data/jfsutils-1.1.15/fsck/fsckdire.c:1942:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(slh, dlh, 6 + len * 2);
data/jfsutils-1.1.15/fsck/fsckdire.c:1958:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(sih, dih, 10 + len * 2);
data/jfsutils-1.1.15/fsck/fsckdtre.c:480:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(found_name[*found_name_length]),
data/jfsutils-1.1.15/fsck/fsckdtre.c:506:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(found_name[*found_name_length]),
data/jfsutils-1.1.15/fsck/fsckdtre.c:1490:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(key_space[*key_length]),
data/jfsutils-1.1.15/fsck/fsckdtre.c:1611:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(key_space[*key_length]),
data/jfsutils-1.1.15/fsck/fsckdtre.c:1747:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(key_space[*key_length]),
data/jfsutils-1.1.15/fsck/fsckdtre.c:2384:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)
data/jfsutils-1.1.15/fsck/fsckdtre.c:2449:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message_parm[MAXPARMLEN];
data/jfsutils-1.1.15/fsck/fsckdtre.c:3875:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inoname[16];
data/jfsutils-1.1.15/fsck/fsckimap.c:760:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) target_bufptr, (void *) source_bufptr, bytes_wanted);
data/jfsutils-1.1.15/fsck/fsckimap.c:762:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(target_iagptr->inoext[0]),
data/jfsutils-1.1.15/fsck/fsckimap.c:946:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) target_inoptr, (void *) source_inoptr,
data/jfsutils-1.1.15/fsck/fsckimap.c:950:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(target_inoptr->di_ixpxd),
data/jfsutils-1.1.15/fsck/fsckimap.c:1016:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) primary_bufptr, (void *) agg_recptr->ino_buf_ptr,
data/jfsutils-1.1.15/fsck/fsckimap.c:1235:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) source_bufptr, (void *) agg_recptr->ino_buf_ptr,
data/jfsutils-1.1.15/fsck/fsckimap.c:1379:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) source_bufptr, (void *) agg_recptr->ino_buf_ptr,
data/jfsutils-1.1.15/fsck/fsckimap.c:1799:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) primary_nodeptr,
data/jfsutils-1.1.15/fsck/fsckimap.c:1803:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) primary_nodeptr, (void *) leaf_node,
data/jfsutils-1.1.15/fsck/fsckimap.c:1820:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) secondary_nodeptr,
data/jfsutils-1.1.15/fsck/fsckimap.c:1824:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) secondary_nodeptr, (void *) leaf_node,
data/jfsutils-1.1.15/fsck/fsckimap.c:1966:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) source_nodeptr,
data/jfsutils-1.1.15/fsck/fsckimap.c:1972:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) source_nodeptr,
data/jfsutils-1.1.15/fsck/fsckimap.c:1995:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(target_inoptr->di_btroot),
data/jfsutils-1.1.15/fsck/fsckimap.c:2073:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(iagiptr->iagptr->pmap[0]),
data/jfsutils-1.1.15/fsck/fsckimap.c:2075:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(iagiptr->iagptr->wmap[0]),
data/jfsutils-1.1.15/fsck/fsckimap.c:2080:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(iagiptr->iagptr->extsmap[0]),
data/jfsutils-1.1.15/fsck/fsckimap.c:2082:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(iagiptr->iagptr->inosmap[0]),
data/jfsutils-1.1.15/fsck/fsckimap.c:4022:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&newpage->xad[XTENTRYSTART], &rootpage->xad[XTENTRYSTART],
data/jfsutils-1.1.15/fsck/fsckino.c:744:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) path_ptr, (void *) &Str_Name, Str_Name_len);
data/jfsutils-1.1.15/fsck/fsckino.c:1890:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->this_inode.eyecatcher),
data/jfsutils-1.1.15/fsck/fsckmeta.c:3505:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->this_inode.eyecatcher),
data/jfsutils-1.1.15/fsck/fsckmeta.c:3687:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(inoptr->di_ixpxd),
data/jfsutils-1.1.15/fsck/fsckmeta.c:3774:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->this_inode.eyecatcher),
data/jfsutils-1.1.15/fsck/fsckpfs.c:1770:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) (agg_recptr->mapleaf_buf_ptr),
data/jfsutils-1.1.15/fsck/fsckpfs.c:2327:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&(agg_recptr->ino_ixpxd),
data/jfsutils-1.1.15/fsck/fsckpfs.c:2423:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->ino_ixpxd),
data/jfsutils-1.1.15/fsck/fsckpfs.c:2549:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&(agg_recptr->ino_ixpxd),
data/jfsutils-1.1.15/fsck/fsckpfs.c:3196:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Dev_IOPort = fopen(Device, "r");
data/jfsutils-1.1.15/fsck/fsckpfs.c:3230:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Dev_IOPort = fopen(Device, "r+");
data/jfsutils-1.1.15/fsck/fsckwsp.c:1044:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->AIT_ext0_tbl->eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:1202:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&(IAGtbl->eyecatcher), (void *) "FSAITIAG", 8);
data/jfsutils-1.1.15/fsck/fsckwsp.c:1210:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&(inoexttbl->eyecatcher), (void *)"FSAITEXT", 8);
data/jfsutils-1.1.15/fsck/fsckwsp.c:1216:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&(inotbl->eyecatcher), (void *)"FSAITINO", 8);
data/jfsutils-1.1.15/fsck/fsckwsp.c:1502:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&(agg_recptr->blkmp_ctlptr->hdr.start_time[0]),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2753:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->eyecatcher), (void *) "fsckagrc", 8);
data/jfsutils-1.1.15/fsck/fsckwsp.c:2754:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->this_inode.eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2756:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->agg_imap_eyecatcher), (void *) "agg imap",
data/jfsutils-1.1.15/fsck/fsckwsp.c:2758:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->fset_imap_eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2760:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->AIT_eyecatcher), (void *) "agg ITbl", 8);
data/jfsutils-1.1.15/fsck/fsckwsp.c:2761:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->FSIT_eyecatcher), (void *) "fsetITbl", 8);
data/jfsutils-1.1.15/fsck/fsckwsp.c:2762:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->flags_eyecatcher), (void *) "aggflags",
data/jfsutils-1.1.15/fsck/fsckwsp.c:2764:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->fais.eyecatcher), (void *) "faisinfo", 8);
data/jfsutils-1.1.15/fsck/fsckwsp.c:2765:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->vlarge_info_eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2767:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->fscklog_info_eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2769:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->blkmp_info_eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2771:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->ea_info_eyecatcher), (void *) "eabuffer",
data/jfsutils-1.1.15/fsck/fsckwsp.c:2773:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->iag_info_eyecatcher), (void *) "iag buf ",
data/jfsutils-1.1.15/fsck/fsckwsp.c:2775:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->mapctl_info_eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2777:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->maplf_info_eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2779:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->bmplv_info_eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2781:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->bmpdm_info_eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2783:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->inobuf_info_eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2785:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->nodbuf_info_eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2787:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->dnodbuf_info_eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2789:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->agg_AGTbl_eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2791:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->fset_AGTbl_eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:2793:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->amap_eyecatcher), (void *) "iagiamap", 8);
data/jfsutils-1.1.15/fsck/fsckwsp.c:2794:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->fextsumm_eyecatcher), (void *) "fextsumm",
data/jfsutils-1.1.15/fsck/fsckwsp.c:2796:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(agg_recptr->finosumm_eyecatcher), (void *) "finosumm",
data/jfsutils-1.1.15/fsck/fsckwsp.c:3007:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&(new_inoexttbl->eyecatcher),
data/jfsutils-1.1.15/fsck/fsckwsp.c:3024:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&(new_inotbl->eyecatcher),
data/jfsutils-1.1.15/fsck/xchkdsk.c:80:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_stamp[20];
data/jfsutils-1.1.15/fsck/xchkdsk.c:94:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Str_Name[JFS_NAME_MAX];
data/jfsutils-1.1.15/fsck/xchkdsk.c:105:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_device[512] = { 0 };
data/jfsutils-1.1.15/fsck/xchkdsk.c:432:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(time_stamp, "%d/%d/%d %d:%02d:%02d",
data/jfsutils-1.1.15/fsck/xchkdsk.c:441:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&agg_recptr->blkmp_ctlptr->hdr.end_time[0],
data/jfsutils-1.1.15/fsck/xchkdsk.c:870:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(inoptr->di_ixpxd),
data/jfsutils-1.1.15/fsck/xchkdsk.c:1436:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message_parm[MAXPARMLEN];
data/jfsutils-1.1.15/fsck/xchkdsk.c:1448:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(message_parm, "%d/%d/%d %d:%02d:%02d",
data/jfsutils-1.1.15/fsck/xchkdsk.c:1812:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_p = fopen(device_name, "r");
data/jfsutils-1.1.15/fsck/xfsck.h:166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eyecatcher[8];
data/jfsutils-1.1.15/fsck/xfsck.h:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rsvd0[2];
data/jfsutils-1.1.15/fsck/xfsck.h:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bmpctlinf_eyecatcher[8];
data/jfsutils-1.1.15/fsck/xfsck.h:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rsvd1[4];
data/jfsutils-1.1.15/fsck/xfsck.h:178:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char AGinf_eyecatcher[8];
data/jfsutils-1.1.15/fsck/xfsck.h:182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dmapinf_eyecatcher[8];
data/jfsutils-1.1.15/fsck/xfsck.h:195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rsvd2[4];
data/jfsutils-1.1.15/fsck/xfsck.h:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L0inf_eyecatcher[8];
data/jfsutils-1.1.15/fsck/xfsck.h:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rsvd3[4];
data/jfsutils-1.1.15/fsck/xfsck.h:212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L1inf_eyecatcher[8];
data/jfsutils-1.1.15/fsck/xfsck.h:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rsvd4[4];
data/jfsutils-1.1.15/fsck/xfsck.h:227:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L2inf_eyecatcher[8];
data/jfsutils-1.1.15/fsck/xfsck.h:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rsvd5[5];
data/jfsutils-1.1.15/fscklog/display.c:48:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char file_name[128];
data/jfsutils-1.1.15/fscklog/display.c:57:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char xchklog_buffer[XCHKLOG_BUFSIZE];
data/jfsutils-1.1.15/fscklog/display.c:65:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *msgprms[10];
data/jfsutils-1.1.15/fscklog/display.c:305:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) file_name, (void *) default_logfile_new,
data/jfsutils-1.1.15/fscklog/display.c:308:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) file_name, (void *) default_logfile_old,
data/jfsutils-1.1.15/fscklog/display.c:313:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
infp = fopen(file_name, "r");
data/jfsutils-1.1.15/fscklog/extract.c:46:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char file_name[128];
data/jfsutils-1.1.15/fscklog/extract.c:67:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fscklog_buffer[FSCKLOG_BUFSIZE];
data/jfsutils-1.1.15/fscklog/extract.c:68:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xchklog_buffer[XCHKLOG_BUFSIZE];
data/jfsutils-1.1.15/fscklog/extract.c:493:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Dev_IOPort = fopen(Device, "r");
data/jfsutils-1.1.15/fscklog/extract.c:523:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) file_name, (void *) default_logfile_new,
data/jfsutils-1.1.15/fscklog/extract.c:527:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) file_name, (void *) default_logfile_old,
data/jfsutils-1.1.15/fscklog/extract.c:532:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfp = fopen(file_name, "w");
data/jfsutils-1.1.15/fscklog/extract.c:544:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) (local_recptr->outfile_buf_ptr),
data/jfsutils-1.1.15/fscklog/extract.c:652:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_entry[4096];
data/jfsutils-1.1.15/fscklog/extract.c:688:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) local_recptr->last_msghdr, (void *) hdptr,
data/jfsutils-1.1.15/fscklog/fscklog.c:82:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[128];
data/jfsutils-1.1.15/fscklog/fscklog.c:186:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_p = fopen(Vol_Label, "r");
data/jfsutils-1.1.15/fscklog/fscklog.c:245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg_string[max_log_entry_length - 4];
data/jfsutils-1.1.15/fscklog/fscklog.c:246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debug_detail[100];
data/jfsutils-1.1.15/include/jfs_logmgr.h:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[16]; /* 16: journal label */
data/jfsutils-1.1.15/include/jfs_superblock.h:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_magic[4]; /* 4: magic number */
data/jfsutils-1.1.15/include/jfs_superblock.h:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_fpack[11]; /* 11: file system volume name
data/jfsutils-1.1.15/include/jfs_superblock.h:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_label[16]; /* 16: volume label */
data/jfsutils-1.1.15/include/jfs_unicode.h:34:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern signed char UniUpperTable[512];
data/jfsutils-1.1.15/libfs/fsck_message.h:698:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg_txt[max_msg_txt_length];
data/jfsutils-1.1.15/libfs/fsckcbbl.h:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckcbbl.h:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char avail_1[4]; /* 4 */
data/jfsutils-1.1.15/libfs/fsckcbbl.h:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufptr_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckcbbl.h:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char avail_2[28]; /* 28 */
data/jfsutils-1.1.15/libfs/fsckwsp.h:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char avail_0[896]; /* 896 */
data/jfsutils-1.1.15/libfs/fsckwsp.h:114:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eyecatcher[8]; /* 8 */
data/jfsutils-1.1.15/libfs/fsckwsp.h:117:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start_time[20]; /* 20 */
data/jfsutils-1.1.15/libfs/fsckwsp.h:118:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char end_time[20]; /* 20 */
data/jfsutils-1.1.15/libfs/fsckwsp.h:123:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char avail_1[8]; /* 8 */
data/jfsutils-1.1.15/libfs/fsckwsp.h:128:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char avail_2[1]; /* 1 */
data/jfsutils-1.1.15/libfs/fsckwsp.h:130:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char avail_3[32]; /* 32 */
data/jfsutils-1.1.15/libfs/fsckwsp.h:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char avail_5[1024]; /* 1024 */
data/jfsutils-1.1.15/libfs/fsckwsp.h:199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused[14];
data/jfsutils-1.1.15/libfs/fsckwsp.h:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused[2];
data/jfsutils-1.1.15/libfs/fsckwsp.h:329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eyecatcher[8]; /* 8.0 */
data/jfsutils-1.1.15/libfs/fsckwsp.h:343:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eyecatcher[8]; /* 8.0 */
data/jfsutils-1.1.15/libfs/fsckwsp.h:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eyecatcher[8]; /* 8.0 */
data/jfsutils-1.1.15/libfs/fsckwsp.h:371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char avail[2];
data/jfsutils-1.1.15/libfs/fsckwsp.h:387:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[12];
data/jfsutils-1.1.15/libfs/fsckwsp.h:395:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:427:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvd0[4];
data/jfsutils-1.1.15/libfs/fsckwsp.h:442:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvd2[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:445:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:460:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvd4[2];
data/jfsutils-1.1.15/libfs/fsckwsp.h:466:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char agg_imap_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:469:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fset_imap_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:487:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvd7[2]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:489:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvd8[7]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:490:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flags_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:563:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvda[4]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:565:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char AIT_eyecatcher[8]; /* */
data/jfsutils-1.1.15/libfs/fsckwsp.h:569:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FSIT_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:578:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:594:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvde[4]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:625:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vlarge_info_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:629:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvdf[4]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:635:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fscklog_info_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:645:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvdg[5]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:658:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blkmp_info_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:689:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ea_info_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:695:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvdh[4]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:710:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iag_info_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:720:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvdi[9]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:726:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapctl_info_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:732:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvdk[3]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:739:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char maplf_info_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:747:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvdm[1]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:753:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bmplv_info_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:761:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvdo[10]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:776:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bmpdm_info_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:783:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvdq[11]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:790:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inobuf_info_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:801:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvds[1]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:808:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodbuf_info_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:814:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvdu[3]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:818:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dnodbuf_info_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:824:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvduu[3]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:828:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char agg_AGTbl_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:829:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvdw[8]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:832:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fset_AGTbl_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:833:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvdy[8]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:837:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char amap_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:839:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvd00[8]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:840:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fextsumm_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fsckwsp.h:842:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggrec_rsvd02[8]; /* pad to quadword boundary */
data/jfsutils-1.1.15/libfs/fsckwsp.h:843:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char finosumm_eyecatcher[8];
data/jfsutils-1.1.15/libfs/fssubs.c:75:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(TEST_FILE, O_RDWR | O_CREAT, S_IRWXU);
data/jfsutils-1.1.15/libfs/inode.c:227:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PSIZE];
data/jfsutils-1.1.15/libfs/log_dump.c:141:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bytes[PSIZE];
data/jfsutils-1.1.15/libfs/log_dump.c:534:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char block[PSIZE];
data/jfsutils-1.1.15/libfs/log_dump.c:644:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuf[LINESZ + 1];
data/jfsutils-1.1.15/libfs/log_dump.c:645:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prevbuf[LINESZ + 1];
data/jfsutils-1.1.15/libfs/log_dump.c:1004:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfp = fopen(output_filename, "w");
data/jfsutils-1.1.15/libfs/log_map.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bytes[PSIZE];
data/jfsutils-1.1.15/libfs/log_map.c:142:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char maptab[256] = {
data/jfsutils-1.1.15/libfs/log_map.c:173:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
signed char budtab[256] = {
data/jfsutils-1.1.15/libfs/log_map.c:618:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(dmap_bitrec->pmap), (void *) &(dmap_pg->pmap), maplen);
data/jfsutils-1.1.15/libfs/log_map.c:903:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(iag_datarec->pmap), (void *) &(iag_pg->pmap), maplen);
data/jfsutils-1.1.15/libfs/log_map.c:904:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(iag_datarec->inoext), (void *) &(iag_pg->inoext), inoext_arrlen);
data/jfsutils-1.1.15/libfs/log_map.c:1057:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(iagp->pmap), (void *) &(iag_datarec->pmap), maplen);
data/jfsutils-1.1.15/libfs/log_map.c:1058:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(iagp->inoext),
data/jfsutils-1.1.15/libfs/log_map.c:1397:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(dmap->pmap),
data/jfsutils-1.1.15/libfs/log_work.c:2712:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dip_local, data, size_dinode);
data/jfsutils-1.1.15/libfs/log_work.c:2796:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf_ptr, data, seglen);
data/jfsutils-1.1.15/libfs/log_work.c:2882:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((caddr_t) buf_btroot, data, ln << l2linesize);
data/jfsutils-1.1.15/libfs/log_work.c:2896:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((caddr_t) buf_ptr, data, delta_len << l2linesize);
data/jfsutils-1.1.15/libfs/log_work.c:2940:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((caddr_t) buf, data, ln << l2linesize);
data/jfsutils-1.1.15/libfs/log_work.c:2954:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((caddr_t) buf_ptr, data, delta_len << l2linesize);
data/jfsutils-1.1.15/libfs/log_work.c:2992:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((caddr_t) buf_ptr, data, linesize);
data/jfsutils-1.1.15/libfs/log_work.c:3030:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((caddr_t)
data/jfsutils-1.1.15/libfs/log_work.c:3066:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((caddr_t)
data/jfsutils-1.1.15/libfs/logform.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logpages[4 * LOGPSIZE];
data/jfsutils-1.1.15/libfs/logform.c:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *Working[5];
data/jfsutils-1.1.15/libfs/logredo.c:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bytes[PSIZE];
data/jfsutils-1.1.15/libfs/logredo.c:1062:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char block[PSIZE];
data/jfsutils-1.1.15/libfs/logredo.c:1226:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Log.fp = fopen(log_device, "r");
data/jfsutils-1.1.15/libfs/logredo.c:1455:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &temp_pxd, (void *) &(dip1->di_ixpxd), sizeof (pxd_t));
data/jfsutils-1.1.15/libfs/logredo.c:1456:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dip1, dip2, DISIZE);
data/jfsutils-1.1.15/libfs/logredo.c:1457:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(dip1->di_ixpxd), (void *) &temp_pxd, sizeof (pxd_t));
data/jfsutils-1.1.15/libfs/logredo.c:1629:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &temp_pxd, (void *) &(dip2->di_ixpxd), sizeof (pxd_t));
data/jfsutils-1.1.15/libfs/logredo.c:1630:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dip2, dip1, DISIZE);
data/jfsutils-1.1.15/libfs/logredo.c:1631:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) &(dip2->di_ixpxd), (void *) &temp_pxd, sizeof (pxd_t));
data/jfsutils-1.1.15/libfs/logredo.c:1820:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuf[LINESZ + 1];
data/jfsutils-1.1.15/libfs/logredo.c:1821:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prevbuf[LINESZ + 1];
data/jfsutils-1.1.15/libfs/message.c:27:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Current_String[MAX_STRING_ACCEPTED + 1];
data/jfsutils-1.1.15/libfs/open_by_label.c:54:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(device, "r");
data/jfsutils-1.1.15/libfs/open_by_label.c:60:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(device, "r");
data/jfsutils-1.1.15/libfs/open_by_label.c:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[100];
data/jfsutils-1.1.15/libfs/open_by_label.c:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/jfsutils-1.1.15/libfs/open_by_label.c:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lv_dirname[100];
data/jfsutils-1.1.15/libfs/open_by_label.c:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char part_name[95];
data/jfsutils-1.1.15/libfs/open_by_label.c:185:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
part_fd = fopen("/proc/evms/volumes", "r");
data/jfsutils-1.1.15/libfs/open_by_label.c:213:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(device, "/dev/evms");
data/jfsutils-1.1.15/libfs/open_by_label.c:226:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
part_fd = fopen("/proc/mdstat", "r");
data/jfsutils-1.1.15/libfs/open_by_label.c:229:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[4];
data/jfsutils-1.1.15/libfs/open_by_label.c:250:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
part_fd = fopen("/proc/partitions", "r");
data/jfsutils-1.1.15/libfs/super.c:165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SIZE_OF_SUPER];
data/jfsutils-1.1.15/libfs/super.c:169:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, sb, sizeof (*sb));
data/jfsutils-1.1.15/libfs/super.c:209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SIZE_OF_SUPER];
data/jfsutils-1.1.15/libfs/super.c:220:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sb, sblk, sizeof (*sb));
data/jfsutils-1.1.15/libfs/super.c:285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof (struct logsuper)];
data/jfsutils-1.1.15/libfs/super.c:288:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, logsup, sizeof (struct logsuper));
data/jfsutils-1.1.15/libfs/super.c:324:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof (struct logsuper)];
data/jfsutils-1.1.15/libfs/super.c:331:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(logsup, logsup_buf, sizeof (struct logsuper));
data/jfsutils-1.1.15/libfs/uniupr.c:27:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
signed char UniUpperTable[512] = {
data/jfsutils-1.1.15/libfs/uniupr.c:63:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static signed char UniCaseRangeU03a0[47] = {
data/jfsutils-1.1.15/libfs/uniupr.c:70:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static signed char UniCaseRangeU0430[48] = {
data/jfsutils-1.1.15/libfs/uniupr.c:77:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static signed char UniCaseRangeU0490[61] = {
data/jfsutils-1.1.15/libfs/uniupr.c:85:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static signed char UniCaseRangeU1e00[509] = {
data/jfsutils-1.1.15/libfs/uniupr.c:121:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static signed char UniCaseRangeUff40[27] = {
data/jfsutils-1.1.15/libfs/utilsubs.c:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[81];
data/jfsutils-1.1.15/libfs/utilsubs.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[81];
data/jfsutils-1.1.15/libfs/utilsubs.h:40:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, O_RDWR | O_EXCL, 0);
data/jfsutils-1.1.15/logdump/helpers.c:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg_string[max_log_entry_length - 4];
data/jfsutils-1.1.15/logdump/helpers.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debug_detail[100];
data/jfsutils-1.1.15/logdump/logdump.c:46:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_device[1]; /* This avoids linker error */
data/jfsutils-1.1.15/logdump/logdump.c:103:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Dev_IOPort = fopen(Vol_Label, "r");
data/jfsutils-1.1.15/mkfs/initmap.c:843:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&newpage->xad[XTENTRYSTART], &rootpage->xad[XTENTRYSTART],
data/jfsutils-1.1.15/mkfs/initmap.c:1081:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *msg_parms[MAXPARMS];
data/jfsutils-1.1.15/mkfs/initmap.c:1082:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msgstr[MAXSTR];
data/jfsutils-1.1.15/mkfs/initmap.c:1151:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msgstr, "%d", percent);
data/jfsutils-1.1.15/mkfs/inodemap.c:112:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(in_agctl[index]), &(empty_entry),
data/jfsutils-1.1.15/mkfs/inodes.c:114:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, aggr_inodes, num_aggr_inodes * sizeof (struct dinode));
data/jfsutils-1.1.15/mkfs/inodes.c:219:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bp, &inode_buffer, sizeof (inode_buffer));
data/jfsutils-1.1.15/mkfs/inodes.c:235:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bp, &inode_buffer, sizeof (inode_buffer));
data/jfsutils-1.1.15/mkfs/inodes.c:278:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bp, &inode_buffer, sizeof (inode_buffer));
data/jfsutils-1.1.15/mkfs/inodes.c:290:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bp, &inode_buffer, sizeof (inode_buffer));
data/jfsutils-1.1.15/mkfs/mkfs.c:59:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *msg_parms[MAXPARMS];
data/jfsutils-1.1.15/mkfs/mkfs.c:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgstr[MAXSTR];
data/jfsutils-1.1.15/mkfs/mkfs.c:472:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aggr_superblock.s_magic, JFS_MAGIC, strlen(JFS_MAGIC));
data/jfsutils-1.1.15/mkfs/mkfs.c:666:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volume_label[16] = { "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0" };
data/jfsutils-1.1.15/mkfs/mkfs.c:670:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logdev[255] = { '\0' }; /* Need to use a macro for this size */
data/jfsutils-1.1.15/mkfs/mkfs.c:831:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msgstr, "%d", aggr_block_size);
data/jfsutils-1.1.15/mkfs/mkfs.c:843:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msgstr, "%d", aggr_block_size);
data/jfsutils-1.1.15/mkfs/mkfs.c:1072:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msgstr, "%lld", (long long) (number_of_bytes / 1024));
data/jfsutils-1.1.15/tune/super.c:43:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string_ptr, "JFS_LINUX ");
data/jfsutils-1.1.15/tune/super.c:47:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string_ptr, "JFS_OS2 ");
data/jfsutils-1.1.15/tune/super.c:51:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string_ptr, "JFS_COMMIT ");
data/jfsutils-1.1.15/tune/super.c:55:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string_ptr, "JFS_GROUPCOMMIT ");
data/jfsutils-1.1.15/tune/super.c:59:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string_ptr, "JFS_LAZYCOMMIT ");
data/jfsutils-1.1.15/tune/super.c:63:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string_ptr, "JFS_INLINELOG ");
data/jfsutils-1.1.15/tune/super.c:67:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string_ptr, "JFS_BAD_SAIT ");
data/jfsutils-1.1.15/tune/super.c:71:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string_ptr, "JFS_SPARSE ");
data/jfsutils-1.1.15/tune/super.c:75:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string_ptr, "JFS_DASD_ENABLED ");
data/jfsutils-1.1.15/tune/super.c:79:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string_ptr, "JFS_DASD_PRIME ");
data/jfsutils-1.1.15/tune/super.c:115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_unparsed[37];
data/jfsutils-1.1.15/tune/super.c:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flag_string[142];
data/jfsutils-1.1.15/tune/super.c:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_unparsed[37];
data/jfsutils-1.1.15/tune/super.c:199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flag_string[142];
data/jfsutils-1.1.15/tune/tune.c:41:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logdev[255] = { '\0' };
data/jfsutils-1.1.15/tune/tune.c:97:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
log_fd = fopen(logdev, "r");
data/jfsutils-1.1.15/tune/tune.c:235:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(device, OpenMode);
data/jfsutils-1.1.15/xpeek/alter.c:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[512];
data/jfsutils-1.1.15/xpeek/directory.c:52:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char UTF8_Buffer[8 * JFS_PATH_MAX];
data/jfsutils-1.1.15/xpeek/directory.c:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_line[80];
data/jfsutils-1.1.15/xpeek/directory.c:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_line[80];
data/jfsutils-1.1.15/xpeek/directory.c:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flag_names[64];
data/jfsutils-1.1.15/xpeek/directory.c:269:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_ROOT ");
data/jfsutils-1.1.15/xpeek/directory.c:271:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_LEAF ");
data/jfsutils-1.1.15/xpeek/directory.c:273:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_INTERNAL ");
data/jfsutils-1.1.15/xpeek/directory.c:275:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_RIGHTMOST ");
data/jfsutils-1.1.15/xpeek/directory.c:277:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_LEFTMOST ");
data/jfsutils-1.1.15/xpeek/directory.c:397:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_line[80];
data/jfsutils-1.1.15/xpeek/directory.c:546:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flag_names[64];
data/jfsutils-1.1.15/xpeek/directory.c:550:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_ROOT ");
data/jfsutils-1.1.15/xpeek/directory.c:552:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_LEAF ");
data/jfsutils-1.1.15/xpeek/directory.c:554:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_INTERNAL ");
data/jfsutils-1.1.15/xpeek/directory.c:556:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_RIGHTMOST ");
data/jfsutils-1.1.15/xpeek/directory.c:558:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_LEFTMOST ");
data/jfsutils-1.1.15/xpeek/directory.c:571:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_line[512];
data/jfsutils-1.1.15/xpeek/directory.c:766:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_line[80];
data/jfsutils-1.1.15/xpeek/directory.c:880:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flag_names[64];
data/jfsutils-1.1.15/xpeek/directory.c:898:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_ROOT ");
data/jfsutils-1.1.15/xpeek/directory.c:901:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_LEAF ");
data/jfsutils-1.1.15/xpeek/directory.c:903:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_INTERNAL ");
data/jfsutils-1.1.15/xpeek/directory.c:905:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_RIGHTMOST ");
data/jfsutils-1.1.15/xpeek/directory.c:907:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(flag_names, "BT_LEFTMOST ");
data/jfsutils-1.1.15/xpeek/display.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[512];
data/jfsutils-1.1.15/xpeek/dmap.c:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[80];
data/jfsutils-1.1.15/xpeek/dmap.c:292:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[80];
data/jfsutils-1.1.15/xpeek/dmap.c:486:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[80];
data/jfsutils-1.1.15/xpeek/dmap.c:663:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[80];
data/jfsutils-1.1.15/xpeek/dmap.c:879:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[80];
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PSIZE];
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[512];
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[9];
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[9];
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[512];
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:267:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[9];
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[512];
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:378:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_unparsed[37];
data/jfsutils-1.1.15/xpeek/iag.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_line[80];
data/jfsutils-1.1.15/xpeek/iag.c:155:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[80];
data/jfsutils-1.1.15/xpeek/iag.c:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PSIZE];
data/jfsutils-1.1.15/xpeek/iag.c:328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[80];
data/jfsutils-1.1.15/xpeek/inode.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_line[80];
data/jfsutils-1.1.15/xpeek/inode.c:186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[512];
data/jfsutils-1.1.15/xpeek/inode.c:311:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mode_str[5];
data/jfsutils-1.1.15/xpeek/inode.c:313:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mode_str, "----");
data/jfsutils-1.1.15/xpeek/io.c:51:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, block_buffer + offset, count);
data/jfsutils-1.1.15/xpeek/io.c:78:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block_buffer + offset, buffer, count);
data/jfsutils-1.1.15/xpeek/super.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[512];
data/jfsutils-1.1.15/xpeek/super.c:104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_unparsed[37];
data/jfsutils-1.1.15/xpeek/super2.c:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[512];
data/jfsutils-1.1.15/xpeek/super2.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_unparsed[37];
data/jfsutils-1.1.15/xpeek/xpeek.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command_line[512];
data/jfsutils-1.1.15/xpeek/xpeek.c:76:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(device, "r+");
data/jfsutils-1.1.15/fsck/fsck_message.c:43:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(msg, msg_txt, max_log_entry_length - entry_length);
data/jfsutils-1.1.15/fsck/fsck_message.c:44:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entry_length += strlen(msg_txt);
data/jfsutils-1.1.15/fsck/fsck_message.c:113:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(msg_string, debug_detail,
data/jfsutils-1.1.15/fsck/fsck_message.c:114:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max_log_entry_length - 4 - strlen(msg_string));
data/jfsutils-1.1.15/fsck/fsckwsp.c:1484:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(agg_recptr->blkmp_ctlptr->hdr.eyecatcher,
data/jfsutils-1.1.15/fsck/fsckwsp.c:1485:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fbmh_eyecatcher_string, strlen(fbmh_eyecatcher_string));
data/jfsutils-1.1.15/fsck/xchkdsk.c:1732:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(log_device, optarg, sizeof (log_device) - 1);
data/jfsutils-1.1.15/fsck/xchkdsk.c:3059:12: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getchar()) == EOF)
data/jfsutils-1.1.15/fscklog/extract.c:660:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entry_length += strlen(msg_txt);
data/jfsutils-1.1.15/fscklog/fscklog.c:198:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
arg_len = strlen(optarg);
data/jfsutils-1.1.15/fscklog/fscklog.c:205:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(file_name, optarg, arg_len);
data/jfsutils-1.1.15/libfs/devices.c:261:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Read_Result = fgetc(device);
data/jfsutils-1.1.15/libfs/devices.c:294:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Read_Result = fgetc(device);
data/jfsutils-1.1.15/libfs/devices.c:324:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Read_Result = fgetc(device);
data/jfsutils-1.1.15/libfs/logform.c:153:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *) &log_sup->label, label, sizeof (log_sup->label));
data/jfsutils-1.1.15/libfs/logredo.c:922:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(sb.s_magic, JFS_MAGIC, (unsigned) strlen(JFS_MAGIC))) {
data/jfsutils-1.1.15/libfs/open_by_label.c:121:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(path, "/");
data/jfsutils-1.1.15/libfs/open_by_label.c:122:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path_len = strlen(path);
data/jfsutils-1.1.15/mkfs/initmap.c:1118:14: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
(buffer = memalign(aggr_block_size, bufsize)) == NULL)
data/jfsutils-1.1.15/mkfs/mkfs.c:472:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(aggr_superblock.s_magic, JFS_MAGIC, strlen(JFS_MAGIC));
data/jfsutils-1.1.15/mkfs/mkfs.c:522:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(aggr_superblock.s_fpack, volume_label, LV_NAME_SIZE);
data/jfsutils-1.1.15/mkfs/mkfs.c:530:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(aggr_superblock.s_label, volume_label, 16);
data/jfsutils-1.1.15/mkfs/mkfs.c:730:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(volume_label, optarg, 16);
data/jfsutils-1.1.15/mkfs/mkfs.c:927:8: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getchar();
data/jfsutils-1.1.15/tune/super.c:82:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(string_ptr, "\0");
data/jfsutils-1.1.15/tune/tune.c:324:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sb.s_fpack, new_label, sizeof (sb.s_fpack));
data/jfsutils-1.1.15/tune/tune.c:325:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(new_label) > sizeof (sb.s_label))
data/jfsutils-1.1.15/tune/tune.c:328:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sb.s_label, new_label, sizeof (sb.s_label));
data/jfsutils-1.1.15/tune/tune.c:332:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(new_label) > sizeof (logsup.label))
data/jfsutils-1.1.15/tune/tune.c:335:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(logsup.label, new_label, sizeof (logsup.label));
data/jfsutils-1.1.15/tune/tune.c:372:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sb.s_label, sb.s_fpack, 11);
data/jfsutils-1.1.15/xpeek/alter.c:76:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hex_length = strlen(hexstring);
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:137:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s1, cbblrec->eyecatcher, 8);
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:139:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s2, cbblrec->bufptr_eyecatcher, 8);
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:177:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cbblrec->eyecatcher, token, 8);
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:213:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cbblrec->bufptr_eyecatcher, token, 8);
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:271:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s1, wp->hdr.eyecatcher, 8);
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:303:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wp->hdr.eyecatcher, token, 8);
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:312:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wp->hdr.start_time, token, 16);
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:315:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wp->hdr.end_time, token, 16);
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:467:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(uuid_unparsed, token, 36);
data/jfsutils-1.1.15/xpeek/fsckcbbl.c:477:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lsp->label, token, 16);
data/jfsutils-1.1.15/xpeek/help.c:57:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd_len = strlen(cmd);
data/jfsutils-1.1.15/xpeek/super.c:244:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sb->s_magic, token, 4);
data/jfsutils-1.1.15/xpeek/super.c:323:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sb->s_fpack, token, 11);
data/jfsutils-1.1.15/xpeek/super.c:326:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(uuid_unparsed, token, 36);
data/jfsutils-1.1.15/xpeek/super.c:336:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sb->s_label, token, 16);
data/jfsutils-1.1.15/xpeek/super.c:339:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(uuid_unparsed, token, 36);
data/jfsutils-1.1.15/xpeek/super2.c:235:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sb->s_magic, token, 4);
data/jfsutils-1.1.15/xpeek/super2.c:319:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sb->s_fpack, token, 8);
data/jfsutils-1.1.15/xpeek/super2.c:322:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(uuid_unparsed, token, 36);
data/jfsutils-1.1.15/xpeek/super2.c:332:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sb->s_label, token, 16);
data/jfsutils-1.1.15/xpeek/super2.c:335:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(uuid_unparsed, token, 36);
data/jfsutils-1.1.15/xpeek/xpeek.c:110:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd_len = strlen(command);
ANALYSIS SUMMARY:
Hits = 451
Lines analyzed = 61037 in approximately 1.60 seconds (38202 lines/second)
Physical Source Lines of Code (SLOC) = 35080
Hits@level = [0] 846 [1] 54 [2] 362 [3] 4 [4] 31 [5] 0
Hits@level+ = [0+] 1297 [1+] 451 [2+] 397 [3+] 35 [4+] 31 [5+] 0
Hits/KSLOC@level+ = [0+] 36.9726 [1+] 12.8563 [2+] 11.317 [3+] 0.997719 [4+] 0.883694 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.