Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/lam-7.1.4/romio/acconfig.h Examining data/lam-7.1.4/romio/mpi2-other/array/fortran/darrayf.c Examining data/lam-7.1.4/romio/mpi2-other/array/fortran/subarrayf.c Examining data/lam-7.1.4/romio/mpi2-other/array/darray.c Examining data/lam-7.1.4/romio/mpi2-other/array/subarray.c Examining data/lam-7.1.4/romio/mpi2-other/info/info_get.c Examining data/lam-7.1.4/romio/mpi2-other/info/fortran/info_getnksf.c Examining data/lam-7.1.4/romio/mpi2-other/info/fortran/info_getvlnf.c Examining data/lam-7.1.4/romio/mpi2-other/info/fortran/info_dupf.c Examining data/lam-7.1.4/romio/mpi2-other/info/fortran/info_createf.c Examining data/lam-7.1.4/romio/mpi2-other/info/fortran/info_setf.c Examining data/lam-7.1.4/romio/mpi2-other/info/fortran/info_freef.c Examining data/lam-7.1.4/romio/mpi2-other/info/fortran/info_deletef.c Examining data/lam-7.1.4/romio/mpi2-other/info/fortran/info_getnthf.c Examining data/lam-7.1.4/romio/mpi2-other/info/fortran/info_getf.c Examining data/lam-7.1.4/romio/mpi2-other/info/info_c2f.c Examining data/lam-7.1.4/romio/mpi2-other/info/info_getnth.c Examining data/lam-7.1.4/romio/mpi2-other/info/info_set.c Examining data/lam-7.1.4/romio/mpi2-other/info/info_getvln.c Examining data/lam-7.1.4/romio/mpi2-other/info/info_dup.c Examining data/lam-7.1.4/romio/mpi2-other/info/info_free.c Examining data/lam-7.1.4/romio/mpi2-other/info/info_create.c Examining data/lam-7.1.4/romio/mpi2-other/info/info_getnks.c Examining data/lam-7.1.4/romio/mpi2-other/info/info_delete.c Examining data/lam-7.1.4/romio/mpi2-other/info/info_f2c.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs.h Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_iread.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_close.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_write.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_iwrite.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_read.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_fcntl.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_done.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_wrcoll.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_open.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_rdcoll.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_seek.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_flush.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_hints.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_wait.c Examining data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_resize.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_read.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_flush.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_open.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_resize.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_fcntl.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_rdcoll.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_hints.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_wrcoll.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_write.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_iwrite.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_close.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_seek.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs.h Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_done.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_iread.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_wait.c Examining data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs.c Examining data/lam-7.1.4/romio/adio/include/adio_cb_config_list.h Examining data/lam-7.1.4/romio/adio/include/adio.h Examining data/lam-7.1.4/romio/adio/include/mpipr.h Examining data/lam-7.1.4/romio/adio/include/mpisgi2.h Examining data/lam-7.1.4/romio/adio/include/mpio_error.h Examining data/lam-7.1.4/romio/adio/include/adioi_fs_proto.h Examining data/lam-7.1.4/romio/adio/include/adioi.h Examining data/lam-7.1.4/romio/adio/include/adioi_error.h Examining data/lam-7.1.4/romio/adio/include/adio_extern.h Examining data/lam-7.1.4/romio/adio/include/adioi_errmsg.h Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_write.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_iwrite.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_flush.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_wrcoll.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_fcntl.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_open.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_hints.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_iread.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_close.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_seek.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_done.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_resize.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs.h Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_wait.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_read.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs.c Examining data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_rdcoll.c Examining data/lam-7.1.4/romio/adio/sgi/mpi3.1/mpif.h Examining data/lam-7.1.4/romio/adio/sgi/mpi3.1/mpi.h Examining data/lam-7.1.4/romio/adio/common/flatten.c Examining data/lam-7.1.4/romio/adio/common/ad_delete.c Examining data/lam-7.1.4/romio/adio/common/gencheck.c Examining data/lam-7.1.4/romio/adio/common/ad_hints.c Examining data/lam-7.1.4/romio/adio/common/shfp_fname.c Examining data/lam-7.1.4/romio/adio/common/ad_read_str.c Examining data/lam-7.1.4/romio/adio/common/setfn.c Examining data/lam-7.1.4/romio/adio/common/ad_write_coll.c Examining data/lam-7.1.4/romio/adio/common/cb_config_list.c Examining data/lam-7.1.4/romio/adio/common/ad_set_sh_fp.c Examining data/lam-7.1.4/romio/adio/common/iscontig.c Examining data/lam-7.1.4/romio/adio/common/ad_aggregate.c Examining data/lam-7.1.4/romio/adio/common/lock.c Examining data/lam-7.1.4/romio/adio/common/ad_set_view.c Examining data/lam-7.1.4/romio/adio/common/async_list.c Examining data/lam-7.1.4/romio/adio/common/status_setb.c Examining data/lam-7.1.4/romio/adio/common/ad_end.c Examining data/lam-7.1.4/romio/adio/common/ad_write_str.c Examining data/lam-7.1.4/romio/adio/common/byte_offset.c Examining data/lam-7.1.4/romio/adio/common/req_malloc.c Examining data/lam-7.1.4/romio/adio/common/ad_flush.c Examining data/lam-7.1.4/romio/adio/common/error.c Examining data/lam-7.1.4/romio/adio/common/ad_seek.c Examining data/lam-7.1.4/romio/adio/common/ad_read_coll.c Examining data/lam-7.1.4/romio/adio/common/get_fp_posn.c Examining data/lam-7.1.4/romio/adio/common/eof_offset.c Examining data/lam-7.1.4/romio/adio/common/ad_get_sh_fp.c Examining data/lam-7.1.4/romio/adio/common/ad_open.c Examining data/lam-7.1.4/romio/adio/common/ad_fstype.c Examining data/lam-7.1.4/romio/adio/common/ad_close.c Examining data/lam-7.1.4/romio/adio/common/ad_init.c Examining data/lam-7.1.4/romio/adio/common/ad_read_str_naive.c Examining data/lam-7.1.4/romio/adio/common/malloc.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_hints.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_read.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_wait.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_iread.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_fcntl.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_rdcoll.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_wrcoll.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_open.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_write.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_close.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_iwrite.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_resize.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs.h Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_done.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_seek.c Examining data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_flush.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_setsh.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_getsh.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs.h Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_wait.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_seek.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_delete.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_write.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_iread.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_flush.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_open.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_fcntl.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_read.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_resize.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_wrcoll.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_done.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_close.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_hints.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_rdcoll.c Examining data/lam-7.1.4/romio/adio/ad_testfs/ad_testfs_iwrite.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs.h Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_fcntl.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_read.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_wrcoll.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_seek.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_done.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_iwrite.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_rdcoll.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_hints.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_close.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_open.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_write.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_resize.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_iread.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_flush.c Examining data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_wait.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_seek.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_iwrite.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_resize.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_close.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_read.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_open.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_flush.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_done.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_iread.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_hints.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_rdcoll.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_write.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs.h Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_fcntl.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_wait.c Examining data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_wrcoll.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_fcntl.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_getsh.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_write.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_rdcoll.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_resize.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_iread.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs.h Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_setsh.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_read.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_close.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_seek.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_open.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_hints.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_wrcoll.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_flush.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_iwrite.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_done.c Examining data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_wait.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_rdcoll.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_delete.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_read.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs.h Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_done.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_wrcoll.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_hints.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_flush.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_close.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_iwrite.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_open.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_iread.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_fcntl.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_resize.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_seek.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_wait.c Examining data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_write.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_iread.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_seek.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_rdcoll.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs.h Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_done.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_open.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_read.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_close.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_fcntl.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_hints.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_wrcoll.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_write.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_resize.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_flush.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_wait.c Examining data/lam-7.1.4/romio/adio/ad_ntfs/ad_ntfs_iwrite.c Examining data/lam-7.1.4/romio/mpi-io/read_sh.c Examining data/lam-7.1.4/romio/mpi-io/read_all.c Examining data/lam-7.1.4/romio/mpi-io/iotest.c Examining data/lam-7.1.4/romio/mpi-io/iread_at.c Examining data/lam-7.1.4/romio/mpi-io/get_errh.c Examining data/lam-7.1.4/romio/mpi-io/write_sh.c Examining data/lam-7.1.4/romio/mpi-io/get_posn_sh.c Examining data/lam-7.1.4/romio/mpi-io/seek.c Examining data/lam-7.1.4/romio/mpi-io/get_size.c Examining data/lam-7.1.4/romio/mpi-io/set_info.c Examining data/lam-7.1.4/romio/mpi-io/open.c Examining data/lam-7.1.4/romio/mpi-io/iwrite_sh.c Examining data/lam-7.1.4/romio/mpi-io/iwrite.c Examining data/lam-7.1.4/romio/mpi-io/get_info.c Examining data/lam-7.1.4/romio/mpi-io/get_extent.c Examining data/lam-7.1.4/romio/mpi-io/fortran/wr_atallbf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/set_infof.c Examining data/lam-7.1.4/romio/mpi-io/fortran/seek_shf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/ireadf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/read_ordbf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/write_allf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/iowaitf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/write_ordf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/read_allef.c Examining data/lam-7.1.4/romio/mpi-io/fortran/get_atomf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/get_groupf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/write_shf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/get_posnf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/rd_atallbf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/writef.c Examining data/lam-7.1.4/romio/mpi-io/fortran/read_ordef.c Examining data/lam-7.1.4/romio/mpi-io/fortran/get_viewf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/set_atomf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/iotestf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/write_atf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/read_atallf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/iwrite_atf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/read_ordf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/openf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/read_allf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/set_viewf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/readf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/set_sizef.c Examining data/lam-7.1.4/romio/mpi-io/fortran/rd_atallef.c Examining data/lam-7.1.4/romio/mpi-io/fortran/write_ordef.c Examining data/lam-7.1.4/romio/mpi-io/fortran/write_allbf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/seekf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/set_errhf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/write_ordbf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/read_shf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/get_extentf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/get_sizef.c Examining data/lam-7.1.4/romio/mpi-io/fortran/preallocf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/fsyncf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/get_posn_shf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/read_allbf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/write_atallf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/read_atf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/iread_shf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/wr_atallef.c Examining data/lam-7.1.4/romio/mpi-io/fortran/closef.c Examining data/lam-7.1.4/romio/mpi-io/fortran/get_infof.c Examining data/lam-7.1.4/romio/mpi-io/fortran/get_errhf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/write_allef.c Examining data/lam-7.1.4/romio/mpi-io/fortran/iwritef.c Examining data/lam-7.1.4/romio/mpi-io/fortran/deletef.c Examining data/lam-7.1.4/romio/mpi-io/fortran/iread_atf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/get_bytofff.c Examining data/lam-7.1.4/romio/mpi-io/fortran/iwrite_shf.c Examining data/lam-7.1.4/romio/mpi-io/fortran/get_amodef.c Examining data/lam-7.1.4/romio/mpi-io/file_c2f.c Examining data/lam-7.1.4/romio/mpi-io/prealloc.c Examining data/lam-7.1.4/romio/mpi-io/write_all.c Examining data/lam-7.1.4/romio/mpi-io/write_alle.c Examining data/lam-7.1.4/romio/mpi-io/file_f2c.c Examining data/lam-7.1.4/romio/mpi-io/close.c Examining data/lam-7.1.4/romio/mpi-io/delete.c Examining data/lam-7.1.4/romio/mpi-io/read.c Examining data/lam-7.1.4/romio/mpi-io/write.c Examining data/lam-7.1.4/romio/mpi-io/iowait.c Examining data/lam-7.1.4/romio/mpi-io/wr_atallb.c Examining data/lam-7.1.4/romio/mpi-io/fsync.c Examining data/lam-7.1.4/romio/mpi-io/get_amode.c Examining data/lam-7.1.4/romio/mpi-io/read_atall.c Examining data/lam-7.1.4/romio/mpi-io/write_ordb.c Examining data/lam-7.1.4/romio/mpi-io/read_allb.c Examining data/lam-7.1.4/romio/mpi-io/mpioprof.h Examining data/lam-7.1.4/romio/mpi-io/get_bytoff.c Examining data/lam-7.1.4/romio/mpi-io/read_at.c Examining data/lam-7.1.4/romio/mpi-io/iread.c Examining data/lam-7.1.4/romio/mpi-io/set_atom.c Examining data/lam-7.1.4/romio/mpi-io/iwrite_at.c Examining data/lam-7.1.4/romio/mpi-io/wr_atalle.c Examining data/lam-7.1.4/romio/mpi-io/read_alle.c Examining data/lam-7.1.4/romio/mpi-io/read_ord.c Examining data/lam-7.1.4/romio/mpi-io/ioreq_f2c.c Examining data/lam-7.1.4/romio/mpi-io/rd_atallb.c Examining data/lam-7.1.4/romio/mpi-io/get_posn.c Examining data/lam-7.1.4/romio/mpi-io/rd_atalle.c Examining data/lam-7.1.4/romio/mpi-io/mpioimpl.h Examining data/lam-7.1.4/romio/mpi-io/write_orde.c Examining data/lam-7.1.4/romio/mpi-io/write_atall.c Examining data/lam-7.1.4/romio/mpi-io/ioreq_c2f.c Examining data/lam-7.1.4/romio/mpi-io/iread_sh.c Examining data/lam-7.1.4/romio/mpi-io/read_orde.c Examining data/lam-7.1.4/romio/mpi-io/set_size.c Examining data/lam-7.1.4/romio/mpi-io/read_ordb.c Examining data/lam-7.1.4/romio/mpi-io/write_allb.c Examining data/lam-7.1.4/romio/mpi-io/set_view.c Examining data/lam-7.1.4/romio/mpi-io/get_view.c Examining data/lam-7.1.4/romio/mpi-io/set_errh.c Examining data/lam-7.1.4/romio/mpi-io/get_group.c Examining data/lam-7.1.4/romio/mpi-io/write_at.c Examining data/lam-7.1.4/romio/mpi-io/seek_sh.c Examining data/lam-7.1.4/romio/mpi-io/get_atom.c Examining data/lam-7.1.4/romio/mpi-io/write_ord.c Examining data/lam-7.1.4/romio/test/shared_fp.c Examining data/lam-7.1.4/romio/test/i_noncontig.c Examining data/lam-7.1.4/romio/test/perf.c Examining data/lam-7.1.4/romio/test/async.c Examining data/lam-7.1.4/romio/test/coll_test.c Examining data/lam-7.1.4/romio/test/large_array.c Examining data/lam-7.1.4/romio/test/excl.c Examining data/lam-7.1.4/romio/test/status.c Examining data/lam-7.1.4/romio/test/simple.c Examining data/lam-7.1.4/romio/test/noncontig_coll.c Examining data/lam-7.1.4/romio/test/split_coll.c Examining data/lam-7.1.4/romio/test/coll_perf.c Examining data/lam-7.1.4/romio/test/atomicity.c Examining data/lam-7.1.4/romio/test/error.c Examining data/lam-7.1.4/romio/test/psimple.c Examining data/lam-7.1.4/romio/test/noncontig.c Examining data/lam-7.1.4/romio/test/file_info.c Examining data/lam-7.1.4/romio/test/noncontig_coll2.c Examining data/lam-7.1.4/tools/lamboot/lamboot.c Examining data/lam-7.1.4/tools/hboot/hboot.c Examining data/lam-7.1.4/tools/laminfo/laminfo.cc Examining data/lam-7.1.4/tools/recon/recon.c Examining data/lam-7.1.4/tools/wipe/wipe.c Examining data/lam-7.1.4/tools/wrappers/wrap_engine_cxx.cc Examining data/lam-7.1.4/tools/wrappers/wrap_engine.cc Examining data/lam-7.1.4/tools/wrappers/mpicc.cc Examining data/lam-7.1.4/tools/wrappers/wrap.cc Examining data/lam-7.1.4/tools/wrappers/wrap_cxx.cc Examining data/lam-7.1.4/tools/wrappers/wrap_engine_cc.cc Examining data/lam-7.1.4/tools/wrappers/mpif77.cc Examining data/lam-7.1.4/tools/wrappers/mpicxx.cc Examining data/lam-7.1.4/tools/wrappers/wrap_engine_f77.cc Examining data/lam-7.1.4/tools/wrappers/wrap_cc.cc Examining data/lam-7.1.4/tools/wrappers/wrap_f77.cc Examining data/lam-7.1.4/tools/tkill/tkill.c Examining data/lam-7.1.4/otb/lamclean/lamclean.c Examining data/lam-7.1.4/otb/lamhalt/lamhalt.c Examining data/lam-7.1.4/otb/bfstate/bfstate.c Examining data/lam-7.1.4/otb/lamshrink/lamshrink.c Examining data/lam-7.1.4/otb/ipcdr/ipcdr.c Examining data/lam-7.1.4/otb/state/state.c Examining data/lam-7.1.4/otb/sys/lamd/nsend.c Examining data/lam-7.1.4/otb/sys/lamd/do_wait.int.c Examining data/lam-7.1.4/otb/sys/lamd/iod.int.c Examining data/lam-7.1.4/otb/sys/lamd/nrecv.c Examining data/lam-7.1.4/otb/sys/lamd/kexit.c Examining data/lam-7.1.4/otb/sys/lamd/couter.c Examining data/lam-7.1.4/otb/sys/lamd/rreq.c Examining data/lam-7.1.4/otb/sys/lamd/kiproc.c Examining data/lam-7.1.4/otb/sys/lamd/kenyad.int.c Examining data/lam-7.1.4/otb/sys/lamd/trillium.c Examining data/lam-7.1.4/otb/sys/lamd/lamd_main.c Examining data/lam-7.1.4/otb/sys/lamd/stub.c Examining data/lam-7.1.4/otb/sys/lamd/di_wait.int.c Examining data/lam-7.1.4/otb/sys/kenyad/p_main.c Examining data/lam-7.1.4/otb/sys/kenyad/pqdetach.c Examining data/lam-7.1.4/otb/sys/kenyad/pqstate.c Examining data/lam-7.1.4/otb/sys/kenyad/kenyad.ext.c Examining data/lam-7.1.4/otb/sys/kenyad/pqdoom.c Examining data/lam-7.1.4/otb/sys/kenyad/kenyad.c Examining data/lam-7.1.4/otb/sys/kenyad/pqcreate.c Examining data/lam-7.1.4/otb/sys/versiond/versiond.c Examining data/lam-7.1.4/otb/sys/versiond/v_main.c Examining data/lam-7.1.4/otb/sys/iod/iod.c Examining data/lam-7.1.4/otb/sys/iod/io_main.c Examining data/lam-7.1.4/otb/sys/iod/iod.ext.c Examining data/lam-7.1.4/otb/sys/haltd/haltd.c Examining data/lam-7.1.4/otb/sys/haltd/h_main.c Examining data/lam-7.1.4/otb/sys/traced/trbuf.c Examining data/lam-7.1.4/otb/sys/traced/tr_main.c Examining data/lam-7.1.4/otb/sys/traced/traced.c Examining data/lam-7.1.4/otb/sys/kernel/kinner.c Examining data/lam-7.1.4/otb/sys/kernel/kkill.c Examining data/lam-7.1.4/otb/sys/kernel/k_main.c Examining data/lam-7.1.4/otb/sys/kernel/kernelio.c Examining data/lam-7.1.4/otb/sys/kernel/kouter.c Examining data/lam-7.1.4/otb/sys/kernel/kiproc.c Examining data/lam-7.1.4/otb/sys/dlo_inet/dlo_inet.c Examining data/lam-7.1.4/otb/sys/dlo_inet/do_wait.ext.c Examining data/lam-7.1.4/otb/sys/dlo_inet/do_intr.c Examining data/lam-7.1.4/otb/sys/dlo_inet/do_main.c Examining data/lam-7.1.4/otb/sys/dlo_inet/do_load.c Examining data/lam-7.1.4/otb/sys/flatd/fl_main.c Examining data/lam-7.1.4/otb/sys/flatd/flatd.c Examining data/lam-7.1.4/otb/sys/bufferd/bufferd.c Examining data/lam-7.1.4/otb/sys/bufferd/bf_main.c Examining data/lam-7.1.4/otb/sys/loadd/l_main.c Examining data/lam-7.1.4/otb/sys/loadd/loadd.c Examining data/lam-7.1.4/otb/sys/bforward/bforward.c Examining data/lam-7.1.4/otb/sys/bforward/bw_main.c Examining data/lam-7.1.4/otb/sys/filed/fface.c Examining data/lam-7.1.4/otb/sys/filed/filed.h Examining data/lam-7.1.4/otb/sys/filed/fdesc.c Examining data/lam-7.1.4/otb/sys/filed/fqsimplex.c Examining data/lam-7.1.4/otb/sys/filed/fqopenfd.c Examining data/lam-7.1.4/otb/sys/filed/fqread.c Examining data/lam-7.1.4/otb/sys/filed/filed.c Examining data/lam-7.1.4/otb/sys/filed/fqwrite.c Examining data/lam-7.1.4/otb/sys/filed/f_main.c Examining data/lam-7.1.4/otb/sys/filed/fqstate.c Examining data/lam-7.1.4/otb/sys/filed/fqopen.c Examining data/lam-7.1.4/otb/sys/filed/fqclose.c Examining data/lam-7.1.4/otb/sys/filed/fqf77.c Examining data/lam-7.1.4/otb/sys/filed/fqpathfind.c Examining data/lam-7.1.4/otb/sys/filed/fqlseek.c Examining data/lam-7.1.4/otb/sys/router/r_main.c Examining data/lam-7.1.4/otb/sys/router/router.c Examining data/lam-7.1.4/otb/sys/router/rtdinit_lam.c Examining data/lam-7.1.4/otb/sys/impid/local_ack.cc Examining data/lam-7.1.4/otb/sys/impid/lamnodes.c Examining data/lam-7.1.4/otb/sys/impid/local_req.cc Examining data/lam-7.1.4/otb/sys/impid/comm.cc Examining data/lam-7.1.4/otb/sys/impid/host.cc Examining data/lam-7.1.4/otb/sys/impid/host_long.cc Examining data/lam-7.1.4/otb/sys/impid/local_queue.cc Examining data/lam-7.1.4/otb/sys/impid/endian.c Examining data/lam-7.1.4/otb/sys/impid/local.cc Examining data/lam-7.1.4/otb/sys/impid/client.c Examining data/lam-7.1.4/otb/sys/impid/packet_mgmt.cc Examining data/lam-7.1.4/otb/sys/impid/host_queue.cc Examining data/lam-7.1.4/otb/sys/impid/dance.c Examining data/lam-7.1.4/otb/sys/impid/procs.cc Examining data/lam-7.1.4/otb/sys/impid/flow_control.cc Examining data/lam-7.1.4/otb/sys/impid/local_long.cc Examining data/lam-7.1.4/otb/sys/impid/sequence.c Examining data/lam-7.1.4/otb/sys/impid/impid.c Examining data/lam-7.1.4/otb/sys/impid/host_ack.cc Examining data/lam-7.1.4/otb/sys/impid/router.cc Examining data/lam-7.1.4/otb/sys/echod/echod.c Examining data/lam-7.1.4/otb/sys/echod/e_main.c Examining data/lam-7.1.4/otb/sys/dli_inet/di_wait.ext.c Examining data/lam-7.1.4/otb/sys/dli_inet/di_bootagent.c Examining data/lam-7.1.4/otb/sys/dli_inet/di_main.c Examining data/lam-7.1.4/otb/sys/dli_inet/di_bootcmd.c Examining data/lam-7.1.4/otb/sys/dli_inet/dli_inet.c Examining data/lam-7.1.4/otb/bfctl/bfctl.c Examining data/lam-7.1.4/otb/doom/doom.c Examining data/lam-7.1.4/otb/mpirun/totalview.c Examining data/lam-7.1.4/otb/mpirun/mpirun.c Examining data/lam-7.1.4/otb/fstate/fstate.c Examining data/lam-7.1.4/otb/fctl/fctl.c Examining data/lam-7.1.4/otb/tping/tping.c Examining data/lam-7.1.4/otb/filedr/filedr.c Examining data/lam-7.1.4/otb/mpimsg/mpimsg.c Examining data/lam-7.1.4/otb/mpimsg/mpitr_data.c Examining data/lam-7.1.4/otb/mpitask/mpitask.c Examining data/lam-7.1.4/otb/lamexec/lamexec.c Examining data/lam-7.1.4/otb/lamnodes/lamnodes.c Examining data/lam-7.1.4/otb/lamtrace/lamtrace.c Examining data/lam-7.1.4/otb/lamrestart/lamrestart.c Examining data/lam-7.1.4/otb/lamgrow/lamgrow.c Examining data/lam-7.1.4/otb/lamcheckpoint/lamcheckpoint.c Examining data/lam-7.1.4/otb/kdump/kdump.c Examining data/lam-7.1.4/otb/loadgo/loadgo.c Examining data/lam-7.1.4/examples/romio/simple.c Examining data/lam-7.1.4/examples/hello/hello.c Examining data/lam-7.1.4/examples/hello/cxxhello.cc Examining data/lam-7.1.4/examples/fault/slave.c Examining data/lam-7.1.4/examples/fault/mandel.h Examining data/lam-7.1.4/examples/fault/master.c Examining data/lam-7.1.4/examples/alltoall/alltoall.c Examining data/lam-7.1.4/examples/topology/cxx_topology.cc Examining data/lam-7.1.4/examples/cxx/chapter_10_mpi2.cc Examining data/lam-7.1.4/examples/ring/cxxring.cc Examining data/lam-7.1.4/examples/ring/ring.c Examining data/lam-7.1.4/examples/mandelbrot/slave.c Examining data/lam-7.1.4/examples/mandelbrot/mandel.h Examining data/lam-7.1.4/examples/mandelbrot/master.c Examining data/lam-7.1.4/examples/trivial/ezstart.c Examining data/lam-7.1.4/examples/trivial/trivialc.c Examining data/lam-7.1.4/examples/pi/cxxpi.cc Examining data/lam-7.1.4/examples/pi/cpi.c Examining data/lam-7.1.4/share/tstdio/tfread.c Examining data/lam-7.1.4/share/tstdio/tfprint.c Examining data/lam-7.1.4/share/tstdio/tprint.c Examining data/lam-7.1.4/share/tstdio/tfputc.c Examining data/lam-7.1.4/share/tstdio/tfdopen.c Examining data/lam-7.1.4/share/tstdio/tfputs.c Examining data/lam-7.1.4/share/tstdio/getbuf.c Examining data/lam-7.1.4/share/tstdio/tscan.c Examining data/lam-7.1.4/share/tstdio/tfopen.c Examining data/lam-7.1.4/share/tstdio/tfgetc.c Examining data/lam-7.1.4/share/tstdio/tfscan.c Examining data/lam-7.1.4/share/tstdio/tfseek.c Examining data/lam-7.1.4/share/tstdio/tsetbuf.c Examining data/lam-7.1.4/share/tstdio/tfclose.c Examining data/lam-7.1.4/share/tstdio/tfgets.c Examining data/lam-7.1.4/share/tstdio/iomap.c Examining data/lam-7.1.4/share/tstdio/tfflush.c Examining data/lam-7.1.4/share/tstdio/tfwrite.c Examining data/lam-7.1.4/share/tstdio/_tiob.c Examining data/lam-7.1.4/share/nreq/bfiprobe.c Examining data/lam-7.1.4/share/nreq/nsend.c Examining data/lam-7.1.4/share/nreq/bfselect.c Examining data/lam-7.1.4/share/nreq/dsend.c Examining data/lam-7.1.4/share/nreq/drecv.c Examining data/lam-7.1.4/share/nreq/psend.c Examining data/lam-7.1.4/share/nreq/bfrecv.c Examining data/lam-7.1.4/share/nreq/nrecv.c Examining data/lam-7.1.4/share/nreq/precv.c Examining data/lam-7.1.4/share/nreq/dsfr.c Examining data/lam-7.1.4/share/nreq/trecv.c Examining data/lam-7.1.4/share/nreq/bfiselect.c Examining data/lam-7.1.4/share/nreq/tsend.c Examining data/lam-7.1.4/share/nreq/nprobe.c Examining data/lam-7.1.4/share/nreq/frecv.c Examining data/lam-7.1.4/share/rreq/rrsetsmart.c Examining data/lam-7.1.4/share/rreq/getsmart.c Examining data/lam-7.1.4/share/rreq/getnet.c Examining data/lam-7.1.4/share/rreq/getroute.c Examining data/lam-7.1.4/share/rreq/getnodes.c Examining data/lam-7.1.4/share/rreq/rrsetrents.c Examining data/lam-7.1.4/share/rreq/getrent.c Examining data/lam-7.1.4/share/include/kreq.h Examining data/lam-7.1.4/share/include/rpisys.h Examining data/lam-7.1.4/share/include/impid.h Examining data/lam-7.1.4/share/include/blktype.h Examining data/lam-7.1.4/share/include/lam_network.h Examining data/lam-7.1.4/share/include/FREQF.h Examining data/lam-7.1.4/share/include/lam-ssi.h Examining data/lam-7.1.4/share/include/lamdebug-cc.h Examining data/lam-7.1.4/share/include/events.h Examining data/lam-7.1.4/share/include/all_hash.h Examining data/lam-7.1.4/share/include/impid-cc.h Examining data/lam-7.1.4/share/include/args.h Examining data/lam-7.1.4/share/include/lam-ssi-boot.h Examining data/lam-7.1.4/share/include/pdi.h Examining data/lam-7.1.4/share/include/hostack_mgmt.h Examining data/lam-7.1.4/share/include/priority.h Examining data/lam-7.1.4/share/include/lam-ssi-cr.h Examining data/lam-7.1.4/share/include/app_mgmt.h Examining data/lam-7.1.4/share/include/flatreq.h Examining data/lam-7.1.4/share/include/longbuf_mgmt.h Examining data/lam-7.1.4/share/include/dl_inet.h Examining data/lam-7.1.4/share/include/t_types.h Examining data/lam-7.1.4/share/include/laminternal.h Examining data/lam-7.1.4/share/include/lam_config_bottom.h Examining data/lam-7.1.4/share/include/lreq.h Examining data/lam-7.1.4/share/include/rreq.h Examining data/lam-7.1.4/share/include/lam_ltdl.h Examining data/lam-7.1.4/share/include/NETF.h Examining data/lam-7.1.4/share/include/lam.h Examining data/lam-7.1.4/share/include/lammpithreads.h Examining data/lam-7.1.4/share/include/malloc_wrapper.h Examining data/lam-7.1.4/share/include/all_slist.h Examining data/lam-7.1.4/share/include/trreq.h Examining data/lam-7.1.4/share/include/all_list.h Examining data/lam-7.1.4/share/include/proc_schema.h Examining data/lam-7.1.4/share/include/mpisys.h Examining data/lam-7.1.4/share/include/freq.h Examining data/lam-7.1.4/share/include/packet_mgmt.h Examining data/lam-7.1.4/share/include/terror.h Examining data/lam-7.1.4/share/include/mpicxx.h Examining data/lam-7.1.4/share/include/net.h Examining data/lam-7.1.4/share/include/ereq.h Examining data/lam-7.1.4/share/include/mpi_apps.h Examining data/lam-7.1.4/share/include/preq.h Examining data/lam-7.1.4/share/include/ksignal.h Examining data/lam-7.1.4/share/include/vctable.h Examining data/lam-7.1.4/share/include/ndi.h Examining data/lam-7.1.4/share/include/typical.h Examining data/lam-7.1.4/share/include/impi.h Examining data/lam-7.1.4/share/include/boot.h Examining data/lam-7.1.4/share/include/lam-totalview.h Examining data/lam-7.1.4/share/include/lamthreads.h Examining data/lam-7.1.4/share/include/mpi.h Examining data/lam-7.1.4/share/include/req_mgmt.h Examining data/lam-7.1.4/share/include/all_array.h Examining data/lam-7.1.4/share/include/bfreq.h Examining data/lam-7.1.4/share/include/app_schema.h Examining data/lam-7.1.4/share/include/hreq.h Examining data/lam-7.1.4/share/include/all_queue.h Examining data/lam-7.1.4/share/include/vreq.h Examining data/lam-7.1.4/share/include/MPISYSF.h Examining data/lam-7.1.4/share/include/lam-ssi-coll.h Examining data/lam-7.1.4/share/include/mpi2cxx/pexception.h Examining data/lam-7.1.4/share/include/mpi2cxx/pgroup.h Examining data/lam-7.1.4/share/include/mpi2cxx/errhandler_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/constants.h Examining data/lam-7.1.4/share/include/mpi2cxx/pgroup_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/group_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/mpi2cxx_list.h Examining data/lam-7.1.4/share/include/mpi2cxx/file.h Examining data/lam-7.1.4/share/include/mpi2cxx/ptopology.h Examining data/lam-7.1.4/share/include/mpi2cxx/prequest_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/pstatus.h Examining data/lam-7.1.4/share/include/mpi2cxx/intracomm.h Examining data/lam-7.1.4/share/include/mpi2cxx/info.h Examining data/lam-7.1.4/share/include/mpi2cxx/intracomm_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/datatype_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/pstatus_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/topology_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/pfile.h Examining data/lam-7.1.4/share/include/mpi2cxx/pop.h Examining data/lam-7.1.4/share/include/mpi2cxx/pinfo.h Examining data/lam-7.1.4/share/include/mpi2cxx/status.h Examining data/lam-7.1.4/share/include/mpi2cxx/errhandler.h Examining data/lam-7.1.4/share/include/mpi2cxx/win.h Examining data/lam-7.1.4/share/include/mpi2cxx/group.h Examining data/lam-7.1.4/share/include/mpi2cxx/info_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/intercomm.h Examining data/lam-7.1.4/share/include/mpi2cxx/intercomm_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/pintracomm.h Examining data/lam-7.1.4/share/include/mpi2cxx/prequest.h Examining data/lam-7.1.4/share/include/mpi2cxx/op.h Examining data/lam-7.1.4/share/include/mpi2cxx/functions_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/pcomm.h Examining data/lam-7.1.4/share/include/mpi2cxx/file_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/pintercomm.h Examining data/lam-7.1.4/share/include/mpi2cxx/mpi2cxx_map.h Examining data/lam-7.1.4/share/include/mpi2cxx/pop_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/op_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/topology.h Examining data/lam-7.1.4/share/include/mpi2cxx/datatype.h Examining data/lam-7.1.4/share/include/mpi2cxx/win_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/request.h Examining data/lam-7.1.4/share/include/mpi2cxx/pmpicxx.h Examining data/lam-7.1.4/share/include/mpi2cxx/comm_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/exception.h Examining data/lam-7.1.4/share/include/mpi2cxx/status_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/pwin.h Examining data/lam-7.1.4/share/include/mpi2cxx/comm.h Examining data/lam-7.1.4/share/include/mpi2cxx/perrhandler.h Examining data/lam-7.1.4/share/include/mpi2cxx/request_inln.h Examining data/lam-7.1.4/share/include/mpi2cxx/functions.h Examining data/lam-7.1.4/share/include/mpi2cxx/pdatatype.h Examining data/lam-7.1.4/share/include/tstdio.h Examining data/lam-7.1.4/share/include/lamwrap.h Examining data/lam-7.1.4/share/include/mpitrace.h Examining data/lam-7.1.4/share/include/all_opt.h Examining data/lam-7.1.4/share/include/ktrace.h Examining data/lam-7.1.4/share/include/kio.h Examining data/lam-7.1.4/share/include/etc_misc.h Examining data/lam-7.1.4/share/include/lamnet.h Examining data/lam-7.1.4/share/include/impi-defs.h Examining data/lam-7.1.4/share/include/lam_ksignal.h Examining data/lam-7.1.4/share/include/lamdebug.h Examining data/lam-7.1.4/share/include/mpi_types.h Examining data/lam-7.1.4/share/include/lam-ssi-rpi.h Examining data/lam-7.1.4/share/include/portable.h Examining data/lam-7.1.4/share/include/sfh.h Examining data/lam-7.1.4/share/totalview/src/dll_lam.c Examining data/lam-7.1.4/share/totalview/src/mpi_interface.h Examining data/lam-7.1.4/share/totalview/src/lam_dll_defs.h Examining data/lam-7.1.4/share/memory/memory_hook.c Examining data/lam-7.1.4/share/memory/darwin7/scalable_malloc.h Examining data/lam-7.1.4/share/memory/darwin7/pthread_machdep.h Examining data/lam-7.1.4/share/memory/darwin7/pthread_spinlock.h Examining data/lam-7.1.4/share/memory/darwin7/scalable_malloc.c Examining data/lam-7.1.4/share/memory/ptmalloc/t-test1.c Examining data/lam-7.1.4/share/memory/ptmalloc/munmap_wrapper.c Examining data/lam-7.1.4/share/memory/ptmalloc/thread-m.h Examining data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.c Examining data/lam-7.1.4/share/memory/ptmalloc/lran2.h Examining data/lam-7.1.4/share/memory/ptmalloc/t-test.h Examining data/lam-7.1.4/share/memory/ptmalloc/ptmalloc_hook.c Examining data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.h Examining data/lam-7.1.4/share/memory/ptmalloc/t-test2.c Examining data/lam-7.1.4/share/memory/ptmalloc2/tst-mallocstate.c Examining data/lam-7.1.4/share/memory/ptmalloc2/t-test1.c Examining data/lam-7.1.4/share/memory/ptmalloc2/thread-m.h Examining data/lam-7.1.4/share/memory/ptmalloc2/arena.c Examining data/lam-7.1.4/share/memory/ptmalloc2/lran2.h Examining data/lam-7.1.4/share/memory/ptmalloc2/t-test.h Examining data/lam-7.1.4/share/memory/ptmalloc2/thread-st.h Examining data/lam-7.1.4/share/memory/ptmalloc2/hooks.c Examining data/lam-7.1.4/share/memory/ptmalloc2/malloc.h Examining data/lam-7.1.4/share/memory/ptmalloc2/lam_ptmalloc2_hook.c Examining data/lam-7.1.4/share/memory/ptmalloc2/t-test2.c Examining data/lam-7.1.4/share/memory/ptmalloc2/malloc.c Examining data/lam-7.1.4/share/kreq/kstate.c Examining data/lam-7.1.4/share/kreq/kattach.c Examining data/lam-7.1.4/share/kreq/ksend.c Examining data/lam-7.1.4/share/kreq/ksignal.c Examining data/lam-7.1.4/share/kreq/krecv.c Examining data/lam-7.1.4/share/kreq/clientio.c Examining data/lam-7.1.4/share/kreq/kdoom.c Examining data/lam-7.1.4/share/kreq/kexit.c Examining data/lam-7.1.4/share/kreq/couter.c Examining data/lam-7.1.4/share/kreq/ksr.c Examining data/lam-7.1.4/share/kreq/kenter.c Examining data/lam-7.1.4/share/kreq/kcreate.c Examining data/lam-7.1.4/share/kreq/ktrace.c Examining data/lam-7.1.4/share/kreq/kinit.c Examining data/lam-7.1.4/share/kreq/kdetach.c Examining data/lam-7.1.4/share/freq/rfsimplex.c Examining data/lam-7.1.4/share/freq/rfrename.c Examining data/lam-7.1.4/share/freq/rfstat.c Examining data/lam-7.1.4/share/freq/rflseek.c Examining data/lam-7.1.4/share/freq/lfopenfd.c Examining data/lam-7.1.4/share/freq/rf77.c Examining data/lam-7.1.4/share/freq/rfpathfind.c Examining data/lam-7.1.4/share/freq/rfaux.c Examining data/lam-7.1.4/share/freq/rfwrite.c Examining data/lam-7.1.4/share/freq/rfread.c Examining data/lam-7.1.4/share/freq/rfclose.c Examining data/lam-7.1.4/share/freq/rfopen.c Examining data/lam-7.1.4/share/freq/rfatexit.c Examining data/lam-7.1.4/share/freq/rfstate.c Examining data/lam-7.1.4/share/args/ndi_parse.c Examining data/lam-7.1.4/share/args/all_opt.c Examining data/lam-7.1.4/share/args/pdi_parse.c Examining data/lam-7.1.4/share/args/parse_id.c Examining data/lam-7.1.4/share/args/ndi_resolve.c Examining data/lam-7.1.4/share/args/all_argv.c Examining data/lam-7.1.4/share/args/do_args.c Examining data/lam-7.1.4/share/etc/nmsgconv.c Examining data/lam-7.1.4/share/etc/ieee.c Examining data/lam-7.1.4/share/etc/show_help.c Examining data/lam-7.1.4/share/etc/get_ncpus.c Examining data/lam-7.1.4/share/etc/rev.c Examining data/lam-7.1.4/share/etc/ttime.c Examining data/lam-7.1.4/share/etc/mpitr_dtype.c Examining data/lam-7.1.4/share/etc/all_list.c Examining data/lam-7.1.4/share/etc/T.c Examining data/lam-7.1.4/share/etc/all_queue.c Examining data/lam-7.1.4/share/etc/lamcommdebug.c Examining data/lam-7.1.4/share/etc/getworkdir.c Examining data/lam-7.1.4/share/etc/snprintf.c Examining data/lam-7.1.4/share/etc/ldtimer.c Examining data/lam-7.1.4/share/etc/pathsearch.c Examining data/lam-7.1.4/share/etc/all_squeue.c Examining data/lam-7.1.4/share/etc/mpitr_com.c Examining data/lam-7.1.4/share/etc/terror.c Examining data/lam-7.1.4/share/etc/fail.c Examining data/lam-7.1.4/share/etc/show_version.c Examining data/lam-7.1.4/share/etc/mpiformout.c Examining data/lam-7.1.4/share/etc/lamdebug.c Examining data/lam-7.1.4/share/etc/all_slist.c Examining data/lam-7.1.4/share/etc/all_shash.c Examining data/lam-7.1.4/share/etc/mrw.c Examining data/lam-7.1.4/share/etc/fork.c Examining data/lam-7.1.4/share/etc/blktype.c Examining data/lam-7.1.4/share/etc/trdrain_mpi.c Examining data/lam-7.1.4/share/etc/registry.c Examining data/lam-7.1.4/share/etc/combine.c Examining data/lam-7.1.4/share/etc/getinetaddr.c Examining data/lam-7.1.4/share/etc/prime.c Examining data/lam-7.1.4/share/etc/memucmp.c Examining data/lam-7.1.4/share/etc/vctable.c Examining data/lam-7.1.4/share/etc/itoa.c Examining data/lam-7.1.4/share/etc/lamlog.c Examining data/lam-7.1.4/share/etc/kiproc.c Examining data/lam-7.1.4/share/etc/atos.c Examining data/lam-7.1.4/share/etc/lamunix.c Examining data/lam-7.1.4/share/etc/lam_gethostby.c Examining data/lam-7.1.4/share/etc/pty.c Examining data/lam-7.1.4/share/etc/kill.c Examining data/lam-7.1.4/share/etc/f2cstring.c Examining data/lam-7.1.4/share/etc/microsleep.c Examining data/lam-7.1.4/share/etc/lam_gethostname.c Examining data/lam-7.1.4/share/etc/nodespin.c Examining data/lam-7.1.4/share/etc/all_array.c Examining data/lam-7.1.4/share/etc/lam_getpid.c Examining data/lam-7.1.4/share/etc/vsnprintf.c Examining data/lam-7.1.4/share/etc/mempool.c Examining data/lam-7.1.4/share/etc/strncpy.c Examining data/lam-7.1.4/share/etc/mpitr_dtprint.c Examining data/lam-7.1.4/share/etc/srfd.c Examining data/lam-7.1.4/share/etc/stoi.c Examining data/lam-7.1.4/share/etc/bootsockio.c Examining data/lam-7.1.4/share/etc/socket.c Examining data/lam-7.1.4/share/etc/few.c Examining data/lam-7.1.4/share/etc/all_hash.c Examining data/lam-7.1.4/share/etc/panic.c Examining data/lam-7.1.4/share/impi/iattr.c Examining data/lam-7.1.4/share/impi/iabort.c Examining data/lam-7.1.4/share/impi/regsyncack.c Examining data/lam-7.1.4/share/impi/ilsend.c Examining data/lam-7.1.4/share/impi/iinit.c Examining data/lam-7.1.4/share/impi/lamgiappe.c Examining data/lam-7.1.4/share/impi/regdatasyncinit.c Examining data/lam-7.1.4/share/impi/regsyncackinit.c Examining data/lam-7.1.4/share/impi/imk_dtype.c Examining data/lam-7.1.4/share/impi/ilisend.c Examining data/lam-7.1.4/share/impi/datasyncack.c Examining data/lam-7.1.4/share/impi/ilisendinit.c Examining data/lam-7.1.4/share/impi/regdatasync.c Examining data/lam-7.1.4/share/impi/ireduce.c Examining data/lam-7.1.4/share/impi/ihelpers.c Examining data/lam-7.1.4/share/impi/ifree_dtype.c Examining data/lam-7.1.4/share/impi/ifinalize.c Examining data/lam-7.1.4/share/libltdl/ltdl.h Examining data/lam-7.1.4/share/libltdl/ltdl.c Examining data/lam-7.1.4/share/boot/deallocate.c Examining data/lam-7.1.4/share/boot/asc_parse.c Examining data/lam-7.1.4/share/boot/asc_run.c Examining data/lam-7.1.4/share/boot/app_mgmt.c Examining data/lam-7.1.4/share/boot/hbootparse.c Examining data/lam-7.1.4/share/boot/proc_schema.c Examining data/lam-7.1.4/share/boot/asc_workdir.c Examining data/lam-7.1.4/share/boot/lamnet.c Examining data/lam-7.1.4/share/boot/bhostparse.c Examining data/lam-7.1.4/share/boot/asc_schedule.c Examining data/lam-7.1.4/share/trillium/rbfsweep.c Examining data/lam-7.1.4/share/trillium/rflat.c Examining data/lam-7.1.4/share/trillium/ldolinks.c Examining data/lam-7.1.4/share/trillium/rversion.c Examining data/lam-7.1.4/share/trillium/recho.c Examining data/lam-7.1.4/share/trillium/rbfstate.c Examining data/lam-7.1.4/share/trillium/rploadgo.c Examining data/lam-7.1.4/share/trillium/rtrsimplex.c Examining data/lam-7.1.4/share/trillium/lpdetach.c Examining data/lam-7.1.4/share/trillium/rflclean.c Examining data/lam-7.1.4/share/trillium/rpgo.c Examining data/lam-7.1.4/share/trillium/rget.c Examining data/lam-7.1.4/share/trillium/rpwait.c Examining data/lam-7.1.4/share/trillium/rhreq.c Examining data/lam-7.1.4/share/trillium/rtrget.c Examining data/lam-7.1.4/share/trillium/rbfparms.c Examining data/lam-7.1.4/share/trillium/rpcreate.c Examining data/lam-7.1.4/share/trillium/rbfwipe.c Examining data/lam-7.1.4/share/trillium/rpspawn.c Examining data/lam-7.1.4/share/trillium/lpattach.c Examining data/lam-7.1.4/share/trillium/rbfsweep1.c Examining data/lam-7.1.4/share/trillium/rpstate.c Examining data/lam-7.1.4/share/trillium/rpdoom.c Examining data/lam-7.1.4/share/trillium/rtrfget.c Examining data/lam-7.1.4/share/trillium/TRIL.c Examining data/lam-7.1.4/share/trillium/rtrstore.c Examining data/lam-7.1.4/share/trillium/rtrname.c Examining data/lam-7.1.4/share/trillium/lioattach.c Examining data/lam-7.1.4/share/trillium/rload.c Examining data/lam-7.1.4/share/trillium/rbflook.c Examining data/lam-7.1.4/share/mpi/f77/recv_f.c Examining data/lam-7.1.4/share/mpi/f77/waitsome_f.c Examining data/lam-7.1.4/share/mpi/f77/cartrank_f.c Examining data/lam-7.1.4/share/mpi/f77/gfree_f.c Examining data/lam-7.1.4/share/mpi/f77/wpost_f.c Examining data/lam-7.1.4/share/mpi/f77/cseterr_f.c Examining data/lam-7.1.4/share/mpi/f77/graphdimsget_f.c Examining data/lam-7.1.4/share/mpi/f77/testany_f.c Examining data/lam-7.1.4/share/mpi/f77/graphcreate_f.c Examining data/lam-7.1.4/share/mpi/f77/csetattr_f.c Examining data/lam-7.1.4/share/mpi/f77/tgetconts_f.c Examining data/lam-7.1.4/share/mpi/f77/tcontig_f.c Examining data/lam-7.1.4/share/mpi/f77/gather_f.c Examining data/lam-7.1.4/share/mpi/f77/tstruct_f.c Examining data/lam-7.1.4/share/mpi/f77/getcount_f.c Examining data/lam-7.1.4/share/mpi/f77/accumulate_f.c Examining data/lam-7.1.4/share/mpi/f77/namepub_f.c Examining data/lam-7.1.4/share/mpi/f77/isthrmain_f.c Examining data/lam-7.1.4/share/mpi/f77/testcancel_f.c Examining data/lam-7.1.4/share/mpi/f77/csize_f.c Examining data/lam-7.1.4/share/mpi/f77/wgetattr_f.c Examining data/lam-7.1.4/share/mpi/f77/sendrecvrep_f.c Examining data/lam-7.1.4/share/mpi/f77/bsendinit_f.c Examining data/lam-7.1.4/share/mpi/f77/gdiff_f.c Examining data/lam-7.1.4/share/mpi/f77/iprobe_f.c Examining data/lam-7.1.4/share/mpi/f77/crgroup_f.c Examining data/lam-7.1.4/share/mpi/f77/alltoall_f.c Examining data/lam-7.1.4/share/mpi/f77/tsize_f.c Examining data/lam-7.1.4/share/mpi/f77/pack_f.c Examining data/lam-7.1.4/share/mpi/f77/mpil_trace_f.c Examining data/lam-7.1.4/share/mpi/f77/reduce_f.c Examining data/lam-7.1.4/share/mpi/f77/tcreatestruct_f.c Examining data/lam-7.1.4/share/mpi/f77/wtime_f.c Examining data/lam-7.1.4/share/mpi/f77/startall_f.c Examining data/lam-7.1.4/share/mpi/f77/tsetattr_f.c Examining data/lam-7.1.4/share/mpi/f77/errstring_f.c Examining data/lam-7.1.4/share/mpi/f77/graphget_f.c Examining data/lam-7.1.4/share/mpi/f77/cdup_f.c Examining data/lam-7.1.4/share/mpi/f77/tcreatehvector_f.c Examining data/lam-7.1.4/share/mpi/f77/start_f.c Examining data/lam-7.1.4/share/mpi/f77/gtranks_f.c Examining data/lam-7.1.4/share/mpi/f77/topotest_f.c Examining data/lam-7.1.4/share/mpi/f77/infofree_f.c Examining data/lam-7.1.4/share/mpi/f77/iccreate_f.c Examining data/lam-7.1.4/share/mpi/f77/tsetname_f.c Examining data/lam-7.1.4/share/mpi/f77/csetname_f.c Examining data/lam-7.1.4/share/mpi/f77/allreduce_f.c Examining data/lam-7.1.4/share/mpi/f77/icmerge_f.c Examining data/lam-7.1.4/share/mpi/f77/freemem_f.c Examining data/lam-7.1.4/share/mpi/f77/ssendinit_f.c Examining data/lam-7.1.4/share/mpi/f77/attrget_f.c Examining data/lam-7.1.4/share/mpi/f77/errclass_f.c Examining data/lam-7.1.4/share/mpi/f77/wsetattr_f.c Examining data/lam-7.1.4/share/mpi/f77/alltoallw_f.c Examining data/lam-7.1.4/share/mpi/f77/wtick_f.c Examining data/lam-7.1.4/share/mpi/f77/gcmp_f.c Examining data/lam-7.1.4/share/mpi/f77/tdarray_f.c Examining data/lam-7.1.4/share/mpi/f77/wlock_f.c Examining data/lam-7.1.4/share/mpi/f77/sendinit_f.c Examining data/lam-7.1.4/share/mpi/f77/cgeterr_f.c Examining data/lam-7.1.4/share/mpi/f77/issend_f.c Examining data/lam-7.1.4/share/mpi/f77/cgetattr_f.c Examining data/lam-7.1.4/share/mpi/f77/wgetname_f.c Examining data/lam-7.1.4/share/mpi/f77/crank_f.c Examining data/lam-7.1.4/share/mpi/f77/tfreekey_f.c Examining data/lam-7.1.4/share/mpi/f77/bufdetach_f.c Examining data/lam-7.1.4/share/mpi/f77/graphmap_f.c Examining data/lam-7.1.4/share/mpi/f77/initthr_f.c Examining data/lam-7.1.4/share/mpi/f77/crsize_f.c Examining data/lam-7.1.4/share/mpi/f77/cartcoords_f.c Examining data/lam-7.1.4/share/mpi/f77/wfence_f.c Examining data/lam-7.1.4/share/mpi/f77/grank_f.c Examining data/lam-7.1.4/share/mpi/f77/getelem_f.c Examining data/lam-7.1.4/share/mpi/f77/tsubarray_f.c Examining data/lam-7.1.4/share/mpi/f77/address_f.c Examining data/lam-7.1.4/share/mpi/f77/ccmp_f.c Examining data/lam-7.1.4/share/mpi/f77/wcreatekey_f.c Examining data/lam-7.1.4/share/mpi/f77/getaddress_f.c Examining data/lam-7.1.4/share/mpi/f77/cgetparent_f.c Examining data/lam-7.1.4/share/mpi/f77/spawn_f.c Examining data/lam-7.1.4/share/mpi/f77/graphnbrcount_f.c Examining data/lam-7.1.4/share/mpi/f77/waitany_f.c Examining data/lam-7.1.4/share/mpi/f77/opcreate_f.c Examining data/lam-7.1.4/share/mpi/f77/isend_f.c Examining data/lam-7.1.4/share/mpi/f77/tgetname_f.c Examining data/lam-7.1.4/share/mpi/f77/tcommit_f.c Examining data/lam-7.1.4/share/mpi/f77/allgatherv_f.c Examining data/lam-7.1.4/share/mpi/f77/spawnmult_f.c Examining data/lam-7.1.4/share/mpi/f77/accept_f.c Examining data/lam-7.1.4/share/mpi/f77/tub_f.c Examining data/lam-7.1.4/share/mpi/f77/rsend_f.c Examining data/lam-7.1.4/share/mpi/f77/tgetextent_f.c Examining data/lam-7.1.4/share/mpi/f77/ccreatekey_f.c Examining data/lam-7.1.4/share/mpi/f77/tindex_f.c Examining data/lam-7.1.4/share/mpi/f77/infoget_f.c Examining data/lam-7.1.4/share/mpi/f77/xcoloron_f.c Examining data/lam-7.1.4/share/mpi/f77/errset_f.c Examining data/lam-7.1.4/share/mpi/f77/xcoloroff_f.c Examining data/lam-7.1.4/share/mpi/f77/rsendinit_f.c Examining data/lam-7.1.4/share/mpi/f77/test_f.c Examining data/lam-7.1.4/share/mpi/f77/allocmem_f.c Examining data/lam-7.1.4/share/mpi/f77/infogetvlen_f.c Examining data/lam-7.1.4/share/mpi/f77/tfree_f.c Examining data/lam-7.1.4/share/mpi/f77/gunion_f.c Examining data/lam-7.1.4/share/mpi/f77/tresize_f.c Examining data/lam-7.1.4/share/mpi/f77/bufattach_f.c Examining data/lam-7.1.4/share/mpi/f77/cartdimget_f.c Examining data/lam-7.1.4/share/mpi/f77/tgettrue_f.c Examining data/lam-7.1.4/share/mpi/f77/wunlock_f.c Examining data/lam-7.1.4/share/mpi/f77/ccreateerr_f.c Examining data/lam-7.1.4/share/mpi/f77/errfree_f.c Examining data/lam-7.1.4/share/mpi/f77/infogetnth_f.c Examining data/lam-7.1.4/share/mpi/f77/reqfree_f.c Examining data/lam-7.1.4/share/mpi/f77/cdisconnect_f.c Examining data/lam-7.1.4/share/mpi/f77/gsize_f.c Examining data/lam-7.1.4/share/mpi/f77/tcreatehindex_f.c Examining data/lam-7.1.4/share/mpi/f77/getprocname_f.c Examining data/lam-7.1.4/share/mpi/f77/wseterr_f.c Examining data/lam-7.1.4/share/mpi/f77/pcontrol_f.c Examining data/lam-7.1.4/share/mpi/f77/wcreate_f.c Examining data/lam-7.1.4/share/mpi/f77/thindex_f.c Examining data/lam-7.1.4/share/mpi/f77/namelook_f.c Examining data/lam-7.1.4/share/mpi/f77/wfree_f.c Examining data/lam-7.1.4/share/mpi/f77/gincl_f.c Examining data/lam-7.1.4/share/mpi/f77/ibsend_f.c Examining data/lam-7.1.4/share/mpi/f77/probe_f.c Examining data/lam-7.1.4/share/mpi/f77/testsome_f.c Examining data/lam-7.1.4/share/mpi/f77/attrput_f.c Examining data/lam-7.1.4/share/mpi/f77/infoset_f.c Examining data/lam-7.1.4/share/mpi/f77/mpil_signal_f.c Examining data/lam-7.1.4/share/mpi/f77/ssend_f.c Examining data/lam-7.1.4/share/mpi/f77/tlb_f.c Examining data/lam-7.1.4/share/mpi/f77/ctestinter_f.c Examining data/lam-7.1.4/share/mpi/f77/tcreatekey_f.c Examining data/lam-7.1.4/share/mpi/f77/textent_f.c Examining data/lam-7.1.4/share/mpi/f77/infodup_f.c Examining data/lam-7.1.4/share/mpi/f77/wgroup_f.c Examining data/lam-7.1.4/share/mpi/f77/cgroup_f.c Examining data/lam-7.1.4/share/mpi/f77/keyfree_f.c Examining data/lam-7.1.4/share/mpi/f77/wdelattr_f.c Examining data/lam-7.1.4/share/mpi/f77/wfreekey_f.c Examining data/lam-7.1.4/share/mpi/f77/allgather_f.c Examining data/lam-7.1.4/share/mpi/f77/tvector_f.c Examining data/lam-7.1.4/share/mpi/f77/wcreateerr_f.c Examining data/lam-7.1.4/share/mpi/f77/portopen_f.c Examining data/lam-7.1.4/share/mpi/f77/infodel_f.c Examining data/lam-7.1.4/share/mpi/f77/unpack_f.c Examining data/lam-7.1.4/share/mpi/f77/finalized_f.c Examining data/lam-7.1.4/share/mpi/f77/portclose_f.c Examining data/lam-7.1.4/share/mpi/f77/tdelattr_f.c Examining data/lam-7.1.4/share/mpi/f77/alltoallv_f.c Examining data/lam-7.1.4/share/mpi/f77/send_f.c Examining data/lam-7.1.4/share/mpi/f77/getversion_f.c Examining data/lam-7.1.4/share/mpi/f77/irsend_f.c Examining data/lam-7.1.4/share/mpi/f77/cfreekey_f.c Examining data/lam-7.1.4/share/mpi/f77/gexcl_f.c Examining data/lam-7.1.4/share/mpi/f77/waitall_f.c Examining data/lam-7.1.4/share/mpi/f77/attrdel_f.c Examining data/lam-7.1.4/share/mpi/f77/recvinit_f.c Examining data/lam-7.1.4/share/mpi/f77/nameunpub_f.c Examining data/lam-7.1.4/share/mpi/f77/bcast_f.c Examining data/lam-7.1.4/share/mpi/f77/bsend_f.c Examining data/lam-7.1.4/share/mpi/f77/inited_f.c Examining data/lam-7.1.4/share/mpi/f77/irecv_f.c Examining data/lam-7.1.4/share/mpi/f77/get_f.c Examining data/lam-7.1.4/share/mpi/f77/testall_f.c Examining data/lam-7.1.4/share/mpi/f77/wcallerr_f.c Examining data/lam-7.1.4/share/mpi/f77/init_f.c Examining data/lam-7.1.4/share/mpi/f77/wtest_f.c Examining data/lam-7.1.4/share/mpi/f77/dupfn_f.c Examining data/lam-7.1.4/share/mpi/f77/wait_f.c Examining data/lam-7.1.4/share/mpi/f77/cartsub_f.c Examining data/lam-7.1.4/share/mpi/f77/graphnbr_f.c Examining data/lam-7.1.4/share/mpi/f77/scatterv_f.c Examining data/lam-7.1.4/share/mpi/f77/wgeterr_f.c Examining data/lam-7.1.4/share/mpi/f77/finalize_f.c Examining data/lam-7.1.4/share/mpi/f77/dimscreate_f.c Examining data/lam-7.1.4/share/mpi/f77/grincl_f.c Examining data/lam-7.1.4/share/mpi/f77/cartshift_f.c Examining data/lam-7.1.4/share/mpi/f77/connect_f.c Examining data/lam-7.1.4/share/mpi/f77/csplit_f.c Examining data/lam-7.1.4/share/mpi/f77/scan_f.c Examining data/lam-7.1.4/share/mpi/f77/tdup_f.c Examining data/lam-7.1.4/share/mpi/f77/barrier_f.c Examining data/lam-7.1.4/share/mpi/f77/keycreate_f.c Examining data/lam-7.1.4/share/mpi/f77/opfree_f.c Examining data/lam-7.1.4/share/mpi/f77/join_f.c Examining data/lam-7.1.4/share/mpi/f77/grexcl_f.c Examining data/lam-7.1.4/share/mpi/f77/errcreate_f.c Examining data/lam-7.1.4/share/mpi/f77/ginter_f.c Examining data/lam-7.1.4/share/mpi/f77/gatherv_f.c Examining data/lam-7.1.4/share/mpi/f77/xbuoy_f.c Examining data/lam-7.1.4/share/mpi/f77/abort_f.c Examining data/lam-7.1.4/share/mpi/f77/exscan_f.c Examining data/lam-7.1.4/share/mpi/f77/tgetenvl_f.c Examining data/lam-7.1.4/share/mpi/f77/reducescatter_f.c Examining data/lam-7.1.4/share/mpi/f77/infogetnkeys_f.c Examining data/lam-7.1.4/share/mpi/f77/packsize_f.c Examining data/lam-7.1.4/share/mpi/f77/cdelattr_f.c Examining data/lam-7.1.4/share/mpi/f77/wcomplete_f.c Examining data/lam-7.1.4/share/mpi/f77/wwait_f.c Examining data/lam-7.1.4/share/mpi/f77/ccreate_f.c Examining data/lam-7.1.4/share/mpi/f77/tgetattr_f.c Examining data/lam-7.1.4/share/mpi/f77/wsetname_f.c Examining data/lam-7.1.4/share/mpi/f77/cartget_f.c Examining data/lam-7.1.4/share/mpi/f77/mpil_id_f.c Examining data/lam-7.1.4/share/mpi/f77/scatter_f.c Examining data/lam-7.1.4/share/mpi/f77/cartcreate_f.c Examining data/lam-7.1.4/share/mpi/f77/cancel_f.c Examining data/lam-7.1.4/share/mpi/f77/cartmap_f.c Examining data/lam-7.1.4/share/mpi/f77/wstart_f.c Examining data/lam-7.1.4/share/mpi/f77/sendrecv_f.c Examining data/lam-7.1.4/share/mpi/f77/thvector_f.c Examining data/lam-7.1.4/share/mpi/f77/cfree_f.c Examining data/lam-7.1.4/share/mpi/f77/querythr_f.c Examining data/lam-7.1.4/share/mpi/f77/infocreate_f.c Examining data/lam-7.1.4/share/mpi/f77/errget_f.c Examining data/lam-7.1.4/share/mpi/f77/cgetname_f.c Examining data/lam-7.1.4/share/mpi/f77/put_f.c Examining data/lam-7.1.4/share/mpi/tfreekey.c Examining data/lam-7.1.4/share/mpi/tsetattr.c Examining data/lam-7.1.4/share/mpi/tfree.c Examining data/lam-7.1.4/share/mpi/lammisc.c Examining data/lam-7.1.4/share/mpi/iprobe.c Examining data/lam-7.1.4/share/mpi/crsize.c Examining data/lam-7.1.4/share/mpi/icmerge.c Examining data/lam-7.1.4/share/mpi/tgetextent.c Examining data/lam-7.1.4/share/mpi/tcreatehvector.c Examining data/lam-7.1.4/share/mpi/wsetattr.c Examining data/lam-7.1.4/share/mpi/lamtest.c Examining data/lam-7.1.4/share/mpi/testcancel.c Examining data/lam-7.1.4/share/mpi/portopen.c Examining data/lam-7.1.4/share/mpi/alltoallv.c Examining data/lam-7.1.4/share/mpi/wcreate.c Examining data/lam-7.1.4/share/mpi/gather.c Examining data/lam-7.1.4/share/mpi/lamdtype.c Examining data/lam-7.1.4/share/mpi/attrdel.c Examining data/lam-7.1.4/share/mpi/totalview/types.c Examining data/lam-7.1.4/share/mpi/exscan.c Examining data/lam-7.1.4/share/mpi/gcmp.c Examining data/lam-7.1.4/share/mpi/attrput.c Examining data/lam-7.1.4/share/mpi/gfree.c Examining data/lam-7.1.4/share/mpi/lamclocks.c Examining data/lam-7.1.4/share/mpi/freemem.c Examining data/lam-7.1.4/share/mpi/irsend.c Examining data/lam-7.1.4/share/mpi/ginter.c Examining data/lam-7.1.4/share/mpi/tindex.c Examining data/lam-7.1.4/share/mpi/graphget.c Examining data/lam-7.1.4/share/mpi/cartmap.c Examining data/lam-7.1.4/share/mpi/test.c Examining data/lam-7.1.4/share/mpi/tgetenvl.c Examining data/lam-7.1.4/share/mpi/inited.c Examining data/lam-7.1.4/share/mpi/tgetconts.c Examining data/lam-7.1.4/share/mpi/xcoloroff.c Examining data/lam-7.1.4/share/mpi/probe.c Examining data/lam-7.1.4/share/mpi/portclose.c Examining data/lam-7.1.4/share/mpi/cartshift.c Examining data/lam-7.1.4/share/mpi/xbuoy.c Examining data/lam-7.1.4/share/mpi/wait.c Examining data/lam-7.1.4/share/mpi/lamtrace.c Examining data/lam-7.1.4/share/mpi/irecv.c Examining data/lam-7.1.4/share/mpi/cfree.c Examining data/lam-7.1.4/share/mpi/alltoall.c Examining data/lam-7.1.4/share/mpi/recv.c Examining data/lam-7.1.4/share/mpi/bsend.c Examining data/lam-7.1.4/share/mpi/csetname.c Examining data/lam-7.1.4/share/mpi/wfence.c Examining data/lam-7.1.4/share/mpi/cgetattr.c Examining data/lam-7.1.4/share/mpi/wpost.c Examining data/lam-7.1.4/share/mpi/lamthreads.c Examining data/lam-7.1.4/share/mpi/cgeterr.c Examining data/lam-7.1.4/share/mpi/liblam-mpietc.c Examining data/lam-7.1.4/share/mpi/lamapps.c Examining data/lam-7.1.4/share/mpi/lamnbarrier.c Examining data/lam-7.1.4/share/mpi/allgatherv.c Examining data/lam-7.1.4/share/mpi/put.c Examining data/lam-7.1.4/share/mpi/wlock.c Examining data/lam-7.1.4/share/mpi/tgetattr.c Examining data/lam-7.1.4/share/mpi/wgetattr.c Examining data/lam-7.1.4/share/mpi/tdelattr.c Examining data/lam-7.1.4/share/mpi/wfreekey.c Examining data/lam-7.1.4/share/mpi/allreduce.c Examining data/lam-7.1.4/share/mpi/ccreate.c Examining data/lam-7.1.4/share/mpi/gatherv.c Examining data/lam-7.1.4/share/mpi/tlb.c Examining data/lam-7.1.4/share/mpi/tstruct.c Examining data/lam-7.1.4/share/mpi/wgroup.c Examining data/lam-7.1.4/share/mpi/testany.c Examining data/lam-7.1.4/share/mpi/tgettrue.c Examining data/lam-7.1.4/share/mpi/cartsub.c Examining data/lam-7.1.4/share/mpi/keycreate.c Examining data/lam-7.1.4/share/mpi/grank.c Examining data/lam-7.1.4/share/mpi/sendinit.c Examining data/lam-7.1.4/share/mpi/sendrecv.c Examining data/lam-7.1.4/share/mpi/getcount.c Examining data/lam-7.1.4/share/mpi/gincl.c Examining data/lam-7.1.4/share/mpi/lammpiinit.c Examining data/lam-7.1.4/share/mpi/scatterv.c Examining data/lam-7.1.4/share/mpi/init.c Examining data/lam-7.1.4/share/mpi/infofree.c Examining data/lam-7.1.4/share/mpi/address.c Examining data/lam-7.1.4/share/mpi/graphdimsget.c Examining data/lam-7.1.4/share/mpi/isthrmain.c Examining data/lam-7.1.4/share/mpi/errstring.c Examining data/lam-7.1.4/share/mpi/tsetname.c Examining data/lam-7.1.4/share/mpi/spawn.c Examining data/lam-7.1.4/share/mpi/errget.c Examining data/lam-7.1.4/share/mpi/lamonesided.c Examining data/lam-7.1.4/share/mpi/mpil_rgetname.c Examining data/lam-7.1.4/share/mpi/csetattr.c Examining data/lam-7.1.4/share/mpi/pack.c Examining data/lam-7.1.4/share/mpi/opfree.c Examining data/lam-7.1.4/share/mpi/cartcreate.c Examining data/lam-7.1.4/share/mpi/connect.c Examining data/lam-7.1.4/share/mpi/testsome.c Examining data/lam-7.1.4/share/mpi/ccreateerr.c Examining data/lam-7.1.4/share/mpi/graphmap.c Examining data/lam-7.1.4/share/mpi/wgeterr.c Examining data/lam-7.1.4/share/mpi/infodup.c Examining data/lam-7.1.4/share/mpi/wwait.c Examining data/lam-7.1.4/share/mpi/ccreatekey.c Examining data/lam-7.1.4/share/mpi/graphcreate.c Examining data/lam-7.1.4/share/mpi/keyfree.c Examining data/lam-7.1.4/share/mpi/wcreateerr.c Examining data/lam-7.1.4/share/mpi/tcontig.c Examining data/lam-7.1.4/share/mpi/gsize.c Examining data/lam-7.1.4/share/mpi/finalized.c Examining data/lam-7.1.4/share/mpi/bufattach.c Examining data/lam-7.1.4/share/mpi/unpack.c Examining data/lam-7.1.4/share/mpi/testall.c Examining data/lam-7.1.4/share/mpi/cgetparent.c Examining data/lam-7.1.4/share/mpi/getprocname.c Examining data/lam-7.1.4/share/mpi/wcreatekey.c Examining data/lam-7.1.4/share/mpi/crgroup.c Examining data/lam-7.1.4/share/mpi/isend.c Examining data/lam-7.1.4/share/mpi/grexcl.c Examining data/lam-7.1.4/share/mpi/cxx/op.cc Examining data/lam-7.1.4/share/mpi/cxx/comm.cc Examining data/lam-7.1.4/share/mpi/cxx/request.cc Examining data/lam-7.1.4/share/mpi/cxx/functions.cc Examining data/lam-7.1.4/share/mpi/cxx/info.cc Examining data/lam-7.1.4/share/mpi/cxx/status.cc Examining data/lam-7.1.4/share/mpi/cxx/group.cc Examining data/lam-7.1.4/share/mpi/cxx/intercomm.cc Examining data/lam-7.1.4/share/mpi/cxx/exception.cc Examining data/lam-7.1.4/share/mpi/cxx/file.cc Examining data/lam-7.1.4/share/mpi/cxx/topology.cc Examining data/lam-7.1.4/share/mpi/cxx/errhandler.cc Examining data/lam-7.1.4/share/mpi/cxx/datatype.cc Examining data/lam-7.1.4/share/mpi/cxx/pmpicxx.cc Examining data/lam-7.1.4/share/mpi/cxx/mpicxx.cc Examining data/lam-7.1.4/share/mpi/cxx/intracomm.cc Examining data/lam-7.1.4/share/mpi/cxx/win.cc Examining data/lam-7.1.4/share/mpi/cxx/intercepts.cc Examining data/lam-7.1.4/share/mpi/ssendinit.c Examining data/lam-7.1.4/share/mpi/accept.c Examining data/lam-7.1.4/share/mpi/wfree.c Examining data/lam-7.1.4/share/mpi/laminited.c Examining data/lam-7.1.4/share/mpi/cdelattr.c Examining data/lam-7.1.4/share/mpi/finalize.c Examining data/lam-7.1.4/share/mpi/wtest.c Examining data/lam-7.1.4/share/mpi/lamports.c Examining data/lam-7.1.4/share/mpi/mpil_rsetname.c Examining data/lam-7.1.4/share/mpi/wtick.c Examining data/lam-7.1.4/share/mpi/lamreduce.c Examining data/lam-7.1.4/share/mpi/handles.c Examining data/lam-7.1.4/share/mpi/cgroup.c Examining data/lam-7.1.4/share/mpi/getaddress.c Examining data/lam-7.1.4/share/mpi/alltoallw.c Examining data/lam-7.1.4/share/mpi/graphnbr.c Examining data/lam-7.1.4/share/mpi/dupfn.c Examining data/lam-7.1.4/share/mpi/infoget.c Examining data/lam-7.1.4/share/mpi/tdup.c Examining data/lam-7.1.4/share/mpi/wgetname.c Examining data/lam-7.1.4/share/mpi/opcreate.c Examining data/lam-7.1.4/share/mpi/reducescatter.c Examining data/lam-7.1.4/share/mpi/dimscreate.c Examining data/lam-7.1.4/share/mpi/errclass.c Examining data/lam-7.1.4/share/mpi/allocmem.c Examining data/lam-7.1.4/share/mpi/mpil_trace.c Examining data/lam-7.1.4/share/mpi/cfreekey.c Examining data/lam-7.1.4/share/mpi/allgather.c Examining data/lam-7.1.4/share/mpi/xcoloron.c Examining data/lam-7.1.4/share/mpi/bufdetach.c Examining data/lam-7.1.4/share/mpi/mpil_signal.c Examining data/lam-7.1.4/share/mpi/m2l.c Examining data/lam-7.1.4/share/mpi/tcreatestruct.c Examining data/lam-7.1.4/share/mpi/join.c Examining data/lam-7.1.4/share/mpi/lamcomm.c Examining data/lam-7.1.4/share/mpi/cartcoords.c Examining data/lam-7.1.4/share/mpi/wtime.c Examining data/lam-7.1.4/share/mpi/lamsig.c Examining data/lam-7.1.4/share/mpi/waitall.c Examining data/lam-7.1.4/share/mpi/gtranks.c Examining data/lam-7.1.4/share/mpi/lamcid.c Examining data/lam-7.1.4/share/mpi/lamdeferr.c Examining data/lam-7.1.4/share/mpi/gdiff.c Examining data/lam-7.1.4/share/mpi/lamsend.c Examining data/lam-7.1.4/share/mpi/errcreate.c Examining data/lam-7.1.4/share/mpi/lamunpack.c Examining data/lam-7.1.4/share/mpi/laminit.c Examining data/lam-7.1.4/share/mpi/abort.c Examining data/lam-7.1.4/share/mpi/mpil_id.c Examining data/lam-7.1.4/share/mpi/lamreceive.c Examining data/lam-7.1.4/share/mpi/namelook.c Examining data/lam-7.1.4/share/mpi/spawnmult.c Examining data/lam-7.1.4/share/mpi/cancel.c Examining data/lam-7.1.4/share/mpi/graphnbrcount.c Examining data/lam-7.1.4/share/mpi/tub.c Examining data/lam-7.1.4/share/mpi/gunion.c Examining data/lam-7.1.4/share/mpi/reduce.c Examining data/lam-7.1.4/share/mpi/getelem.c Examining data/lam-7.1.4/share/mpi/get.c Examining data/lam-7.1.4/share/mpi/wseterr.c Examining data/lam-7.1.4/share/mpi/cartdimget.c Examining data/lam-7.1.4/share/mpi/MPI.c Examining data/lam-7.1.4/share/mpi/infogetvlen.c Examining data/lam-7.1.4/share/mpi/cseterr.c Examining data/lam-7.1.4/share/mpi/libmpi-mpietc.c Examining data/lam-7.1.4/share/mpi/infoset.c Examining data/lam-7.1.4/share/mpi/wunlock.c Examining data/lam-7.1.4/share/mpi/textent.c Examining data/lam-7.1.4/share/mpi/wsetname.c Examining data/lam-7.1.4/share/mpi/tdarray.c Examining data/lam-7.1.4/share/mpi/cdisconnect.c Examining data/lam-7.1.4/share/mpi/lamupdown.c Examining data/lam-7.1.4/share/mpi/csize.c Examining data/lam-7.1.4/share/mpi/lampack.c Examining data/lam-7.1.4/share/mpi/accumulate.c Examining data/lam-7.1.4/share/mpi/mpietc.c Examining data/lam-7.1.4/share/mpi/tsize.c Examining data/lam-7.1.4/share/mpi/tgetname.c Examining data/lam-7.1.4/share/mpi/tcommit.c Examining data/lam-7.1.4/share/mpi/thindex.c Examining data/lam-7.1.4/share/mpi/ccmp.c Examining data/lam-7.1.4/share/mpi/initthr.c Examining data/lam-7.1.4/share/mpi/recvinit.c Examining data/lam-7.1.4/share/mpi/errset.c Examining data/lam-7.1.4/share/mpi/reqfree.c Examining data/lam-7.1.4/share/mpi/lamprocs.c Examining data/lam-7.1.4/share/mpi/rsendinit.c Examining data/lam-7.1.4/share/mpi/lampublish.c Examining data/lam-7.1.4/share/mpi/tsubarray.c Examining data/lam-7.1.4/share/mpi/infogetnth.c Examining data/lam-7.1.4/share/mpi/rsend.c Examining data/lam-7.1.4/share/mpi/gexcl.c Examining data/lam-7.1.4/share/mpi/bcast.c Examining data/lam-7.1.4/share/mpi/grincl.c Examining data/lam-7.1.4/share/mpi/barrier.c Examining data/lam-7.1.4/share/mpi/tcreatekey.c Examining data/lam-7.1.4/share/mpi/lamspawn.c Examining data/lam-7.1.4/share/mpi/sendrecvrep.c Examining data/lam-7.1.4/share/mpi/iccreate.c Examining data/lam-7.1.4/share/mpi/issend.c Examining data/lam-7.1.4/share/mpi/send.c Examining data/lam-7.1.4/share/mpi/namepub.c Examining data/lam-7.1.4/share/mpi/infocreate.c Examining data/lam-7.1.4/share/mpi/tresize.c Examining data/lam-7.1.4/share/mpi/startall.c Examining data/lam-7.1.4/share/mpi/errfree.c Examining data/lam-7.1.4/share/mpi/ctestinter.c Examining data/lam-7.1.4/share/mpi/attrget.c Examining data/lam-7.1.4/share/mpi/waitsome.c Examining data/lam-7.1.4/share/mpi/topotest.c Examining data/lam-7.1.4/share/mpi/lammemcpy.c Examining data/lam-7.1.4/share/mpi/cartget.c Examining data/lam-7.1.4/share/mpi/csplit.c Examining data/lam-7.1.4/share/mpi/nameunpub.c Examining data/lam-7.1.4/share/mpi/tcreatehindex.c Examining data/lam-7.1.4/share/mpi/lambuf.c Examining data/lam-7.1.4/share/mpi/wdelattr.c Examining data/lam-7.1.4/share/mpi/wcomplete.c Examining data/lam-7.1.4/share/mpi/cgetname.c Examining data/lam-7.1.4/share/mpi/lamreqs.c Examining data/lam-7.1.4/share/mpi/lamattr.c Examining data/lam-7.1.4/share/mpi/ssend.c Examining data/lam-7.1.4/share/mpi/querythr.c Examining data/lam-7.1.4/share/mpi/scatter.c Examining data/lam-7.1.4/share/mpi/wcallerr.c Examining data/lam-7.1.4/share/mpi/bsendinit.c Examining data/lam-7.1.4/share/mpi/start.c Examining data/lam-7.1.4/share/mpi/getversion.c Examining data/lam-7.1.4/share/mpi/pcontrol.c Examining data/lam-7.1.4/share/mpi/crank.c Examining data/lam-7.1.4/share/mpi/cdup.c Examining data/lam-7.1.4/share/mpi/waitany.c Examining data/lam-7.1.4/share/mpi/tvector.c Examining data/lam-7.1.4/share/mpi/ibsend.c Examining data/lam-7.1.4/share/mpi/thvector.c Examining data/lam-7.1.4/share/mpi/infogetnkeys.c Examining data/lam-7.1.4/share/mpi/infodel.c Examining data/lam-7.1.4/share/mpi/wstart.c Examining data/lam-7.1.4/share/mpi/cartrank.c Examining data/lam-7.1.4/share/mpi/packsize.c Examining data/lam-7.1.4/share/mpi/scan.c Examining data/lam-7.1.4/share/threads/lammutex.c Examining data/lam-7.1.4/share/threads/lamthreads.c Examining data/lam-7.1.4/share/threads/lamsemaphore.c Examining data/lam-7.1.4/share/threads/lamcondition.c Examining data/lam-7.1.4/share/ssi/rpi/lamd/src/lam-ssi-rpi-lamd.h Examining data/lam-7.1.4/share/ssi/rpi/lamd/src/ssi_rpi_lamd.c Examining data/lam-7.1.4/share/ssi/rpi/lamd/src/ssi_rpi_lamd_module.c Examining data/lam-7.1.4/share/ssi/rpi/lamd/src/rpi_lamd.h Examining data/lam-7.1.4/share/ssi/rpi/sysv/src/sysv_common.h Examining data/lam-7.1.4/share/ssi/rpi/sysv/src/rpi_sysv_macros.h Examining data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_shm.c Examining data/lam-7.1.4/share/ssi/rpi/sysv/src/rpi_sysv_req.h Examining data/lam-7.1.4/share/ssi/rpi/sysv/src/rpi_sysv.h Examining data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv.c Examining data/lam-7.1.4/share/ssi/rpi/sysv/src/rpi_sysv_proc.h Examining data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_low.c Examining data/lam-7.1.4/share/ssi/rpi/sysv/src/sysv_low.h Examining data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_common.c Examining data/lam-7.1.4/share/ssi/rpi/sysv/src/lam-ssi-rpi-sysv.h Examining data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_module.c Examining data/lam-7.1.4/share/ssi/rpi/sysv/src/sysv_shmem.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_interval.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_module.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_bitmap.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_reqlist.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_bitmap.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_fast.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/lam-ssi-rpi-ib.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_tiny.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_hashmap.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_fast.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_api_map.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_long.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_util.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/lam-ssi-rpi-ib-config.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_dreg.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_util.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_recv_queue.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_unexpected.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_recv_queue.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_reqlist.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_cbuf.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_actions.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_ack.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_actions.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_req.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_tiny.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_long.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_dreg.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_interval.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_ack.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_recv_events.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_hashmap.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_send_queue.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_unexpected.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_send_queue.h Examining data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_recv_events.c Examining data/lam-7.1.4/share/ssi/rpi/ib/src/rpi_ib_proc.h Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/rpi_usysv_macros.h Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/rpi_usysv_req.h Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/rpi_usysv_proc.h Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/usysv_syncwrite.h Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/usysv_common.h Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/usysv_syncwrite_powerpc.h Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/usysv_shmem.h Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/lam-ssi-rpi-usysv.h Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/ssi_rpi_usysv.c Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/ssi_rpi_usysv_shm.c Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/rpi_usysv.h Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/usysv_low.h Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/ssi_rpi_usysv_low.c Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/ssi_rpi_usysv_common.c Examining data/lam-7.1.4/share/ssi/rpi/usysv/src/ssi_rpi_usysv_module.c Examining data/lam-7.1.4/share/ssi/rpi/base/ssi_rpi_util.c Examining data/lam-7.1.4/share/ssi/rpi/base/ssi_rpi_cbuf.c Examining data/lam-7.1.4/share/ssi/rpi/base/ssi_rpi_open.c Examining data/lam-7.1.4/share/ssi/rpi/base/ssi_rpi_query.c Examining data/lam-7.1.4/share/ssi/rpi/base/ssi_rpi_init.c Examining data/lam-7.1.4/share/ssi/rpi/base/ssi_rpi_close.c Examining data/lam-7.1.4/share/ssi/rpi/base/ssi_rpi_mem.c Examining data/lam-7.1.4/share/ssi/rpi/base/ssi_rpi_fault.c Examining data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_cr.c Examining data/lam-7.1.4/share/ssi/rpi/crtcp/src/rpi_crtcp_macros.h Examining data/lam-7.1.4/share/ssi/rpi/crtcp/src/rpi_crtcp_req.h Examining data/lam-7.1.4/share/ssi/rpi/crtcp/src/rpi_crtcp_proc.h Examining data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp.c Examining data/lam-7.1.4/share/ssi/rpi/crtcp/src/rpi_crtcp.h Examining data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_low.c Examining data/lam-7.1.4/share/ssi/rpi/crtcp/src/crtcp_low.h Examining data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_bookmarks_alltoall.c Examining data/lam-7.1.4/share/ssi/rpi/crtcp/src/lam-ssi-rpi-crtcp.h Examining data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_module.c Examining data/lam-7.1.4/share/ssi/rpi/crtcp/src/rpi_crtcp_bookmarks.h Examining data/lam-7.1.4/share/ssi/rpi/tcp/src/ssi_rpi_tcp_module.c Examining data/lam-7.1.4/share/ssi/rpi/tcp/src/ssi_rpi_tcp_low.c Examining data/lam-7.1.4/share/ssi/rpi/tcp/src/ssi_rpi_tcp.c Examining data/lam-7.1.4/share/ssi/rpi/tcp/src/rpi_tcp_proc.h Examining data/lam-7.1.4/share/ssi/rpi/tcp/src/lam-ssi-rpi-tcp.h Examining data/lam-7.1.4/share/ssi/rpi/tcp/src/rpi_tcp_req.h Examining data/lam-7.1.4/share/ssi/rpi/tcp/src/rpi_tcp.h Examining data/lam-7.1.4/share/ssi/rpi/tcp/src/tcp_low.h Examining data/lam-7.1.4/share/ssi/rpi/tcp/src/rpi_tcp_macros.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_long.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_cbuf.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_tiny.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_reqlist.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_module.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/lam-ssi-rpi-gm-config.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_recv_events.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_recv_events.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/lam-ssi-rpi-gm.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_send_queue.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_proc.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_fast.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_cr.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_dreg.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_cr.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_unexpected.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_recv_queue.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_long_get.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_interval.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_dreg.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_util.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_interval.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_ack.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_bookmarks_alltoall.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_ack.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_long.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_actions.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_send_queue.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_unexpected.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_req.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_reqlist.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_recv_queue.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/rpi_gm_tiny.h Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_util.c Examining data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_actions.c Examining data/lam-7.1.4/share/ssi/base/ssi_module_registry.c Examining data/lam-7.1.4/share/ssi/base/ssi_ao.c Examining data/lam-7.1.4/share/ssi/base/ssi_close.c Examining data/lam-7.1.4/share/ssi/base/ssi_module_check.c Examining data/lam-7.1.4/share/ssi/base/ssi_hostmap.c Examining data/lam-7.1.4/share/ssi/base/ssi_param.c Examining data/lam-7.1.4/share/ssi/base/ssi_module_compare.c Examining data/lam-7.1.4/share/ssi/base/ssi_mpi_param.c Examining data/lam-7.1.4/share/ssi/base/ssi_mpi_init_callback.c Examining data/lam-7.1.4/share/ssi/base/ssi_open.c Examining data/lam-7.1.4/share/ssi/base/ssi_mpi_module_select.c Examining data/lam-7.1.4/share/ssi/base/ssi_set_verbose.c Examining data/lam-7.1.4/share/ssi/base/ssi_module_find.c Examining data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self_module.c Examining data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c Examining data/lam-7.1.4/share/ssi/crlam/self/src/lam-ssi-crlam-self.h Examining data/lam-7.1.4/share/ssi/crlam/base/ssi_crlam_close.c Examining data/lam-7.1.4/share/ssi/crlam/base/ssi_crlam_open.c Examining data/lam-7.1.4/share/ssi/crlam/base/ssi_crlam.c Examining data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr_module.c Examining data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c Examining data/lam-7.1.4/share/ssi/crlam/blcr/src/lam-ssi-crlam-blcr.h Examining data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh_inetexec.c Examining data/lam-7.1.4/share/ssi/boot/rsh/src/lam-ssi-boot-rsh.h Examining data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh_module.c Examining data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_alg_tree.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_append_path.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_find_hostname.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_select.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_close.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_find_boot_schema.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_open.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_alg_linear.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_ioexecvp.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_lamgrow.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_server.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_client.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_cmd_line.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_do_args.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_alg_linear_windowed.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_find_prefix.c Examining data/lam-7.1.4/share/ssi/boot/base/ssi_boot_alg_thread.c Examining data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c Examining data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm_module.c Examining data/lam-7.1.4/share/ssi/boot/slurm/src/lam-ssi-boot-slurm.h Examining data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm_hostlist.c Examining data/lam-7.1.4/share/ssi/boot/tm/src/lam-ssi-boot-tm.h Examining data/lam-7.1.4/share/ssi/boot/tm/src/ssi_boot_tm.c Examining data/lam-7.1.4/share/ssi/boot/tm/src/ssi_boot_tm_lamnode.h Examining data/lam-7.1.4/share/ssi/boot/tm/src/ssi_boot_tm_bhost.c Examining data/lam-7.1.4/share/ssi/boot/tm/src/ssi_boot_tm_module.c Examining data/lam-7.1.4/share/ssi/boot/bproc/src/ssi_boot_bproc_lamnode.h Examining data/lam-7.1.4/share/ssi/boot/bproc/src/ssi_boot_bproc_module.c Examining data/lam-7.1.4/share/ssi/boot/bproc/src/ssi_boot_bproc.c Examining data/lam-7.1.4/share/ssi/boot/bproc/src/lam-ssi-boot-bproc.h Examining data/lam-7.1.4/share/ssi/boot/globus/src/ssi_boot_globus_module.c Examining data/lam-7.1.4/share/ssi/boot/globus/src/lam-ssi-boot-globus.h Examining data/lam-7.1.4/share/ssi/boot/globus/src/ssi_boot_globus_inetexec.c Examining data/lam-7.1.4/share/ssi/boot/globus/src/ssi_boot_globus.c Examining data/lam-7.1.4/share/ssi/coll/smp/src/ssi_coll_smp_allgatherv.c Examining data/lam-7.1.4/share/ssi/coll/smp/src/ssi_coll_smp_reduce_scatter.c Examining data/lam-7.1.4/share/ssi/coll/smp/src/lam-ssi-coll-smp.h Examining data/lam-7.1.4/share/ssi/coll/smp/src/ssi_coll_smp_bcast.c Examining data/lam-7.1.4/share/ssi/coll/smp/src/ssi_coll_smp_scan.c Examining data/lam-7.1.4/share/ssi/coll/smp/src/ssi_coll_smp_allreduce.c Examining data/lam-7.1.4/share/ssi/coll/smp/src/ssi_coll_smp_module.c Examining data/lam-7.1.4/share/ssi/coll/smp/src/ssi_coll_smp_util.c Examining data/lam-7.1.4/share/ssi/coll/smp/src/ssi_coll_smp_allgather.c Examining data/lam-7.1.4/share/ssi/coll/smp/src/ssi_coll_smp_reduce.c Examining data/lam-7.1.4/share/ssi/coll/smp/src/ssi_coll_smp_barrier.c Examining data/lam-7.1.4/share/ssi/coll/smp/src/ssi_coll_smp.c Examining data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem.c Examining data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_module.c Examining data/lam-7.1.4/share/ssi/coll/shmem/src/lam-ssi-coll-shmem.h Examining data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_allgather.c Examining data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_util.c Examining data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_gather.c Examining data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_bcast.c Examining data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_barrier.c Examining data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_reduce.c Examining data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_alltoall.c Examining data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_scatter.c Examining data/lam-7.1.4/share/ssi/coll/base/ssi_coll_checkpoint.c Examining data/lam-7.1.4/share/ssi/coll/base/ssi_coll_init_comm.c Examining data/lam-7.1.4/share/ssi/coll/base/ssi_coll_query.c Examining data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c Examining data/lam-7.1.4/share/ssi/coll/base/ssi_coll_finalize_comm.c Examining data/lam-7.1.4/share/ssi/coll/base/ssi_coll_close.c Examining data/lam-7.1.4/share/ssi/coll/base/ssi_coll_get_param.c Examining data/lam-7.1.4/share/ssi/coll/impi/src/ssi_coll_impi_barrier.c Examining data/lam-7.1.4/share/ssi/coll/impi/src/ssi_coll_impi_module.c Examining data/lam-7.1.4/share/ssi/coll/impi/src/ssi_coll_impi_bcast.c Examining data/lam-7.1.4/share/ssi/coll/impi/src/lam-ssi-coll-impi.h Examining data/lam-7.1.4/share/ssi/coll/impi/src/ssi_coll_impi.c Examining data/lam-7.1.4/share/ssi/coll/impi/src/ssi_coll_impi_reduce.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_scan.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_alltoallv.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_allgather.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_util.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_bcast.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_barrier.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_module.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_allgatherv.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_allreduce.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_exscan.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_reduce.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_gatherv.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_scatterv.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_reduce_scatter.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_gather.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/lam-ssi-coll-lam-basic.h Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_scatter.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_alltoall.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic_alltoallw.c Examining data/lam-7.1.4/share/ssi/coll/lam_basic/src/ssi_coll_lam_basic.c Examining data/lam-7.1.4/share/ssi/crmpi/self/src/ssi_crmpi_self.c Examining data/lam-7.1.4/share/ssi/crmpi/self/src/lam-ssi-crmpi-self.h Examining data/lam-7.1.4/share/ssi/crmpi/self/src/ssi_crmpi_self_module.c Examining data/lam-7.1.4/share/ssi/crmpi/base/ssi_crmpi_open.c Examining data/lam-7.1.4/share/ssi/crmpi/base/ssi_crmpi_lock.c Examining data/lam-7.1.4/share/ssi/crmpi/base/ssi_crmpi_query.c Examining data/lam-7.1.4/share/ssi/crmpi/base/ssi_crmpi_close.c Examining data/lam-7.1.4/share/ssi/crmpi/base/ssi_crmpi.c Examining data/lam-7.1.4/share/ssi/crmpi/blcr/src/ssi_crmpi_blcr.c Examining data/lam-7.1.4/share/ssi/crmpi/blcr/src/ssi_crmpi_blcr_module.c Examining data/lam-7.1.4/share/ssi/crmpi/blcr/src/lam-ssi-crmpi-blcr.h FINAL RESULTS: data/lam-7.1.4/romio/adio/common/ad_fstype.c:101:8: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. err = readlink(filename, linkbuf, PATH_MAX+1); data/lam-7.1.4/share/etc/pty.c:202:5: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. chown(pts_name, getuid(), gid); data/lam-7.1.4/share/etc/pty.c:203:5: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(pts_name, S_IRUSR | S_IWUSR); data/lam-7.1.4/share/ssi/boot/globus/src/ssi_boot_globus_inetexec.c:106:5: [5] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. strncat(printable, cmdv[i], BUFSIZ); data/lam-7.1.4/share/ssi/boot/globus/src/ssi_boot_globus_inetexec.c:107:5: [5] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. strncat(printable, " ", BUFSIZ); data/lam-7.1.4/examples/romio/simple.c:55:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/examples/romio/simple.c:72:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, filename); data/lam-7.1.4/examples/romio/simple.c:73:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s.%d", tmp, rank); data/lam-7.1.4/otb/bfctl/bfctl.c:81:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/bfctl/bfctl.c:101:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/bfctl/bfctl.c:110:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/bfstate/bfstate.c:77:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/bfstate/bfstate.c:115:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/bfstate/bfstate.c:125:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/doom/doom.c:80:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/doom/doom.c:95:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/doom/doom.c:100:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/doom/doom.c:121:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/fctl/fctl.c:78:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/fctl/fctl.c:100:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/fctl/fctl.c:109:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/filedr/filedr.c:94:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/filedr/filedr.c:360:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/filedr/filedr.c:400:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/fstate/fstate.c:79:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/fstate/fstate.c:113:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/fstate/fstate.c:132:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/ipcdr/ipcdr.c:92:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/ipcdr/ipcdr.c:114:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/ipcdr/ipcdr.c:169:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/lamexec/lamexec.c:124:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/lamexec/lamexec.c:246:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/lamexec/lamexec.c:259:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/lamexec/lamexec.c:286:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fmtbuf, smallbuf); data/lam-7.1.4/otb/lamexec/lamexec.c:291:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fmtbuf, ao_param(ad, "s", 0, 0)); data/lam-7.1.4/otb/lamexec/lamexec.c:306:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fmtbuf, qarg); data/lam-7.1.4/otb/lamexec/lamexec.c:320:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fmtbuf, qarg); data/lam-7.1.4/otb/lamexec/lamexec.c:333:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, syntaxerr, lineno); data/lam-7.1.4/otb/lamexec/lamexec.c:553:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, smallbuf); data/lam-7.1.4/otb/lamexec/lamexec.c:568:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, smallbuf); data/lam-7.1.4/otb/lamexec/lamexec.c:575:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, smallbuf); data/lam-7.1.4/otb/lamexec/lamexec.c:596:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, smallbuf); data/lam-7.1.4/otb/lamgrow/lamgrow.c:520:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(context); data/lam-7.1.4/otb/loadgo/loadgo.c:100:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/loadgo/loadgo.c:126:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/loadgo/loadgo.c:135:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/mpimsg/mpimsg.c:197:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(HDR_FMT, "SRC (GPS/L)", "DEST (GPS/L)", "TAG", data/lam-7.1.4/otb/mpimsg/mpimsg.c:200:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(HDR_FMT, "SRC (G/L)", "DEST (G/L)", "TAG", data/lam-7.1.4/otb/mpimsg/mpimsg.c:315:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(BODY_FMT, src_str, dest_str, tag_str, data/lam-7.1.4/otb/mpimsg/mpitr_data.c:550:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(fmtbuf, isprint(c) ? "%4c" : "%4u", c & 0xFF); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:581:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(fmtbuf, isprint(c) ? "%4c" : "%4u", c & 0xFF); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:771:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fmtbuf, "%1s", (i) ? "F" : "T"); data/lam-7.1.4/otb/mpirun/mpirun.c:761:7: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, syntaxerr, lineno); data/lam-7.1.4/otb/mpirun/mpirun.c:1552:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(*src, suffix); data/lam-7.1.4/otb/mpirun/mpirun.c:1584:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg_string, "%s\n%s\n", server_string, rank_string); data/lam-7.1.4/otb/mpirun/totalview.c:151:3: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(tv_argv[0], tv_argv); data/lam-7.1.4/otb/mpirun/totalview.c:229:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(MPIR_proctable[i].host_name, name); data/lam-7.1.4/otb/mpirun/totalview.c:254:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(MPIR_proctable[j].executable_name, pp->asc_args->apa_argv[0]); data/lam-7.1.4/otb/mpirun/totalview.c:268:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(MPIR_proctable[j].executable_name, cwd); data/lam-7.1.4/otb/mpirun/totalview.c:270:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(MPIR_proctable[j].executable_name, data/lam-7.1.4/otb/mpirun/totalview.c:290:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(MPIR_proctable[j].executable_name, cwd); data/lam-7.1.4/otb/mpirun/totalview.c:292:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(MPIR_proctable[j].executable_name, pp->asc_args->apa_argv[0]); data/lam-7.1.4/otb/mpirun/totalview.c:304:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(MPIR_proctable[j].executable_name, executable_path); data/lam-7.1.4/otb/mpirun/totalview.c:353:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name, "%s", inet_ntoa(links[node].dol_addr.sin_addr)); data/lam-7.1.4/otb/mpitask/mpitask.c:155:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(FORMAT, "TASK (GPS/L)", "FUNCTION", "PEER|ROOT", data/lam-7.1.4/otb/mpitask/mpitask.c:158:4: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(FORMAT, "TASK (G/L)", "FUNCTION", "PEER|ROOT", data/lam-7.1.4/otb/mpitask/mpitask.c:282:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(func_str, "%s", data/lam-7.1.4/otb/mpitask/mpitask.c:326:6: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(func_str, data/lam-7.1.4/otb/mpitask/mpitask.c:404:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(func_str, "%s", mpiblktype(fyi->fyp_func)); data/lam-7.1.4/otb/mpitask/mpitask.c:421:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(func_str, "%s", mpiblktype(fyi->fyp_func)); data/lam-7.1.4/otb/mpitask/mpitask.c:444:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(func_str, "%s", mpiblktype(fyi->fyp_func)); data/lam-7.1.4/otb/mpitask/mpitask.c:466:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(func_str, "%s", mpiblktype(fyi->fyp_func)); data/lam-7.1.4/otb/mpitask/mpitask.c:484:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(func_str, "%s", mpiblktype(fyi->fyp_func)); data/lam-7.1.4/otb/mpitask/mpitask.c:504:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(func_str, "%s", mpiblktype(fyi->fyp_func)); data/lam-7.1.4/otb/mpitask/mpitask.c:536:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(func_str, "%s", mpiblktype(fyi->fyp_func)); data/lam-7.1.4/otb/mpitask/mpitask.c:559:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(func_str, "%s", mpiblktype(fyi->fyp_func)); data/lam-7.1.4/otb/mpitask/mpitask.c:583:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(FORMAT, task_str, func_str, peer_str, data/lam-7.1.4/otb/mpitask/mpitask.c:650:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, p); data/lam-7.1.4/otb/state/state.c:89:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/state/state.c:107:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/state/state.c:116:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage); data/lam-7.1.4/otb/state/state.c:298:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buffer, "%s", data/lam-7.1.4/otb/state/state.c:316:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buffer, "%s (%s)", data/lam-7.1.4/otb/state/state.c:327:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(buffer, fmt, data/lam-7.1.4/otb/sys/filed/fface.c:94:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. { return(system(cmd)); } data/lam-7.1.4/otb/sys/filed/fface.c:100:10: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. { return(access(path, mode)); } data/lam-7.1.4/otb/sys/filed/fqopen.c:199:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->f_name, fbuf); data/lam-7.1.4/otb/sys/filed/fqopen.c:236:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fbuf, ttyname(1)); data/lam-7.1.4/otb/sys/filed/fqopen.c:262:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fbuf, ttyname(2)); data/lam-7.1.4/otb/sys/filed/fqopenfd.c:276:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(f->f_name, fname); data/lam-7.1.4/otb/sys/filed/fqopenfd.c:290:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fstdin,"%s-stdin", fbuf); data/lam-7.1.4/otb/sys/filed/fqopenfd.c:291:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fstdout,"%s-stdout", fbuf); data/lam-7.1.4/otb/sys/filed/fqopenfd.c:292:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fstderr,"%s-stderr", fbuf); data/lam-7.1.4/otb/sys/filed/fqsimplex.c:401:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fbuf, of->f_name); data/lam-7.1.4/otb/sys/filed/fqstate.c:84:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p->fs_name, f->f_name); data/lam-7.1.4/otb/sys/haltd/haltd.c:249:5: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(argv[0], argv); data/lam-7.1.4/otb/sys/kenyad/pqdetach.c:238:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pattach->p_argv[0], pq.pq_name); data/lam-7.1.4/otb/sys/kenyad/pqdetach.c:259:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pattach->p_loadpt, pq.pq_name); data/lam-7.1.4/otb/sys/kernel/kernelio.c:682:5: [4] (shell) execle: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execle(LAM_BINDIR "/tkill", "tkill", "-setsid", "-d", "-debug-output", data/lam-7.1.4/otb/sys/kernel/kernelio.c:685:5: [4] (shell) execle: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execle(LAM_BINDIR "/tkill", "tkill", "-setsid", NULL, environ); data/lam-7.1.4/otb/sys/kernel/kouter.c:357:2: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(buffer, format, states[p->kp_state], data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_hints.c:88:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(piofs_statfs.name, path); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_hints.c:97:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(piofs_create.name, fd->filename); data/lam-7.1.4/romio/adio/common/ad_hints.c:258:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fd->hints->cb_config_list, value); data/lam-7.1.4/romio/adio/common/ad_hints.c:276:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fd->hints->cb_config_list, ADIOI_CB_CONFIG_LIST_DFLT); data/lam-7.1.4/romio/adio/common/cb_config_list.c:337:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cur_procname, yylval); data/lam-7.1.4/romio/adio/common/malloc.c:27:17: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define FPRINTF fprintf data/lam-7.1.4/romio/adio/common/shfp_fname.c:36:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fd->shared_fp_fname, fd->filename); data/lam-7.1.4/romio/adio/common/shfp_fname.c:45:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fd->shared_fp_fname + 1, fd->filename); data/lam-7.1.4/romio/adio/common/shfp_fname.c:55:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(slash + 2, ptr + 1); data/lam-7.1.4/romio/adio/common/shfp_fname.c:59:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fd->shared_fp_fname, tmp); data/lam-7.1.4/romio/adio/include/adioi.h:407:17: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define FPRINTF fprintf data/lam-7.1.4/romio/mpi2-other/info/info_getnth.c:72:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(key, curr->key); data/lam-7.1.4/romio/test/async.c:40:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/async.c:57:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, filename); data/lam-7.1.4/romio/test/async.c:58:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s.%d", tmp, rank); data/lam-7.1.4/romio/test/atomicity.c:44:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/coll_perf.c:49:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/coll_test.c:49:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/error.c:40:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/error.c:52:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, filename); data/lam-7.1.4/romio/test/error.c:53:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s.%d", tmp, rank); data/lam-7.1.4/romio/test/excl.c:34:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/file_info.c:38:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/i_noncontig.c:46:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/large_array.c:48:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/noncontig.c:46:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/noncontig_coll.c:45:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/noncontig_coll2.c:29:17: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define FPRINTF fprintf data/lam-7.1.4/romio/test/noncontig_coll2.c:338:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/perf.c:41:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/psimple.c:42:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/psimple.c:59:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, filename); data/lam-7.1.4/romio/test/psimple.c:60:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s.%d", tmp, rank); data/lam-7.1.4/romio/test/shared_fp.c:37:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/simple.c:39:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/simple.c:56:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, filename); data/lam-7.1.4/romio/test/simple.c:57:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s.%d", tmp, rank); data/lam-7.1.4/romio/test/split_coll.c:49:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/status.c:37:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename, *argv); data/lam-7.1.4/romio/test/status.c:52:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, filename); data/lam-7.1.4/romio/test/status.c:53:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s.%d", tmp, rank); data/lam-7.1.4/share/args/all_argv.c:63:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy((*argv)[*argc], arg); data/lam-7.1.4/share/args/all_opt.c:437:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p->aoo_string, opt); data/lam-7.1.4/share/boot/asc_parse.c:774:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(var, v); data/lam-7.1.4/share/boot/asc_parse.c:776:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(var, val); data/lam-7.1.4/share/boot/bhostparse.c:362:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(lamnet[node].lnd_hname, host); data/lam-7.1.4/share/boot/bhostparse.c:377:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(lamnet[node].lnd_uname, user); data/lam-7.1.4/share/boot/hbootparse.c:233:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(override, var); data/lam-7.1.4/share/boot/hbootparse.c:235:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(override, opt); data/lam-7.1.4/share/boot/proc_schema.c:170:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(full, prefix); data/lam-7.1.4/share/boot/proc_schema.c:171:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(full, p->psc_argv[0]); data/lam-7.1.4/share/boot/proc_schema.c:173:7: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(full, R_OK | X_OK)) { data/lam-7.1.4/share/etc/few.c:54:3: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(argv[0], argv); data/lam-7.1.4/share/etc/lam_gethostby.c:100:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(h_byname_name, tmp); data/lam-7.1.4/share/etc/lam_gethostby.c:163:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(h_byaddr_name, tmp); data/lam-7.1.4/share/etc/lam_gethostname.c:65:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(name, tmp); data/lam-7.1.4/share/etc/lamdebug.c:161:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(filename, lds->lds_file_suffix); data/lam-7.1.4/share/etc/lamdebug.c:313:7: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. syslog(ldi->ldi_syslog_priority, str); data/lam-7.1.4/share/etc/lamdebug.c:318:7: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(temp_str); data/lam-7.1.4/share/etc/lamdebug.c:325:7: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, temp_str); data/lam-7.1.4/share/etc/mpiformout.c:205:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(str, (full) ? dtfull[dtype] : dtshort[dtype]); data/lam-7.1.4/share/etc/mpitr_dtprint.c:108:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(obuf, "%sinvalid datatype: %d", prefix, dtype); data/lam-7.1.4/share/etc/mpitr_dtprint.c:118:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(obuf, prefix); data/lam-7.1.4/share/etc/mpitr_dtprint.c:119:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(obuf, dtbasic[dtype]); data/lam-7.1.4/share/etc/mpitr_dtprint.c:126:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(obuf, "%sunknown datatype: %d", prefix, dtype); data/lam-7.1.4/share/etc/mpitr_dtprint.c:245:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fmtbuf, "%s\n", dtbasic[dtype]); data/lam-7.1.4/share/etc/mpitr_dtprint.c:246:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(obuf, fmtbuf); data/lam-7.1.4/share/etc/mpitr_dtprint.c:267:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fmtbuf, "%s (%d)", dtbasic[TRDTCONTIG], (*dtrace)->trd_count); data/lam-7.1.4/share/etc/mpitr_dtprint.c:269:12: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). if (obuf) strcat(obuf, fmtbuf); data/lam-7.1.4/share/etc/mpitr_dtprint.c:294:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fmtbuf, "%s (%d x %d, %d)", dtbasic[dtype], data/lam-7.1.4/share/etc/mpitr_dtprint.c:298:12: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). if (obuf) strcat(obuf, fmtbuf); data/lam-7.1.4/share/etc/mpitr_dtprint.c:329:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fmtbuf, "%s (%d)", dtbasic[dtype], count); data/lam-7.1.4/share/etc/mpitr_dtprint.c:331:12: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). if (obuf) strcat(obuf, fmtbuf); data/lam-7.1.4/share/etc/mpitr_dtprint.c:340:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). if (obuf) strcat(obuf, fmtbuf); data/lam-7.1.4/share/etc/mpitr_dtprint.c:370:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fmtbuf, "%s (%d)\n", dtbasic[TRDTSTRUCT], count); data/lam-7.1.4/share/etc/mpitr_dtprint.c:372:12: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). if (obuf) strcat(obuf, fmtbuf); data/lam-7.1.4/share/etc/mpitr_dtprint.c:385:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). if (obuf) strcat(obuf, fmtbuf); data/lam-7.1.4/share/etc/mpitr_dtprint.c:415:22: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). if (colcount == 0) strcat(obuf, prefix); data/lam-7.1.4/share/etc/nodespin.c:49:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s...", nid_fmt(node)); data/lam-7.1.4/share/etc/pathsearch.c:107:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pfix, env); data/lam-7.1.4/share/etc/pathsearch.c:108:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(pfix, delimit); data/lam-7.1.4/share/etc/pathsearch.c:233:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fullpath, path); data/lam-7.1.4/share/etc/pathsearch.c:234:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fullpath, STRSDIR); data/lam-7.1.4/share/etc/pathsearch.c:235:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fullpath, fname); data/lam-7.1.4/share/etc/pathsearch.c:237:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fullpath, fname); data/lam-7.1.4/share/etc/pathsearch.c:243:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(fullpath, mode)) { data/lam-7.1.4/share/etc/pty.c:123:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pts_name, ptr); data/lam-7.1.4/share/etc/registry.c:158:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%c %s\n", type, obj); data/lam-7.1.4/share/etc/registry.c:223:12: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. while (fscanf(f, "%c %s\n", &type, obj) == 2) { data/lam-7.1.4/share/etc/registry.c:271:14: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. while (fscanf(f, "%c %s\n", &type, obj) == 2) { data/lam-7.1.4/share/etc/show_help.c:109:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(ret, env); data/lam-7.1.4/share/etc/show_help.c:208:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, line); data/lam-7.1.4/share/etc/show_help.c:235:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, line); data/lam-7.1.4/share/etc/show_help.c:247:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(str, "-*-%s:%s-*-", program, topic); data/lam-7.1.4/share/etc/show_help.c:260:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, line); data/lam-7.1.4/share/etc/show_help.c:273:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, line); data/lam-7.1.4/share/etc/socket.c:239:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(server_un.sun_path, addr_file); data/lam-7.1.4/share/etc/socket.c:320:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(server_un.sun_path, addr_file); data/lam-7.1.4/share/etc/vsnprintf.c:200:3: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(sarg, format, arglist2); data/lam-7.1.4/share/impi/iinit.c:125:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf((char *) msg.nh_msg, "%s %s", server_string, rank_string); data/lam-7.1.4/share/include/etc_misc.h:156:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf lam_snprintf data/lam-7.1.4/share/include/etc_misc.h:158:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int snprintf(char *str, int len, char *fmt, ...); data/lam-7.1.4/share/include/lamdebug.h:62:29: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define DBUG if (fl_debug) printf data/lam-7.1.4/share/include/lamdebug.h:63:34: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define VERBOSE if (fl_verbose) printf data/lam-7.1.4/share/kreq/kcreate.c:146:5: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(pathname, argv); data/lam-7.1.4/share/libltdl/ltdl.c:275:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, str); data/lam-7.1.4/share/libltdl/ltdl.c:848:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. lt_ptr system; /* system specific data */ data/lam-7.1.4/share/libltdl/ltdl.c:1346:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (searchname, "%s.", filename); data/lam-7.1.4/share/libltdl/ltdl.c:2507:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (filename, "%.*s/%s", (int) dirname_len, dirname, dlname); data/lam-7.1.4/share/libltdl/ltdl.c:2716:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (filename, dir_name); data/lam-7.1.4/share/libltdl/ltdl.c:2722:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (filename +lendir, base_name); data/lam-7.1.4/share/libltdl/ltdl.c:2794:19: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. int notfound = access (filename, R_OK); data/lam-7.1.4/share/libltdl/ltdl.c:2928:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (name, "lib%s", p+2); data/lam-7.1.4/share/libltdl/ltdl.c:3503:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (tmp, filename); data/lam-7.1.4/share/libltdl/ltdl.c:3504:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (tmp, archive_ext); data/lam-7.1.4/share/libltdl/ltdl.c:3527:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (tmp, filename); data/lam-7.1.4/share/libltdl/ltdl.c:3534:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(tmp, shlib_ext); data/lam-7.1.4/share/libltdl/ltdl.c:3663:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (buf, dirnam); data/lam-7.1.4/share/libltdl/ltdl.c:3916:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sym, handle->loader->sym_prefix); data/lam-7.1.4/share/libltdl/ltdl.c:3917:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(sym, handle->info.name); data/lam-7.1.4/share/libltdl/ltdl.c:3921:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sym, handle->info.name); data/lam-7.1.4/share/libltdl/ltdl.c:3925:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(sym, symbol); data/lam-7.1.4/share/libltdl/ltdl.c:3943:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sym, handle->loader->sym_prefix); data/lam-7.1.4/share/libltdl/ltdl.c:3944:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(sym, symbol); data/lam-7.1.4/share/libltdl/ltdl.c:3948:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sym, symbol); data/lam-7.1.4/share/mpi/errstring.c:145:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, p); data/lam-7.1.4/share/mpi/errstring.c:150:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, mpierrmsg[class]); data/lam-7.1.4/share/mpi/infodel.c:72:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(search.ie_key, key); data/lam-7.1.4/share/mpi/infoget.c:85:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(search.ie_key, key); data/lam-7.1.4/share/mpi/infoget.c:91:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(value, found->ie_value); data/lam-7.1.4/share/mpi/infogetnth.c:68:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(key, p->ie_key); data/lam-7.1.4/share/mpi/infogetvlen.c:81:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(search.ie_key, key); data/lam-7.1.4/share/mpi/infoset.c:93:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newinfo.ie_key, key); data/lam-7.1.4/share/mpi/infoset.c:94:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newval, value); data/lam-7.1.4/share/mpi/lamdeferr.c:178:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name, "%s %d", type, cid); data/lam-7.1.4/share/mpi/lammpiinit.c:1710:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dtype->dt_name, name); data/lam-7.1.4/share/ssi/base/ssi_module_find.c:241:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(prefix, len, module_template, params->type); data/lam-7.1.4/share/ssi/base/ssi_module_find.c:244:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(prefix, params->name); data/lam-7.1.4/share/ssi/base/ssi_module_find.c:522:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buffer, BUFSIZ, module_template, type); data/lam-7.1.4/share/ssi/base/ssi_module_find.c:523:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer, name); data/lam-7.1.4/share/ssi/base/ssi_param.c:277:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(param.lsbp_full_name, module_name); data/lam-7.1.4/share/ssi/base/ssi_param.c:281:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(param.lsbp_full_name, param_name); data/lam-7.1.4/share/ssi/boot/base/ssi_boot_ioexecvp.c:118:5: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(cmdv[0], cmdv); data/lam-7.1.4/share/ssi/boot/base/ssi_boot_lamgrow.c:107:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(hostip, inet_ntoa(*((struct in_addr *)h->h_addr))); data/lam-7.1.4/share/ssi/boot/base/ssi_boot_lamgrow.c:132:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(n[i].lnd_hname, inet_ntoa(links[i].dol_addr.sin_addr)); data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh_inetexec.c:301:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(str, argv[i]); data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh_inetexec.c:306:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(str, delim_str); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:1003:5: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(srun_argv[0], srun_argv); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:1034:7: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(argv[0], argv); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:1157:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(name, path_name); data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:621:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(tmp, suffix); data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:731:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(tmp_as, asc_line); data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:850:7: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (system(call_checkpoint) == -1) { data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:897:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (system(tmp) == -1) { data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:673:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(tmp_as, asc_line); data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:690:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(appschema_argv_line, tmp_as); data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib.c:190:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(lam_ssi_rpi_ib_hca_id,lam_ssi_base_param_lookup_string(param_hca_id)); data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib.c:204:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(lam_ssi_rpi_ib_hca_id, hca_id_buf[0]); data/lam-7.1.4/share/totalview/src/dll_lam.c:600:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(comm->name, c_info.name); data/lam-7.1.4/share/trillium/rget.c:149:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, nhead.nh_msg); data/lam-7.1.4/share/trillium/rhreq.c:205:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name, "%s", inet_ntoa(links[nodeid].dol_addr.sin_addr)); data/lam-7.1.4/share/trillium/rpcreate.c:115:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(request.pq_name, filename); data/lam-7.1.4/share/trillium/rtrname.c:78:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, name); data/lam-7.1.4/share/trillium/rtrname.c:79:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf + strlen(name) + 1, data); data/lam-7.1.4/share/trillium/rtrname.c:252:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*data, buf); data/lam-7.1.4/share/tstdio/tscan.c:1011:1: [4] (buffer) vscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. vscanf(fmt, ap) data/lam-7.1.4/share/tstdio/tscan.c:1029:1: [4] (buffer) vsscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. vsscanf(str, fmt, ap) data/lam-7.1.4/tools/hboot/hboot.c:375:4: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(p->psc_argv[0], p->psc_argv); data/lam-7.1.4/tools/lamboot/lamboot.c:144:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(cmdv[0], X_OK) == -1) { data/lam-7.1.4/tools/wipe/wipe.c:122:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(cmdv[0], X_OK) == -1) { data/lam-7.1.4/otb/lamexec/lamexec.c:520:16: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((appdir = getenv("LAMAPPLDIR"))) { data/lam-7.1.4/otb/mpirun/mpirun.c:1167:17: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((appdir = getenv("LAMAPPLDIR"))) { data/lam-7.1.4/otb/sys/filed/fface.c:84:10: [3] (buffer) getwd: This does not protect against buffer overflows by itself, so use with caution (CWE-120, CWE-20). Use getcwd instead. { return(getwd(dir)); } data/lam-7.1.4/otb/sys/impid/client.c:248:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("IMPI_AUTH_NONE") != 0) data/lam-7.1.4/otb/sys/impid/client.c:250:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("IMPI_AUTH_KEY")) data/lam-7.1.4/otb/sys/impid/client.c:296:15: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char *key = getenv("IMPI_AUTH_KEY"); data/lam-7.1.4/otb/sys/impid/client.c:454:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((env = getenv("LAM_IMPI_COLL_XSIZE")) != NULL) data/lam-7.1.4/otb/sys/impid/client.c:488:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((env = getenv("LAM_IMPI_COLL_MAXLINEAR")) != NULL) data/lam-7.1.4/otb/sys/impid/dance.c:118:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. hostname = getenv("IMPI_HOST_NAME"); data/lam-7.1.4/otb/sys/impid/router.cc:84:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((toverride = getenv("LAM_IMPID_SPIN_TIMEOUT")) != NULL) { data/lam-7.1.4/romio/adio/common/ad_init.c:79:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. c = getenv("MPIO_DIRECT_READ"); data/lam-7.1.4/romio/adio/common/ad_init.c:83:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. c = getenv("MPIO_DIRECT_WRITE"); data/lam-7.1.4/share/boot/asc_parse.c:771:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((val = getenv(v))) { data/lam-7.1.4/share/etc/getworkdir.c:52:6: [3] (buffer) getwd: This does not protect against buffer overflows by itself, so use with caution (CWE-120, CWE-20). Use getcwd instead. if (getwd(cwd)) { data/lam-7.1.4/share/etc/kill.c:104:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. } else if ((tmp = getenv(LAM_PREFIX_ENV)) != NULL) { data/lam-7.1.4/share/etc/kill.c:106:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. } else if ((tmp = getenv("TMPDIR")) != NULL) { data/lam-7.1.4/share/etc/kill.c:136:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. } else if ((tmp = getenv(LAM_SUFFIX_ENV)) != NULL) { data/lam-7.1.4/share/etc/kill.c:138:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. } else if ((tmp = getenv("LAM_MPI_SOCKET_SUFFIX")) != NULL) { data/lam-7.1.4/share/etc/kill.c:553:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("PBS_ENVIRONMENT") != NULL && data/lam-7.1.4/share/etc/kill.c:554:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. (tmp = getenv("PBS_JOBID")) != NULL) { data/lam-7.1.4/share/etc/kill.c:561:19: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. else if ((tmp = getenv("SLURM_JOBID")) != NULL) { data/lam-7.1.4/share/etc/kill.c:568:19: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. else if ((tmp = getenv("LSB_JOBID")) != NULL && data/lam-7.1.4/share/etc/kill.c:569:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. (tmp2 = getenv("LSB_JOBINDEX")) != NULL) { data/lam-7.1.4/share/etc/kill.c:576:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. else if (getenv("SGE_ROOT") != NULL && data/lam-7.1.4/share/etc/kill.c:577:19: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. (tmp = getenv("JOB_ID")) != NULL) { data/lam-7.1.4/share/etc/kill.c:578:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. tmp2 = getenv("SGE_TASK_ID"); data/lam-7.1.4/share/etc/pathsearch.c:321:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. return(getenv(var)); data/lam-7.1.4/share/etc/show_help.c:105:8: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. env = getenv(temp); data/lam-7.1.4/share/etc/show_help.c:461:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("LAM_MPI_ALLOW_CASCADE_HELP") == NULL) { data/lam-7.1.4/share/kreq/clientio.c:130:11: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((p = getenv("TROLLIUSFD"))) { data/lam-7.1.4/share/kreq/clientio.c:144:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. _kio.ki_rtf = (p = getenv("TROLLIUSRTF")) data/lam-7.1.4/share/kreq/clientio.c:149:11: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((p = getenv("LAMKENYAPID"))) { data/lam-7.1.4/share/kreq/clientio.c:158:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. _kio.ki_world = (p = getenv("LAMWORLD")) ? stoi((unsigned char *) p) : 0; data/lam-7.1.4/share/kreq/clientio.c:160:24: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. _kio.ki_parent = (p = getenv("LAMPARENT")) data/lam-7.1.4/share/kreq/clientio.c:165:11: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((p = getenv("LAMJOBID"))) { data/lam-7.1.4/share/kreq/kcreate.c:126:16: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. rtf = (p = getenv("TROLLIUSRTF")) ? stoi((unsigned char *) p) : 0; data/lam-7.1.4/share/kreq/kcreate.c:182:50: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((rtf&RTF_IO) && !(rtf&RTF_PFDIO) && (p = getenv("TROLLIUSFD"))) { data/lam-7.1.4/share/libltdl/ltdl.c:1362:16: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. module = LoadLibrary (wpath); data/lam-7.1.4/share/libltdl/ltdl.c:1365:14: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. module = LoadLibrary (searchname); data/lam-7.1.4/share/libltdl/ltdl.c:3193:22: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. search_path = getenv (LTDL_SEARCHPATH_VAR); data/lam-7.1.4/share/libltdl/ltdl.c:3201:22: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. search_path = getenv (LTDL_SHLIBPATH_VAR); data/lam-7.1.4/share/libltdl/ltdl.c:3386:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. && !find_handle (getenv (LTDL_SEARCHPATH_VAR), base_name, data/lam-7.1.4/share/libltdl/ltdl.c:3389:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. && !find_handle (getenv (LTDL_SHLIBPATH_VAR), base_name, data/lam-7.1.4/share/libltdl/ltdl.c:3775:33: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. is_done = foreach_dirinpath (getenv("LTDL_LIBRARY_PATH"), 0, data/lam-7.1.4/share/libltdl/ltdl.c:3782:33: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. is_done = foreach_dirinpath (getenv(LTDL_SHLIBPATH_VAR), 0, data/lam-7.1.4/share/libltdl/ltdl.c:3789:33: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. is_done = foreach_dirinpath (getenv(LTDL_SYSSEARCHPATH), 0, data/lam-7.1.4/share/memory/darwin7/scalable_malloc.c:305:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("MallocErrorSleep")) { data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.c:313:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. extern char* getenv(); data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.c:318:31: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. # define __secure_getenv(Str) getenv (Str) data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.c:1771:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. s = getenv("MALLOC_CHECK_"); data/lam-7.1.4/share/memory/ptmalloc2/arena.c:418:15: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if((s = getenv("MALLOC_TRIM_THRESHOLD_"))) data/lam-7.1.4/share/memory/ptmalloc2/arena.c:420:15: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if((s = getenv("MALLOC_TOP_PAD_"))) data/lam-7.1.4/share/memory/ptmalloc2/arena.c:422:15: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if((s = getenv("MALLOC_MMAP_THRESHOLD_"))) data/lam-7.1.4/share/memory/ptmalloc2/arena.c:424:15: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if((s = getenv("MALLOC_MMAP_MAX_"))) data/lam-7.1.4/share/memory/ptmalloc2/arena.c:427:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. s = getenv("MALLOC_CHECK_"); data/lam-7.1.4/share/mpi/f77/init_f.c:41:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. argv[0] = getenv("LAM_MPI_PROCESS_NAME"); data/lam-7.1.4/share/mpi/f77/initthr_f.c:40:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. argv[0] = getenv("LAM_MPI_PROCESS_NAME"); data/lam-7.1.4/share/mpi/init.c:224:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((env = getenv("LAM_MPI_THREAD_LEVEL")) != NULL) { data/lam-7.1.4/share/mpi/laminit.c:217:6: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("LAM_MPI_PAUSE")) { data/lam-7.1.4/share/mpi/laminit.c:490:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. *world_n = getenv("LAMWORLDNODES") ? getncomp() : 1; data/lam-7.1.4/share/mpi/laminit.c:534:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((env = getenv("LAMRANK")) == 0) data/lam-7.1.4/share/mpi/laminited.c:97:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char *rank = getenv("LAMRANK"); data/lam-7.1.4/share/mpi/lammpiinit.c:221:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char *rank = getenv("LAMRANK"); data/lam-7.1.4/share/mpi/lammpiinit.c:519:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (0 == getenv("LAMRANK")) data/lam-7.1.4/share/mpi/lammpiinit.c:1978:16: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((env = getenv("LAMRANK")) != NULL) { data/lam-7.1.4/share/mpi/spawn.c:984:16: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((appdir = getenv("LAMAPPLDIR"))) { data/lam-7.1.4/share/ssi/base/ssi_module_check.c:53:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. e = getenv(var_name); data/lam-7.1.4/share/ssi/base/ssi_mpi_param.c:136:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((env = getenv(p->lsbp_env_var_name)) != NULL) { data/lam-7.1.4/share/ssi/base/ssi_param.c:372:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. (env = getenv(p->lsbp_env_var_name)) != NULL) { data/lam-7.1.4/share/ssi/base/ssi_set_verbose.c:69:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((e = getenv("LAMRANK")) != NULL) { data/lam-7.1.4/share/ssi/boot/base/ssi_boot_find_boot_schema.c:74:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. } else if ((fname = getenv("LAMBHOST"))) { data/lam-7.1.4/share/ssi/boot/base/ssi_boot_find_boot_schema.c:75:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. } else if ((fname = getenv("TROLLIUSBHOST"))) { data/lam-7.1.4/share/ssi/boot/bproc/src/ssi_boot_bproc.c:514:17: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (NULL != getenv("NODES")) using_bjs = 1; data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh.c:159:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. env = getenv("LAM_MPI_SSI_boot_rsh_agent"); data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh.c:161:11: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. env = getenv("LAMRSH"); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:208:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("SLURM_JOBID") == NULL) { data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:222:24: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. (node_id != 0 && getenv("SLURM_NODEID") != NULL)) { data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:238:15: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. getenv("SLURM_JOBID")); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:299:22: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. *nnodes_arg = atoi(getenv("SLURM_NNODES")); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:302:49: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. "bad-value", "SLURM_NNODES", getenv("SLURM_NNODES"), NULL); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:317:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. slurm_node_str = getenv("SLURM_NODELIST"); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:370:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. tasks_per_node = getenv("SLURM_TASKS_PER_NODE"); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:631:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((e = getenv("SLURM_NODEID")) == NULL) { data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:632:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. e = getenv("SLURM_NNODES"); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:667:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. begptr = getenv("SLURM_LAUNCH_NODE_IPADDR"); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:697:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. tasks_per_node = getenv("SLURM_TASKS_PER_NODE"); data/lam-7.1.4/share/ssi/boot/tm/src/ssi_boot_tm.c:133:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("PBS_ENVIRONMENT") == NULL) { data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:95:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((e = getenv("LAM_MPI_SSI_coll")) != NULL && strlen(e) > 0) { data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:104:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((e = getenv("LAM_MPI_SSI_coll_base_crossover")) != NULL) data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:106:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((e = getenv("LAM_MPI_SSI_coll_base_associative")) != NULL) data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:108:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((e = getenv("LAM_MPI_SSI_coll_base_reduce_crossover")) != NULL) data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:111:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((e = getenv("LAM_MPI_SSI_coll_base_shmem_message_pool_size")) != NULL) data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:114:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((e = getenv("LAM_MPI_SSI_coll_base_shmem_num_segments")) != NULL) data/lam-7.1.4/share/ssi/crlam/base/ssi_crlam_open.c:119:15: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (((env = getenv("LAM_MPI_SSI_cr")) != NULL) data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:602:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. crdir = getenv("HOME"); data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:816:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. crdir = getenv("HOME"); data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:587:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. crdir = getenv("HOME"); data/lam-7.1.4/tools/hboot/hboot.c:206:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((path_env = getenv("PATH")) != NULL) { data/lam-7.1.4/tools/laminfo/laminfo.cc:883:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("LAM_MPI_ssi_boot") != NULL) data/lam-7.1.4/tools/laminfo/laminfo.cc:885:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("LAM_MPI_ssi_coll") != NULL) data/lam-7.1.4/tools/laminfo/laminfo.cc:887:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("LAM_MPI_ssi_cr") != NULL) data/lam-7.1.4/tools/laminfo/laminfo.cc:889:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("LAM_MPI_ssi_rpi") != NULL) data/lam-7.1.4/tools/wrappers/wrap.cc:162:11: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. env = getenv(env_list[i].c_str()); data/lam-7.1.4/tools/wrappers/wrap_cc.cc:162:11: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. env = getenv(env_list[i].c_str()); data/lam-7.1.4/tools/wrappers/wrap_cxx.cc:162:11: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. env = getenv(env_list[i].c_str()); data/lam-7.1.4/tools/wrappers/wrap_f77.cc:162:11: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. env = getenv(env_list[i].c_str()); data/lam-7.1.4/examples/fault/master.c:105:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[128]; data/lam-7.1.4/examples/fault/master.c:143:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(filename, "./lam_fault_appschema.%d", (int) getpid()); data/lam-7.1.4/examples/fault/master.c:150:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(filename, "w"); data/lam-7.1.4/examples/fault/master.c:312:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("mandel.out", O_CREAT | O_TRUNC | O_WRONLY, 0644); data/lam-7.1.4/examples/fault/master.c:419:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char red[256]; /* trivial color map */ data/lam-7.1.4/examples/fault/master.c:420:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char green[256]; /* trivial color map */ data/lam-7.1.4/examples/fault/master.c:421:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char blue[256]; /* trivial color map */ data/lam-7.1.4/examples/mandelbrot/master.c:194:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("mandel.out", O_CREAT | O_TRUNC | O_WRONLY, 0644); data/lam-7.1.4/examples/mandelbrot/master.c:240:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pgrid, pregion, len0); data/lam-7.1.4/examples/mandelbrot/master.c:283:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char red[256]; /* trivial color map */ data/lam-7.1.4/examples/mandelbrot/master.c:284:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char green[256]; /* trivial color map */ data/lam-7.1.4/examples/mandelbrot/master.c:285:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char blue[256]; /* trivial color map */ data/lam-7.1.4/examples/pi/cpi.c:46:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char processor_name[MPI_MAX_PROCESSOR_NAME]; data/lam-7.1.4/otb/bfctl/bfctl.c:93:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/bfstate/bfstate.c:107:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/doom/doom.c:112:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/fctl/fctl.c:50:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pwd[MAXPATHLEN]; data/lam-7.1.4/otb/fctl/fctl.c:92:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/filedr/filedr.c:108:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/fstate/fstate.c:105:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/fstate/fstate.c:152:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[24]; /* field buffer */ data/lam-7.1.4/otb/fstate/fstate.c:168:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%d/%d", ftable[i].fs_tfd, ftable[i].fs_count); data/lam-7.1.4/otb/fstate/fstate.c:201:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "local/%d", ftable[i].fs_src_event); data/lam-7.1.4/otb/fstate/fstate.c:204:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "n%d/p%d", ftable[i].fs_src_node, data/lam-7.1.4/otb/ipcdr/ipcdr.c:106:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/lamclean/lamclean.c:79:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/lamexec/lamexec.c:84:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fmtbuf[512]; /* formatting buffer */ data/lam-7.1.4/otb/lamexec/lamexec.c:85:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char smallbuf[128]; /* small extra buffer */ data/lam-7.1.4/otb/lamexec/lamexec.c:145:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/lamexec/lamexec.c:285:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(smallbuf, "-c %d ", nprocs); data/lam-7.1.4/otb/lamexec/lamexec.c:290:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(fmtbuf, "-s "); data/lam-7.1.4/otb/lamexec/lamexec.c:312:21: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. if (argtailc > 0) strcat(fmtbuf, "-- "); data/lam-7.1.4/otb/lamexec/lamexec.c:467:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char server[LAM_PATH_MAX]; /* fd server socket name */ data/lam-7.1.4/otb/lamexec/lamexec.c:552:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(smallbuf, "n%d", initnode); data/lam-7.1.4/otb/lamexec/lamexec.c:567:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(smallbuf, "-%d,%d", next - 1, node); data/lam-7.1.4/otb/lamexec/lamexec.c:574:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(smallbuf, ",%d", node); data/lam-7.1.4/otb/lamexec/lamexec.c:595:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(smallbuf, "-%d", next - 1); data/lam-7.1.4/otb/lamgrow/lamgrow.c:88:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/lamgrow/lamgrow.c:516:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file[LAM_PATH_MAX]; data/lam-7.1.4/otb/lamgrow/lamgrow.c:529:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(file, "/tmp/lam-wipe-schema-XXXXXX"); data/lam-7.1.4/otb/lamgrow/lamgrow.c:531:15: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). if ((fd = mkstemp(file)) == -1) data/lam-7.1.4/otb/lamhalt/lamhalt.c:83:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/lamnodes/lamnodes.c:45:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char name[1024]; data/lam-7.1.4/otb/lamnodes/lamnodes.c:59:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(name, "invalid node"); data/lam-7.1.4/otb/lamnodes/lamnodes.c:133:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/lamshrink/lamshrink.c:93:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/lamtrace/lamtrace.c:87:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *nodev[3]; /* default node arguments */ data/lam-7.1.4/otb/lamtrace/lamtrace.c:122:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/lamtrace/lamtrace.c:142:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(fname, O_RDWR | O_CREAT | O_EXCL, 0644); data/lam-7.1.4/otb/loadgo/loadgo.c:81:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *tmp_argv[2]; /* scratch argv structure */ data/lam-7.1.4/otb/loadgo/loadgo.c:118:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/loadgo/loadgo.c:336:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char server[LAM_PATH_MAX]; /* fd server socket name */ data/lam-7.1.4/otb/mpimsg/mpimsg.c:84:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char src_str[32]; /* formatting buffer */ data/lam-7.1.4/otb/mpimsg/mpimsg.c:85:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char dest_str[32]; /* formatting buffer */ data/lam-7.1.4/otb/mpimsg/mpimsg.c:86:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char tag_str[16]; /* formatting buffer */ data/lam-7.1.4/otb/mpimsg/mpimsg.c:87:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char dtype_str[16]; /* formatting buffer */ data/lam-7.1.4/otb/mpimsg/mpimsg.c:88:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cid_str[16]; /* formatting buffer */ data/lam-7.1.4/otb/mpimsg/mpimsg.c:112:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *nodev[3]; /* extra node list */ data/lam-7.1.4/otb/mpimsg/mpimsg.c:141:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/mpimsg/mpimsg.c:380:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char content[MAXNMSGLEN]; /* holds content of message */ data/lam-7.1.4/otb/mpimsg/mpitr_data.c:122:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fmtbuf[80]; /* formatting buffer */ data/lam-7.1.4/otb/mpimsg/mpitr_data.c:583:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%4d", c); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:612:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &w, *data, sizeof(wchar_t)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:616:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15lX", (long) w); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:643:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i, *data, sizeof(int)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:647:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15d", i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:674:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i, *data, sizeof(unsigned int)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:678:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15u", i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:705:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i, *data, sizeof(long int)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:709:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15ld", i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:736:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i, *data, sizeof(unsigned long)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:740:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15lu", i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:767:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i, *data, sizeof(unsigned int)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:798:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i, *data, sizeof(short)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:802:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%7d", (int) i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:829:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i, *data, sizeof(unsigned short)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:833:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%7u", (unsigned int) i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:860:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &f, *data, sizeof(float)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:864:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15g", f); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:891:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &f, *data, sizeof(double)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:895:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%#15g", f); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:922:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i, *data, sizeof(longlong)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:929:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15lld", i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:934:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15ld", i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:962:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i, *data, sizeof(ulonglong)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:969:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15llu", i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:974:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15lu", i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1002:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &d, *data, sizeof(longdouble)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1009:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%#15Lg", d); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1014:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%#15g", d); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1042:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &fr, *data, sizeof(float)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1044:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &fi, *data, sizeof(float)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1052:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15g %15g", fr, fi); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1079:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &f1, *data, sizeof(double)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1081:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &f2, *data, sizeof(double)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1089:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15g %15g", f1, f2); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1137:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i1, *data, sizeof(int)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1139:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i2, *data, sizeof(int)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1147:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15d %15d", i1, i2); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1174:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &f1, *data, sizeof(float)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1176:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &f2, *data, sizeof(float)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1184:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15g %15g", f1, f2); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1211:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &f1, *data, sizeof(double)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1213:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &f2, *data, sizeof(double)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1221:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15g %15g", f1, f2); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1249:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &f, *data, sizeof(float)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1251:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i, *data, sizeof(int)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1259:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15g %15d", f, i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1287:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &l, *data, sizeof(long)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1289:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i, *data, sizeof(int)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1297:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15ld %15d", l, i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1325:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &f, *data, sizeof(double)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1327:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i, *data, sizeof(int)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1335:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15g %15d", f, i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1363:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &d, *data, sizeof(longdouble)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1365:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i, *data, sizeof(int)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1377:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15Lg %15d", d, i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1379:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%15g %15d", d, i); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1408:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &s, *data, sizeof(short)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1410:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &i, *data, sizeof(int)); data/lam-7.1.4/otb/mpimsg/mpitr_data.c:1418:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "%7d %15d", (int) s, i); data/lam-7.1.4/otb/mpirun/mpirun.c:132:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char smallbuf[128]; /* small extra buffer */ data/lam-7.1.4/otb/mpirun/mpirun.c:317:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/mpirun/mpirun.c:703:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(smallbuf, "-c %d ", nprocs); data/lam-7.1.4/otb/mpirun/mpirun.c:811:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char spid[32], snode[48], sstatus[32]; data/lam-7.1.4/otb/mpirun/mpirun.c:1113:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char server[LAM_PATH_MAX]; /* fd server socket name */ data/lam-7.1.4/otb/mpirun/mpirun.c:1205:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(smallbuf, "n%d", initnode); data/lam-7.1.4/otb/mpirun/mpirun.c:1220:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(smallbuf, "-%d,%d", next - 1, node); data/lam-7.1.4/otb/mpirun/mpirun.c:1227:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(smallbuf, ",%d", node); data/lam-7.1.4/otb/mpirun/mpirun.c:1248:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(smallbuf, "-%d", next - 1); data/lam-7.1.4/otb/mpirun/mpirun.c:1321:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mpiworld, world, world_n * sizeof(struct _gps)); data/lam-7.1.4/otb/mpirun/mpirun.c:1341:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char node[32]; data/lam-7.1.4/otb/mpirun/mpirun.c:1392:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arg1[LAM_MPI_SSI_BASE_MAX_MODULE_NAME_LEN * 2], data/lam-7.1.4/otb/mpirun/mpirun.c:1414:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char node[32]; data/lam-7.1.4/otb/mpirun/totalview.c:94:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char name[1024]; data/lam-7.1.4/otb/mpirun/totalview.c:346:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(name, "invalid node"); data/lam-7.1.4/otb/mpitask/mpitask.c:78:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char task_str[32]; /* formatting buffer */ data/lam-7.1.4/otb/mpitask/mpitask.c:79:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char func_str[32]; /* formatting buffer */ data/lam-7.1.4/otb/mpitask/mpitask.c:80:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char peer_str[32]; /* formatting buffer */ data/lam-7.1.4/otb/mpitask/mpitask.c:81:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char tag_str[16]; /* formatting buffer */ data/lam-7.1.4/otb/mpitask/mpitask.c:82:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char dtype_str[16]; /* formatting buffer */ data/lam-7.1.4/otb/mpitask/mpitask.c:83:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cid_str[16]; /* formatting buffer */ data/lam-7.1.4/otb/mpitask/mpitask.c:84:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char count_str[16]; /* formatting buffer */ data/lam-7.1.4/otb/mpitask/mpitask.c:105:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *nodev[3]; /* extra node list */ data/lam-7.1.4/otb/mpitask/mpitask.c:121:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/otb/mpitask/mpitask.c:275:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(func_str, "<stopped>"); data/lam-7.1.4/otb/mpitask/mpitask.c:278:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(func_str, "<paused>"); data/lam-7.1.4/otb/mpitask/mpitask.c:285:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(func_str, "<system>"); data/lam-7.1.4/otb/mpitask/mpitask.c:289:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(func_str, "<system>"); data/lam-7.1.4/otb/mpitask/mpitask.c:331:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(func_str, "<blocked>"); data/lam-7.1.4/otb/mpitask/mpitask.c:335:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(func_str, "<blocked>"); data/lam-7.1.4/otb/mpitask/mpitask.c:338:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(func_str, "<system>"); data/lam-7.1.4/otb/mpitask/mpitask.c:342:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(func_str, "<system>"); data/lam-7.1.4/otb/mpitask/mpitask.c:345:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(func_str, "<blocked>"); data/lam-7.1.4/otb/mpitask/mpitask.c:410:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(count_str, "%d", fyi->fyp_count); data/lam-7.1.4/otb/mpitask/mpitask.c:450:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(count_str, "%d", fyi->fyp_count); data/lam-7.1.4/otb/mpitask/mpitask.c:471:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(count_str, "%d", fyi->fyp_count); data/lam-7.1.4/otb/mpitask/mpitask.c:573:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(func_str, "<blocked>"); data/lam-7.1.4/otb/state/state.c:56:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *kstates[4] = { data/lam-7.1.4/otb/state/state.c:258:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32]; /* used for formatting purposes */ data/lam-7.1.4/otb/state/state.c:276:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p, "%1.1d,", i); data/lam-7.1.4/otb/state/state.c:291:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "[%d]", state->ps_index); data/lam-7.1.4/otb/state/state.c:304:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "<stopped>"); data/lam-7.1.4/otb/state/state.c:309:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "<paused>"); data/lam-7.1.4/otb/sys/bforward/bforward.c:37:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[MAXNMSGLEN]; data/lam-7.1.4/otb/sys/bufferd/bufferd.c:69:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char msg[MAXNMSGLEN];/* incoming message body */ data/lam-7.1.4/otb/sys/bufferd/bufferd.c:248:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bfhead->nh_msg, temp, bfhead->nh_length); data/lam-7.1.4/otb/sys/bufferd/bufferd.c:252:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &wrap.bfb_head, (char *) bfhead, sizeof(struct nmsg)); data/lam-7.1.4/otb/sys/bufferd/bufferd.c:412:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nhead.nh_msg, msg, pktsize); data/lam-7.1.4/otb/sys/bufferd/bufferd.c:424:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) pbfs->bfs_data, (char *) p->nh_data, data/lam-7.1.4/otb/sys/bufferd/bufferd.c:646:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) nhr.nh_data, (char *) pnh->nh_data, data/lam-7.1.4/otb/sys/dli_inet/di_bootcmd.c:46:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char my_hname[MAXHOSTNAMELEN + 1]; data/lam-7.1.4/otb/sys/dli_inet/di_bootcmd.c:66:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ngbr_haddr[4]; /* neighbour host address */ data/lam-7.1.4/otb/sys/dli_inet/di_bootcmd.c:67:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char my_haddr[4]; /* my host address */ data/lam-7.1.4/otb/sys/dli_inet/di_bootcmd.c:131:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *pndil = LAM_max(atoi(argv[i]), *pndil); data/lam-7.1.4/otb/sys/dli_inet/di_bootcmd.c:160:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ngbr_link = atoi(*argv++); data/lam-7.1.4/otb/sys/dli_inet/di_bootcmd.c:171:40: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). (*pdiinfo)[ngbr_link].dii_num_cpus = atoi(*argv++); data/lam-7.1.4/otb/sys/dli_inet/di_bootcmd.c:181:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). (*pdiinfo)[ngbr_link].dii_node_type = atoi(*argv++); data/lam-7.1.4/otb/sys/dli_inet/dli_inet.c:182:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) incoming.nh_data, (char *) head->dlh_data, data/lam-7.1.4/otb/sys/dli_inet/dli_inet.c:502:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &dilinks[ilink], pnhq->nh_msg, sizeof(struct dilink)); data/lam-7.1.4/otb/sys/dlo_inet/dlo_inet.c:62:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char packet[MAXNMSGLEN]; /* portion of route table data/lam-7.1.4/otb/sys/dlo_inet/dlo_inet.c:290:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) pdlh->dlh_data, (char *) pnh->nh_data, data/lam-7.1.4/otb/sys/dlo_inet/dlo_inet.c:449:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packet, dolinks + (seg * eps), i); data/lam-7.1.4/otb/sys/dlo_inet/dlo_inet.c:474:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) pdol, pdos_empty->dos_frame.dlf_msg, data/lam-7.1.4/otb/sys/echod/echod.c:39:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char msg[MAXNMSGLEN]; /* echo message */ data/lam-7.1.4/otb/sys/filed/fface.c:61:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(path, conv_flags(flags) | O_NOCTTY, mode); data/lam-7.1.4/otb/sys/filed/fface.c:125:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(path, O_WRONLY, 0); data/lam-7.1.4/otb/sys/filed/fface.c:225:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, dest_size); data/lam-7.1.4/otb/sys/filed/fface.c:227:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, src_size); data/lam-7.1.4/otb/sys/filed/filed.c:139:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fbuf[MAXNMSGLEN]; data/lam-7.1.4/otb/sys/filed/fqf77.c:423:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fbuf, p, npkt); data/lam-7.1.4/otb/sys/filed/fqopen.c:220:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(fbuf, "/dev/null"); data/lam-7.1.4/otb/sys/filed/fqopen.c:238:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(fbuf, "/dev/tty"); data/lam-7.1.4/otb/sys/filed/fqopen.c:241:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(fbuf, "/dev/null"); data/lam-7.1.4/otb/sys/filed/fqopen.c:264:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(fbuf, "/dev/tty"); data/lam-7.1.4/otb/sys/filed/fqopen.c:267:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(fbuf, "/dev/null"); data/lam-7.1.4/otb/sys/filed/fqopenfd.c:89:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[FNAMELEN]; /* generated file name */ data/lam-7.1.4/otb/sys/filed/fqopenfd.c:95:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fstdin[LAM_PATH_MAX]; data/lam-7.1.4/otb/sys/filed/fqopenfd.c:96:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fstdout[LAM_PATH_MAX]; data/lam-7.1.4/otb/sys/filed/fqopenfd.c:97:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fstderr[LAM_PATH_MAX]; data/lam-7.1.4/otb/sys/filed/fqopenfd.c:184:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fname, "stdin.%d", -fq->fq_src_event); data/lam-7.1.4/otb/sys/filed/fqopenfd.c:191:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fname, "stdout.%d", -fq->fq_src_event); data/lam-7.1.4/otb/sys/filed/fqopenfd.c:198:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fname, "stderr.%d", -fq->fq_src_event); data/lam-7.1.4/otb/sys/filed/fqsimplex.c:199:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data, fbuf, sizeof(struct fqrename)); data/lam-7.1.4/otb/sys/filed/fqwrite.c:37:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char fbuf[MAXNMSGLEN]; data/lam-7.1.4/otb/sys/flatd/flatd.c:68:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[MAXNMSGLEN];/* input data buffer for request */ data/lam-7.1.4/otb/sys/flatd/flatd.c:224:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(fltable[i].fl_addr, data/lam-7.1.4/otb/sys/flatd/flatd.c:239:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(fltable[i].fl_addr, O_WRONLY | O_CREAT, 0700); data/lam-7.1.4/otb/sys/flatd/flatd.c:270:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(fltable[i].fl_addr, O_WRONLY | O_APPEND, 0700); data/lam-7.1.4/otb/sys/haltd/haltd.c:52:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char msg[MAXNMSGLEN]; /* halt message */ data/lam-7.1.4/otb/sys/impid/client.c:132:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char foo[1024]; data/lam-7.1.4/otb/sys/impid/client.c:359:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[1024]; data/lam-7.1.4/otb/sys/impid/client.c:360:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(temp, "Got unexpected command -- expected IMPI_CMD_IMPI, got 0x%x\n", command.cmd); data/lam-7.1.4/otb/sys/impid/client.c:401:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char temp[1024]; data/lam-7.1.4/otb/sys/impid/client.c:402:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp2[1024]; data/lam-7.1.4/otb/sys/impid/client.c:531:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + 12, &my_ipaddress, 4); data/lam-7.1.4/otb/sys/impid/client.c:593:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + 12 + (i * 16), &my_ipaddress, 4); data/lam-7.1.4/otb/sys/impid/client.c:714:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[1024]; data/lam-7.1.4/otb/sys/impid/client.c:802:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cdata[i], buffer, recv_size); data/lam-7.1.4/otb/sys/impid/comm.cc:120:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(comm->c_reserved, &local_id, sizeof(local_id)); data/lam-7.1.4/otb/sys/impid/dance.c:68:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char my_hostname[LAM_MAXHOSTNAMELEN]; data/lam-7.1.4/otb/sys/impid/dance.c:82:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[16]; data/lam-7.1.4/otb/sys/impid/dance.c:139:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr[128]; data/lam-7.1.4/otb/sys/impid/dance.c:319:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remote_addr[128]; data/lam-7.1.4/otb/sys/impid/dance.c:364:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[1024]; data/lam-7.1.4/otb/sys/impid/dance.c:410:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char me_str[128]; data/lam-7.1.4/otb/sys/impid/dance.c:411:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr_str[128]; data/lam-7.1.4/otb/sys/impid/dance.c:418:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char me_str[128]; data/lam-7.1.4/otb/sys/impid/dance.c:419:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr_str[128]; data/lam-7.1.4/otb/sys/impid/dance.c:427:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char me_str[128]; data/lam-7.1.4/otb/sys/impid/dance.c:428:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr_str[128]; data/lam-7.1.4/otb/sys/impid/endian.c:34:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[64]; data/lam-7.1.4/otb/sys/impid/host.cc:330:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, &pk, sizeof(IMPI_Packet)); data/lam-7.1.4/otb/sys/impid/impid.c:257:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). my_client_rank = atoi(argv[1]); data/lam-7.1.4/otb/sys/impid/impid.c:264:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). server_port = atoi(p + 1); data/lam-7.1.4/otb/sys/impid/lamnodes.c:246:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lam_impi_hosts[host].ih_ipv6[0], data/lam-7.1.4/otb/sys/impid/lamnodes.c:290:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lam_impi_procs[proc].ip_ipv6[0], data/lam-7.1.4/otb/sys/impid/local_req.cc:180:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. host_enque_packet(pk, (char *) 0, data/lam-7.1.4/otb/sys/impid/router.cc:85:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). timeout = atoi(toverride); data/lam-7.1.4/otb/sys/iod/iod.c:101:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char iobuf[MAXNMSGLEN]; /* IO buffer */ data/lam-7.1.4/otb/sys/iod/iod.ext.c:125:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &readfds, (char *) &allfds, sizeof(fd_set)); data/lam-7.1.4/otb/sys/kenyad/pqcreate.c:74:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fdbuf[32]; /* TROLLIUSFD env space */ data/lam-7.1.4/otb/sys/kenyad/pqcreate.c:75:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char rtfbuf[32]; /* TROLLIUSRTF env space */ data/lam-7.1.4/otb/sys/kenyad/pqcreate.c:76:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char jobbuf[32]; /* LAMJOB env space */ data/lam-7.1.4/otb/sys/kenyad/pqcreate.c:77:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pidbuf[32]; /* LAMKENYAPID env space */ data/lam-7.1.4/otb/sys/kenyad/pqcreate.c:78:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char parentbuf[32]; /* LAMPARENT env space */ data/lam-7.1.4/otb/sys/kenyad/pqcreate.c:79:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char worldbuf[32]; /* LAMWORLD env space */ data/lam-7.1.4/otb/sys/kenyad/pqcreate.c:80:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char rankbuf[32]; /* LAMRANK env space */ data/lam-7.1.4/otb/sys/kenyad/pqcreate.c:372:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). avfd = open(argvname, O_RDONLY, 0); data/lam-7.1.4/otb/sys/kenyad/pqcreate.c:459:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char server[LAM_PATH_MAX]; /* fd server socket name */ data/lam-7.1.4/otb/sys/kenyad/pqcreate.c:515:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char server[LAM_PATH_MAX]; /* fd server socket name */ data/lam-7.1.4/otb/sys/kernel/kernelio.c:112:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fwdbuf[KPKTLEN]; /* forwarding buffer */ data/lam-7.1.4/otb/sys/kernel/kernelio.c:211:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) kernel_un.sun_path, addr_file, strlen(addr_file) + 1); data/lam-7.1.4/otb/sys/kernel/kernelio.c:231:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[4096]; data/lam-7.1.4/otb/sys/kernel/kernelio.c:306:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &readfds, (char *) &allfds, sizeof(fd_set)); data/lam-7.1.4/otb/sys/kernel/kernelio.c:308:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &exceptfds, (char *) &readfds, sizeof(fd_set)); data/lam-7.1.4/otb/sys/kernel/kernelio.c:329:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &readfds, (char *) &allfds, sizeof(fd_set)); data/lam-7.1.4/otb/sys/kernel/kernelio.c:331:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &exceptfds, (char *) &readfds, sizeof(fd_set)); data/lam-7.1.4/otb/sys/kernel/kinner.c:119:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &pclient->kp_msg, (char *) &pkq->kq_msg, data/lam-7.1.4/otb/sys/kernel/kinner.c:169:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &p->kp_msg, (char *) &p->kp_msg2, data/lam-7.1.4/otb/sys/kernel/kinner.c:181:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &pclient->kp_msg, data/lam-7.1.4/otb/sys/kernel/kinner.c:184:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) pclient->kp_fyi, (char *) pkq->kq_fyi, data/lam-7.1.4/otb/sys/kernel/kinner.c:211:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) pclient->kp_fyi, (char *) pkq->kq_fyi, data/lam-7.1.4/otb/sys/kernel/kinner.c:216:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &pclient->kp_msg2, data/lam-7.1.4/otb/sys/kernel/kinner.c:420:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &prun->kp_msg, (char *) pkmsg, sizeof(struct kmsg)); data/lam-7.1.4/otb/sys/kernel/kinner.c:475:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) pkr->kr_fyi, (char *) pstate->kp_fyi, data/lam-7.1.4/otb/sys/kernel/kkill.c:102:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd_kill = open(f_kill, O_WRONLY | O_CREAT | O_EXCL, 0600); data/lam-7.1.4/otb/sys/kernel/kouter.c:83:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *states[3] = {"R ", "BS", "BR"}; data/lam-7.1.4/otb/sys/kernel/kouter.c:158:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &request, data/lam-7.1.4/otb/sys/kernel/kouter.c:345:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32]; data/lam-7.1.4/otb/sys/kernel/kouter.c:460:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pto->kp_msg.k_msg, pfrom->kp_msg.k_msg, data/lam-7.1.4/otb/sys/kernel/kouter.c:469:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptomsg, pfrmsg, reply.kr_length); data/lam-7.1.4/otb/sys/lamd/couter.c:86:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, preq->kq_msg.k_msg, sizeof(struct nmsg)); data/lam-7.1.4/otb/sys/lamd/couter.c:99:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, *ppmsg, preq->kq_msg.k_length); data/lam-7.1.4/otb/sys/lamd/rreq.c:190:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) pnodes, rrhead->nh_msg, data/lam-7.1.4/otb/sys/loadd/loadd.c:57:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fname[FNAMELEN];/* name of file to load */ data/lam-7.1.4/otb/sys/loadd/loadd.c:150:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fdesc = open(fullname, O_RDONLY, 0600)) < 0) { data/lam-7.1.4/otb/sys/traced/traced.c:61:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trqmsg[MAXNMSGLEN]; data/lam-7.1.4/otb/sys/traced/traced.c:165:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) nhead.nh_data, (char *) ptrr, data/lam-7.1.4/otb/sys/traced/trbuf.c:159:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newb.trb_buffer, trqmsg, ptrq->trq_length); data/lam-7.1.4/otb/sys/traced/trbuf.c:363:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newb.trb_buffer, trqmsg, ptrq->trq_length); data/lam-7.1.4/otb/sys/versiond/versiond.c:38:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char msg[MAXNMSGLEN]; data/lam-7.1.4/otb/sys/versiond/versiond.c:57:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(msg, LAM_VERSION, str_len); data/lam-7.1.4/otb/tping/tping.c:153:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_open.c:38:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd->fd_sys = open(fd->filename, amode, perm); data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_read.c:80:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp_buf, readbuf+readbuf_len-partial_read, partial_read); \ data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_read.c:83:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(readbuf, tmp_buf, partial_read); \ data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_read.c:94:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)buf + userbuf_off, readbuf+req_off-readbuf_off, req_len); \ data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_read.c:143:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_bufsize = atoi(value); data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_write.c:81:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf+req_off-writebuf_off, (char *)buf +userbuf_off, write_sz);\ data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_write.c:99:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf, (char *)buf + userbuf_off, write_sz);\ data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_write.c:118:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf+req_off-writebuf_off, (char *)buf +userbuf_off, write_sz);\ data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_write.c:130:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf, (char *)buf + userbuf_off, write_sz);\ data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_write.c:181:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_bufsize = atoi(value); data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs.h:24:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define _gopen(n,m,i,p) open(n,m,p) data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_hints.c:31:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). str_factor=atoi(value); data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_hints.c:43:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). str_unit=atoi(value); data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_hints.c:55:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start_iodev=atoi(value); data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_hints.c:87:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd_sys = open(fd->filename, amode, perm); data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_open.c:50:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else fd->fd_sys = open(fd->filename, amode, perm); data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_open.c:74:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", attr.s_sunitsize); data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_open.c:77:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", attr.s_sfactor); data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_open.c:80:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", attr.s_start_sdir); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_hints.c:32:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). str_factor=atoi(value); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_hints.c:44:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). str_unit=atoi(value); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_hints.c:56:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start_iodev=atoi(value); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_open.c:45:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd->fd_sys = open(fd->filename, amode, perm); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_open.c:60:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", piofs_fstat.st_bsu); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_open.c:63:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", piofs_fstat.st_cells); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_open.c:66:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", piofs_fstat.st_base_node); data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_hints.c:33:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). str_factor=atoi(value); data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_hints.c:46:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). str_unit=atoi(value); data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_hints.c:59:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start_iodev=atoi(value); data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_open.c:44:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (flag && (atoi(value) > 0)) pstat.pcount = atoi(value); data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_open.c:44:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (flag && (atoi(value) > 0)) pstat.pcount = atoi(value); data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_open.c:48:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (flag && (atoi(value) > 0)) pstat.ssize = atoi(value); data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_open.c:48:50: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (flag && (atoi(value) > 0)) pstat.ssize = atoi(value); data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_open.c:52:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (flag && (atoi(value) >= 0)) pstat.base = atoi(value); data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_open.c:52:50: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (flag && (atoi(value) >= 0)) pstat.base = atoi(value); data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_open.c:61:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", pstat.pcount); data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_open.c:63:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", pstat.ssize); data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_open.c:65:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", pstat.base); data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_open.c:37:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd->fd_sys = open(fd->filename, amode, perm); data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_open.c:37:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd->fd_sys = open(fd->filename, amode, perm); data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_open.c:42:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd->fd_sys = open(fd->filename, amode, perm); data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_open.c:44:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd->fd_direct = open(fd->filename, amode_direct, perm); data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_read.c:62:20: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (err > 0) memcpy(buf, newbuf, err); data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_read.c:77:16: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (err > 0) memcpy(buf, newbuf, err); data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_write.c:61:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newbuf, buf, size); data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_write.c:76:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newbuf, buf, len); data/lam-7.1.4/romio/adio/common/ad_hints.c:41:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fd->hints->cb_buffer_size = atoi(ADIOI_CB_BUFFER_SIZE_DFLT); data/lam-7.1.4/romio/adio/common/ad_hints.c:55:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", nprocs); data/lam-7.1.4/romio/adio/common/ad_hints.c:65:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fd->hints->ind_rd_buffer_size = atoi(ADIOI_IND_RD_BUFFER_SIZE_DFLT); data/lam-7.1.4/romio/adio/common/ad_hints.c:69:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fd->hints->ind_wr_buffer_size = atoi(ADIOI_IND_WR_BUFFER_SIZE_DFLT); data/lam-7.1.4/romio/adio/common/ad_hints.c:86:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (flag && ((intval=atoi(value)) > 0)) { data/lam-7.1.4/romio/adio/common/ad_hints.c:215:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (flag && ((intval=atoi(value)) > 0)) { data/lam-7.1.4/romio/adio/common/ad_hints.c:232:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (flag && ((intval = atoi(value)) > 0)) { data/lam-7.1.4/romio/adio/common/ad_hints.c:239:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (flag && ((intval = atoi(value)) > 0)) { data/lam-7.1.4/romio/adio/common/ad_open.c:100:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fd->hints->ranklist, tmp_ranklist, sizeof(int) * rank_ct); data/lam-7.1.4/romio/adio/common/ad_open.c:106:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", rank_ct); data/lam-7.1.4/romio/adio/common/ad_read_coll.c:704:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp_buf, read_buf+real_size-for_next_iter, for_next_iter); data/lam-7.1.4/romio/adio/common/ad_read_coll.c:707:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(read_buf, tmp_buf, for_next_iter); data/lam-7.1.4/romio/adio/common/ad_read_coll.c:794:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (char *) ADIOI_Malloc(recv_size[i]); data/lam-7.1.4/romio/adio/common/ad_read_coll.c:894:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(((char *) buf) + user_buf_idx, \ data/lam-7.1.4/romio/adio/common/ad_read_str.c:24:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp_buf, readbuf+readbuf_len-partial_read, partial_read); \ data/lam-7.1.4/romio/adio/common/ad_read_str.c:27:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(readbuf, tmp_buf, partial_read); \ data/lam-7.1.4/romio/adio/common/ad_read_str.c:37:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)buf + userbuf_off, readbuf+req_off-readbuf_off, req_len); \ data/lam-7.1.4/romio/adio/common/ad_read_str.c:101:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_bufsize = atoi(value); data/lam-7.1.4/romio/adio/common/ad_write_coll.c:273:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). coll_bufsize = atoi(value); data/lam-7.1.4/romio/adio/common/ad_write_coll.c:645:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. send_buf[i] = (char *) ADIOI_Malloc(send_size[i]); data/lam-7.1.4/romio/adio/common/ad_write_coll.c:707:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(send_buf[p][send_buf_idx[p]]), \ data/lam-7.1.4/romio/adio/common/ad_write_str.c:32:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf+req_off-writebuf_off, (char *)buf +userbuf_off, write_sz);\ data/lam-7.1.4/romio/adio/common/ad_write_str.c:50:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf, (char *)buf + userbuf_off, write_sz);\ data/lam-7.1.4/romio/adio/common/ad_write_str.c:67:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf+req_off-writebuf_off, (char *)buf +userbuf_off, write_sz);\ data/lam-7.1.4/romio/adio/common/ad_write_str.c:77:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writebuf, (char *)buf + userbuf_off, write_sz);\ data/lam-7.1.4/romio/adio/common/ad_write_str.c:127:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_bufsize = atoi(value); data/lam-7.1.4/romio/adio/common/cb_config_list.c:90:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", fd->hints->cb_nodes); data/lam-7.1.4/romio/adio/common/cb_config_list.c:113:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char my_procname[MPI_MAX_PROCESSOR_NAME], **procname = 0; data/lam-7.1.4/romio/adio/common/error.c:14:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MPI_MAX_ERROR_STRING]; data/lam-7.1.4/romio/adio/common/shfp_fname.c:24:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *slash, *ptr, tmp[128]; data/lam-7.1.4/romio/adio/common/shfp_fname.c:58:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, ".shfp.%d", i); data/lam-7.1.4/romio/mpi-io/get_view.c:75:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(datarep, "native"); data/lam-7.1.4/romio/test/error.c:15:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[MPI_MAX_ERROR_STRING]; data/lam-7.1.4/romio/test/file_info.c:15:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *filename, key[MPI_MAX_INFO_KEY], value[MPI_MAX_INFO_VAL]; data/lam-7.1.4/romio/test/file_info.c:67:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). default_striping_factor = atoi(value); data/lam-7.1.4/romio/test/file_info.c:71:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(value) != 4194304) { data/lam-7.1.4/romio/test/file_info.c:74:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(value), 4194304); data/lam-7.1.4/romio/test/file_info.c:94:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(value) != 1) { data/lam-7.1.4/romio/test/file_info.c:96:66: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (verbose) fprintf(stderr, "cb_nodes is %d; should be %d\n", atoi(value), data/lam-7.1.4/romio/test/file_info.c:109:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(value) != 4194304) { data/lam-7.1.4/romio/test/file_info.c:112:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(value), 4194304); data/lam-7.1.4/romio/test/file_info.c:116:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(value) != 524288) { data/lam-7.1.4/romio/test/file_info.c:119:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(value), 524288); data/lam-7.1.4/romio/test/file_info.c:168:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", nprocs/2 ? 0 : 1); data/lam-7.1.4/romio/test/file_info.c:187:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", default_striping_factor-1); data/lam-7.1.4/romio/test/file_info.c:191:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", default_striping_factor); data/lam-7.1.4/romio/test/file_info.c:204:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(value, "%d", default_striping_factor-2); data/lam-7.1.4/romio/test/file_info.c:228:48: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ((default_striping_factor - 1 > 0) && (atoi(value) != default_striping_factor-1)) { data/lam-7.1.4/romio/test/file_info.c:231:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(value), default_striping_factor-1); data/lam-7.1.4/romio/test/file_info.c:233:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else if (atoi(value) != default_striping_factor) { data/lam-7.1.4/romio/test/file_info.c:236:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(value), default_striping_factor); data/lam-7.1.4/romio/test/file_info.c:240:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(value) != 8388608) { data/lam-7.1.4/romio/test/file_info.c:243:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(value), 8388608); data/lam-7.1.4/romio/test/file_info.c:261:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(value) != nprocs/2 ? 0 : 1) { data/lam-7.1.4/romio/test/file_info.c:263:66: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (verbose) fprintf(stderr, "cb_nodes is %d; should be %d\n", atoi(value), data/lam-7.1.4/romio/test/file_info.c:275:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(value) != 2097152) { data/lam-7.1.4/romio/test/file_info.c:278:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(value), 2097152); data/lam-7.1.4/romio/test/file_info.c:282:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(value) != 1048576) { data/lam-7.1.4/romio/test/file_info.c:285:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(value), 1048576); data/lam-7.1.4/romio/test/large_array.c:24:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/lam-7.1.4/romio/test/noncontig_coll2.c:43:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[MPI_MAX_ERROR_STRING]; data/lam-7.1.4/romio/test/noncontig_coll2.c:109:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char my_procname[MPI_MAX_PROCESSOR_NAME], **procname = 0; data/lam-7.1.4/share/args/all_argv.c:102:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arg[ARGSIZE]; /* single argument */ data/lam-7.1.4/share/args/all_argv.c:356:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arg[ARGSIZE]; /* single argument */ data/lam-7.1.4/share/args/all_opt.c:494:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opt1[2]; data/lam-7.1.4/share/args/all_opt.c:530:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char optstr[2]; /* 1-let opt. string */ data/lam-7.1.4/share/args/do_args.c:53:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opt[2]; data/lam-7.1.4/share/args/do_args.c:77:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opt[2]; data/lam-7.1.4/share/args/do_args.c:78:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char first[2]; data/lam-7.1.4/share/args/do_args.c:106:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opt[2]; data/lam-7.1.4/share/args/do_args.c:130:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opt[3]; data/lam-7.1.4/share/args/do_args.c:159:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opt[2]; data/lam-7.1.4/share/args/do_args.c:178:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opt[2]; data/lam-7.1.4/share/args/do_args.c:221:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opt[2]; data/lam-7.1.4/share/args/ndi_parse.c:189:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(fmt_str, "local"); data/lam-7.1.4/share/args/ndi_parse.c:199:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmt_str, "n%d", node); data/lam-7.1.4/share/args/parse_id.c:46:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fmt_str[16]; /* more than 16 long ain't mnemonic! */ data/lam-7.1.4/share/args/parse_id.c:326:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(fmt_str, "local"); data/lam-7.1.4/share/args/parse_id.c:336:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmt_str, "n%d (o)", node); data/lam-7.1.4/share/args/parse_id.c:338:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmt_str, "n%d", node); data/lam-7.1.4/share/args/parse_id.c:477:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &newid, (char *) p, sizeof(newid)); data/lam-7.1.4/share/boot/asc_parse.c:78:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(appfile, O_RDONLY, 0); data/lam-7.1.4/share/boot/asc_parse.c:250:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(cmdline, "x "); data/lam-7.1.4/share/boot/asc_parse.c:251:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cmdline + 2, buf, lsize); data/lam-7.1.4/share/boot/asc_schedule.c:50:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char * nodev[3]; /* default node spec */ data/lam-7.1.4/share/boot/bhostparse.c:82:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linebuf[LAM_MAX_PARSE_LINE]; data/lam-7.1.4/share/boot/bhostparse.c:95:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(filename, "r"); data/lam-7.1.4/share/boot/bhostparse.c:204:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ncpus = atoi(keyval->value); data/lam-7.1.4/share/boot/bhostparse.c:420:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lineno_str[20]; /* string for lineno */ data/lam-7.1.4/share/boot/hbootparse.c:95:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). conf_fp = fopen(conffile, "r"); data/lam-7.1.4/share/boot/lamnet.c:96:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[16]; data/lam-7.1.4/share/boot/proc_schema.c:41:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char line[PSC_MAXLINE]; data/lam-7.1.4/share/etc/T.c:293:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) nhead.nh_data, (char *) ndata, data/lam-7.1.4/share/etc/T.c:321:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) ndata, (char *) nhead.nh_data, data/lam-7.1.4/share/etc/T.c:367:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) nhead.nh_data, (char *) ndata, data/lam-7.1.4/share/etc/T.c:395:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) ndata, (char *) nhead.nh_data, data/lam-7.1.4/share/etc/T.c:451:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) nhead.nh_data, (char *) pdata, data/lam-7.1.4/share/etc/T.c:511:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) pdata, (char *) nhead.nh_data, data/lam-7.1.4/share/etc/all_array.c:89:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(la->la_array + (la->la_num_used * la->la_element_size), data/lam-7.1.4/share/etc/all_array.c:131:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(la->la_array + ((i + 1) * la->la_element_size), data/lam-7.1.4/share/etc/all_array.c:138:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(la->la_array + (before * la->la_element_size), element, data/lam-7.1.4/share/etc/all_array.c:196:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(la->la_array + (index * la->la_element_size), data/lam-7.1.4/share/etc/all_hash.c:187:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) p, (char *) elem, ahd->ah_elemsize); data/lam-7.1.4/share/etc/all_hash.c:377:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) p_min, (char *) elem, ahd->ah_elemsize); data/lam-7.1.4/share/etc/all_hash.c:534:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) ahd, (char *) new_ahd, sizeof(HASH)); data/lam-7.1.4/share/etc/all_list.c:158:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_char, (char *) unew, ald->al_elemsize); data/lam-7.1.4/share/etc/all_list.c:216:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_char, unew, ald->al_elemsize); data/lam-7.1.4/share/etc/all_queue.c:132:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, (char *) elem, aqd->aq_elemsize); data/lam-7.1.4/share/etc/all_queue.c:271:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) new_q, ((char *) aqd->aq_queue) + data/lam-7.1.4/share/etc/all_queue.c:281:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) new_q, ((char *) aqd->aq_queue) + data/lam-7.1.4/share/etc/all_queue.c:283:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) new_q + size, (char *) aqd->aq_queue, data/lam-7.1.4/share/etc/all_slist.c:176:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_char, (char *) unew, ald->al_elemsize); data/lam-7.1.4/share/etc/all_slist.c:234:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_char, (char *) unew, ald->al_elemsize); data/lam-7.1.4/share/etc/blktype.c:375:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. p = (char *) blkdesc[type - BLKLOW]; data/lam-7.1.4/share/etc/bootsockio.c:223:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXHOSTNAMELEN + 1]; data/lam-7.1.4/share/etc/combine.c:501:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf1 + nfull, buf2, nbytes); data/lam-7.1.4/share/etc/getinetaddr.c:55:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) hostaddr, p->h_addr, 4); data/lam-7.1.4/share/etc/kill.c:52:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char lam_tmpdir[MAXPATHLEN]; data/lam-7.1.4/share/etc/kill.c:54:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char lam_tmpdir_suffix[MAXPATHLEN]; data/lam-7.1.4/share/etc/kill.c:55:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char lam_tmpdir_prefix[MAXPATHLEN]; data/lam-7.1.4/share/etc/kill.c:82:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[MAXHOSTNAMELEN + 1]; data/lam-7.1.4/share/etc/lam_gethostby.c:42:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char h_byname_name[MAXHOSTNAMELEN + 1]; data/lam-7.1.4/share/etc/lam_gethostby.c:43:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char h_byaddr_name[MAXHOSTNAMELEN + 1]; data/lam-7.1.4/share/etc/lam_gethostby.c:45:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *h_byname_list[2]; data/lam-7.1.4/share/etc/lam_gethostby.c:46:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *h_byaddr_list[2]; data/lam-7.1.4/share/etc/lam_gethostby.c:48:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char h_byname_addr[4]; data/lam-7.1.4/share/etc/lam_gethostby.c:49:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char h_byaddr_addr[4]; data/lam-7.1.4/share/etc/lam_gethostby.c:77:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&s.sin_addr, name_resolver->h_addr_list[0], 4); data/lam-7.1.4/share/etc/lam_gethostby.c:109:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(h_byname_addr, &s.sin_addr, 4); data/lam-7.1.4/share/etc/lam_gethostby.c:137:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&s.sin_addr, addr, 4); data/lam-7.1.4/share/etc/lam_gethostby.c:155:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "%d", node); data/lam-7.1.4/share/etc/lam_gethostby.c:172:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(h_byaddr_addr, &s.sin_addr, 4); data/lam-7.1.4/share/etc/lam_gethostname.c:55:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "%d", currnode); data/lam-7.1.4/share/etc/lamdebug.c:158:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(filename, "/lam-"); data/lam-7.1.4/share/etc/lamdebug.c:164:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(filename, "debug.txt"); data/lam-7.1.4/share/etc/lamdebug.c:172:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). info[i].ldi_fd = open(filename, flags, 0644); data/lam-7.1.4/share/etc/mpiformout.c:55:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static CONST char *dtfull[TRDTMAX + 1] = { data/lam-7.1.4/share/etc/mpiformout.c:77:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static CONST char *dtshort[TRDTMAX + 1] = { data/lam-7.1.4/share/etc/mpiformout.c:118:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(str, "ANY"); data/lam-7.1.4/share/etc/mpiformout.c:121:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (lrank == -1) sprintf(str, "n%d,i%d", node, index); data/lam-7.1.4/share/etc/mpiformout.c:122:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. else sprintf(str, "n%d,i%d/%d", node, index, lrank); data/lam-7.1.4/share/etc/mpiformout.c:125:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (lrank == -1) sprintf(str, "%d", grank); data/lam-7.1.4/share/etc/mpiformout.c:126:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. else sprintf(str, "%d/%d", grank, lrank); data/lam-7.1.4/share/etc/mpiformout.c:151:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(str, "WORLD"); data/lam-7.1.4/share/etc/mpiformout.c:154:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(str, "SELF"); data/lam-7.1.4/share/etc/mpiformout.c:157:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "<%d>", cid); data/lam-7.1.4/share/etc/mpiformout.c:178:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(str, "ANY"); data/lam-7.1.4/share/etc/mpiformout.c:180:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%d", tag); data/lam-7.1.4/share/etc/mpiformout.c:208:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "<%d>", dtype); data/lam-7.1.4/share/etc/mpitr_com.c:92:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(*ptrcom, (char *) ptrc, len); data/lam-7.1.4/share/etc/mpitr_dtprint.c:58:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fmtbuf[80]; /* formatting buffer */ data/lam-7.1.4/share/etc/mpitr_dtprint.c:66:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *dtbasic[TRDTMAX + 1] = { data/lam-7.1.4/share/etc/mpitr_dtprint.c:337:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, " (%d, %d)", (*dtrace)->trd_length, data/lam-7.1.4/share/etc/mpitr_dtprint.c:382:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtbuf, "(%d, %d)", data/lam-7.1.4/share/etc/mpitr_dtype.c:133:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(*ptrdtype, (char *) ptrdt, ptrdt->trd_length); data/lam-7.1.4/share/etc/nodespin.c:47:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16]; data/lam-7.1.4/share/etc/pty.c:64:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[64]; data/lam-7.1.4/share/etc/pty.c:101:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(pts_name, "/dev/ptmx"); data/lam-7.1.4/share/etc/pty.c:102:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fdm = open(pts_name, O_RDWR)) < 0) { data/lam-7.1.4/share/etc/pty.c:134:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fds = open(pts_name, O_RDWR)) < 0) { data/lam-7.1.4/share/etc/pty.c:168:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(pts_name, "/dev/ptyXY"); data/lam-7.1.4/share/etc/pty.c:174:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fdm = open(pts_name, O_RDWR)) < 0) { data/lam-7.1.4/share/etc/pty.c:205:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fds = open(pts_name, O_RDWR)) < 0) { data/lam-7.1.4/share/etc/registry.c:123:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[FORMBUFLEN]; /* formatting buffer */ data/lam-7.1.4/share/etc/registry.c:143:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(reg_fname, O_WRONLY | O_APPEND | O_CREAT, 0600); data/lam-7.1.4/share/etc/registry.c:190:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char obj[MAXPATHLEN]; /* object name */ data/lam-7.1.4/share/etc/registry.c:200:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen(reg_fname, "r")) == 0) { data/lam-7.1.4/share/etc/registry.c:218:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((tmpf = fopen(reg_tmpname, "w")) == 0) { data/lam-7.1.4/share/etc/registry.c:257:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char obj[MAXPATHLEN]; /* object name */ data/lam-7.1.4/share/etc/registry.c:266:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen(reg_fname, "r")) == 0) { data/lam-7.1.4/share/etc/registry.c:278:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sysvid = atoi(obj); data/lam-7.1.4/share/etc/registry.c:284:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sysvid = atoi(obj); data/lam-7.1.4/share/etc/registry.c:322:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(fname, "/lam-registry"); data/lam-7.1.4/share/etc/registry.c:341:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(fname, "/lam-registry-tmp"); data/lam-7.1.4/share/etc/registry.c:361:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(fname, "/lam-registry-lock"); data/lam-7.1.4/share/etc/registry.c:377:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[256]; /* error message */ data/lam-7.1.4/share/etc/registry.c:413:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[128]; /* error message */ data/lam-7.1.4/share/etc/registry.c:481:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(reg_mylockname, O_RDWR | O_CREAT | O_EXCL, 0600); data/lam-7.1.4/share/etc/registry.c:520:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lockfd = open(reg_lockname, O_RDWR | O_CREAT | O_EXCL, 0600); data/lam-7.1.4/share/etc/registry.c:539:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lockfd = open(reg_mylockname, O_RDWR | O_CREAT, 0600); data/lam-7.1.4/share/etc/registry.c:542:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lockfd = open(reg_mylockname, O_RDWR, 0600); data/lam-7.1.4/share/etc/show_help.c:59:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *help_list[NUMHELPFILES]; data/lam-7.1.4/share/etc/show_help.c:83:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ret[LAM_PATH_MAX + 1]; data/lam-7.1.4/share/etc/show_help.c:85:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *env, temp[LAM_PATH_MAX + 1]; data/lam-7.1.4/share/etc/show_help.c:123:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[LAM_PATH_MAX + 1]; data/lam-7.1.4/share/etc/show_help.c:126:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(buffer, "r"); data/lam-7.1.4/share/etc/show_help.c:202:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFSIZ]; data/lam-7.1.4/share/etc/show_help.c:361:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num = atoi(line + i + 1); data/lam-7.1.4/share/etc/snprintf.c:75:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *t,d[10]; data/lam-7.1.4/share/etc/socket.c:150:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &srvaddr.sin_addr, (char *) hostaddr, 4); data/lam-7.1.4/share/etc/socket.c:198:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(addr, "/tmp/sfh-sXXXXXX"); data/lam-7.1.4/share/etc/socket.c:199:7: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). if (mkstemp(addr) == 0) { data/lam-7.1.4/share/etc/socket.c:568:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &(addr->sin_addr), (char *) hostaddr, 4); data/lam-7.1.4/share/etc/srfd.c:77:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1]; data/lam-7.1.4/share/etc/srfd.c:133:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fdbuf[CMSG_SPACE(sizeof(fd))]; data/lam-7.1.4/share/etc/srfd.c:134:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char commbuf[1]; data/lam-7.1.4/share/etc/srfd.c:159:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdptr, &fd, sizeof(int)); data/lam-7.1.4/share/etc/srfd.c:202:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1]; data/lam-7.1.4/share/etc/srfd.c:275:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1]; data/lam-7.1.4/share/etc/srfd.c:344:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1]; data/lam-7.1.4/share/etc/srfd.c:400:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fdbuf[CMSG_SPACE(sizeof(int))]; data/lam-7.1.4/share/etc/srfd.c:401:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char commbuf[1]; data/lam-7.1.4/share/etc/srfd.c:460:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1]; data/lam-7.1.4/share/etc/srfd.c:527:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1]; data/lam-7.1.4/share/etc/terror.c:124:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char anum[16]; /* ascii error code */ data/lam-7.1.4/share/etc/terror.c:192:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char emsgbuf[LAM_EMSGBUFLEN]; data/lam-7.1.4/share/etc/terror.c:210:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(emsgbuf, ": "); data/lam-7.1.4/share/etc/vsnprintf.c:72:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&arglist2, &arglist, sizeof(va_list)); data/lam-7.1.4/share/freq/lfopenfd.c:71:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fstdin[LAM_PATH_MAX]; data/lam-7.1.4/share/freq/lfopenfd.c:72:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fstdout[LAM_PATH_MAX]; data/lam-7.1.4/share/freq/lfopenfd.c:73:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fstderr[LAM_PATH_MAX]; data/lam-7.1.4/share/freq/lfopenfd.c:74:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[MAXNMSGLEN]; data/lam-7.1.4/share/freq/rfpathfind.c:40:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[MAXNMSGLEN]; data/lam-7.1.4/share/freq/rfstat.c:125:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, dest_size); data/lam-7.1.4/share/freq/rfstat.c:127:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, src_size); data/lam-7.1.4/share/freq/rfstate.c:46:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char hole[MAXNMSGLEN]; data/lam-7.1.4/share/freq/rfstate.c:115:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) ftbl, hole, data/lam-7.1.4/share/impi/iinit.c:84:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *rank_string, *server_string, *spawn_argv[30], *cmd = 0; data/lam-7.1.4/share/impi/iinit.c:266:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(orig_procs, *worlds, sizeof(struct _gps) * orig_procs_n); data/lam-7.1.4/share/impi/iinit.c:357:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gpss + start_rank, lam_gpss, sizeof(struct _gps) * lam_gpss_n); data/lam-7.1.4/share/include/boot.h:46:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void bhostparseline(char linebuf[LAM_MAX_PARSE_LINE], int lineno, data/lam-7.1.4/share/include/dl_inet.h:169:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dlf_msg[MAXNMSGLEN]; data/lam-7.1.4/share/include/freq.h:171:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fs_name[24]; /* file name */ data/lam-7.1.4/share/include/freq.h:175:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char source[MAXPATHLEN]; data/lam-7.1.4/share/include/freq.h:176:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest[MAXPATHLEN]; data/lam-7.1.4/share/include/impi.h:146:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ih_ipv6[16]; data/lam-7.1.4/share/include/kio.h:94:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *ki_arg[TNEXIT]; data/lam-7.1.4/share/include/lam-ssi-boot.h:177:52: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char agent_haddr[4], data/lam-7.1.4/share/include/lam-ssi.h:77:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ssi_kind_name[LAM_MPI_SSI_BASE_MAX_KIND_NAME_LEN]; data/lam-7.1.4/share/include/lam-ssi.h:84:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ssi_module_name[LAM_MPI_SSI_BASE_MAX_MODULE_NAME_LEN]; data/lam-7.1.4/share/include/mpi_apps.h:39:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char masi_name[LAM_MPI_SSI_BASE_MAX_MODULE_NAME_LEN]; data/lam-7.1.4/share/include/mpisys.h:151:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dt_name[MPI_MAX_OBJECT_NAME]; data/lam-7.1.4/share/include/mpisys.h:189:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c_name[MPI_MAX_OBJECT_NAME]; data/lam-7.1.4/share/include/mpisys.h:309:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ie_key[MPI_MAX_INFO_KEY + 1]; data/lam-7.1.4/share/include/mpisys.h:318:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prt_name[LAM_PORTLEN + 1]; data/lam-7.1.4/share/include/mpisys.h:458:31: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define lam_memcpy(a, b, c) memcpy((a), (b), (c)) data/lam-7.1.4/share/include/mpitrace.h:158:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tri_name[TRDPROGMAX]; /* application name */ data/lam-7.1.4/share/include/mpitrace.h:182:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trb_name[32]; data/lam-7.1.4/share/include/mpitrace.h:193:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char trcomm_name[128]; data/lam-7.1.4/share/include/net.h:153:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nf_msg[MAXNMSGLEN]; data/lam-7.1.4/share/include/portable.h:98:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define atoi4 atoi data/lam-7.1.4/share/include/portable.h:116:17: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define atoi4 atol data/lam-7.1.4/share/include/preq.h:104:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pq_name[PSMAXNAME]; /* program name */ data/lam-7.1.4/share/include/preq.h:105:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pq_wrkdir[LAM_PATH_MAX];/* program working dir */ data/lam-7.1.4/share/include/preq.h:144:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ps_name[PSMAXNAME]; data/lam-7.1.4/share/include/preq.h:145:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ps_loadpt[PSMAXNAME]; data/lam-7.1.4/share/include/preq.h:154:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pe_wrkdir[LAM_PATH_MAX]; data/lam-7.1.4/share/kreq/couter.c:108:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) pkq->kq_fyi, (char *) _kio.ki_fyi, data/lam-7.1.4/share/kreq/couter.c:151:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) pkq->kq_fyi, (char *) _kio.ki_fyi, data/lam-7.1.4/share/kreq/couter.c:222:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) pkq->kq_fyi, (char *) _kio.ki_fyi, data/lam-7.1.4/share/kreq/couter.c:305:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) pkq->kq_fyi, (char *) _kio.ki_fyi, data/lam-7.1.4/share/kreq/kstate.c:74:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) pstate->ks_fyi, (char *) reply.kr_fyi, data/lam-7.1.4/share/libltdl/ltdl.c:164:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[2048]; data/lam-7.1.4/share/libltdl/ltdl.c:376:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(dest, src, size) bcopy (src, dest, size) data/lam-7.1.4/share/libltdl/ltdl.c:376:37: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(dest, src, size) bcopy (src, dest, size) data/lam-7.1.4/share/libltdl/ltdl.c:378:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy rpl_memcpy data/lam-7.1.4/share/libltdl/ltdl.c:380:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static lt_ptr memcpy LT_PARAMS((lt_ptr dest, const lt_ptr src, size_t size)); data/lam-7.1.4/share/libltdl/ltdl.c:383:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dest, src, size) data/lam-7.1.4/share/libltdl/ltdl.c:456:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_specification[LT_FILENAME_MAX]; data/lam-7.1.4/share/libltdl/ltdl.c:472:14: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. (void) strcat(file_specification,"\\*.*"); data/lam-7.1.4/share/libltdl/ltdl.c:554:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (mem, ptr, size); data/lam-7.1.4/share/libltdl/ltdl.c:597:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (argz + *pargz_len, buf, buf_len); data/lam-7.1.4/share/libltdl/ltdl.c:716:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (before, entry, entry_len); data/lam-7.1.4/share/libltdl/ltdl.c:1321:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char self_name_buf[MAX_PATH]; data/lam-7.1.4/share/libltdl/ltdl.c:1360:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wpath[MAX_PATH]; data/lam-7.1.4/share/libltdl/ltdl.c:1896:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char saveError[256] = "Symbol not found"; data/lam-7.1.4/share/libltdl/ltdl.c:2759:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((*pfile = fopen (filename, LT_READTEXT_MODE))) data/lam-7.1.4/share/libltdl/ltdl.c:3215:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen (filename, LT_READTEXT_MODE); data/lam-7.1.4/share/libltdl/ltdl.c:3872:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lsym[LT_SYMBOL_LENGTH]; data/lam-7.1.4/share/libltdl/ltdl.c:3924:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(sym, "_LTX_"); data/lam-7.1.4/share/memory/darwin7/scalable_malloc.c:843:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_regions, szone->tiny_regions, INITIAL_NUM_TINY_REGIONS * sizeof(tiny_region_t)); data/lam-7.1.4/share/memory/darwin7/scalable_malloc.c:1595:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_regions, szone->small_regions, INITIAL_NUM_SMALL_REGIONS * sizeof(small_region_t)); data/lam-7.1.4/share/memory/darwin7/scalable_malloc.c:2285:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_huge_entries, old_huge_entries, num_huge_entries * sizeof(huge_entry_t)); data/lam-7.1.4/share/memory/darwin7/scalable_malloc.c:2701:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_ptr, ptr, old_size); data/lam-7.1.4/share/memory/darwin7/scalable_malloc.c:2971:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(info_to_fill, info, sizeof(unsigned)*count); data/lam-7.1.4/share/memory/darwin7/scalable_malloc.c:3186:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_ptr, ptr, old_size); data/lam-7.1.4/share/memory/darwin7/scalable_malloc.c:3241:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->szones[i], malloc_zones[i], sizeof(szone_t)); data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.c:445:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. void* memcpy(void*, const void*, size_t); data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.c:448:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. Void_t* memcpy(); data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.c:490:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. } else memcpy(dest, src, mcsz); \ data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.c:1764:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mALLOPt(M_TRIM_THRESHOLD, atoi(s)); data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.c:1766:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mALLOPt(M_TOP_PAD, atoi(s)); data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.c:1768:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mALLOPt(M_MMAP_THRESHOLD, atoi(s)); data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.c:1770:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mALLOPt(M_MMAP_MAX, atoi(s)); data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.c:1894:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). (dev_zero_fd = open("/dev/zero", O_RDWR), \ data/lam-7.1.4/share/memory/ptmalloc/t-test1.c:236:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 1) n_total_max = atoi(argv[1]); data/lam-7.1.4/share/memory/ptmalloc/t-test1.c:238:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 2) n_thr = atoi(argv[2]); data/lam-7.1.4/share/memory/ptmalloc/t-test1.c:241:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 3) i_max = atoi(argv[3]); data/lam-7.1.4/share/memory/ptmalloc/t-test1.c:243:22: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 4) size = atol(argv[4]); data/lam-7.1.4/share/memory/ptmalloc/t-test1.c:247:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 5) bins = atoi(argv[5]); data/lam-7.1.4/share/memory/ptmalloc/t-test2.c:206:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 1) n_total_max = atoi(argv[1]); data/lam-7.1.4/share/memory/ptmalloc/t-test2.c:208:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 2) n_thr = atoi(argv[2]); data/lam-7.1.4/share/memory/ptmalloc/t-test2.c:211:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 3) i_max = atoi(argv[3]); data/lam-7.1.4/share/memory/ptmalloc/t-test2.c:213:22: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 4) size = atol(argv[4]); data/lam-7.1.4/share/memory/ptmalloc/t-test2.c:217:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 5) bins = atoi(argv[5]); data/lam-7.1.4/share/memory/ptmalloc2/arena.c:395:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mALLOPt(M_TOP_PAD, atoi(&envline[9])); data/lam-7.1.4/share/memory/ptmalloc2/arena.c:399:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mALLOPt(M_MMAP_MAX, atoi(&envline[10])); data/lam-7.1.4/share/memory/ptmalloc2/arena.c:405:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mALLOPt(M_TRIM_THRESHOLD, atoi(&envline[16])); data/lam-7.1.4/share/memory/ptmalloc2/arena.c:407:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mALLOPt(M_MMAP_THRESHOLD, atoi(&envline[16])); data/lam-7.1.4/share/memory/ptmalloc2/arena.c:419:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mALLOPt(M_TRIM_THRESHOLD, atoi(s)); data/lam-7.1.4/share/memory/ptmalloc2/arena.c:421:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mALLOPt(M_TOP_PAD, atoi(s)); data/lam-7.1.4/share/memory/ptmalloc2/arena.c:423:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mALLOPt(M_MMAP_THRESHOLD, atoi(s)); data/lam-7.1.4/share/memory/ptmalloc2/arena.c:425:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mALLOPt(M_MMAP_MAX, atoi(s)); data/lam-7.1.4/share/memory/ptmalloc2/malloc.c:496:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define open __open data/lam-7.1.4/share/memory/ptmalloc2/malloc.c:563:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #ifndef memcpy /* LAM CHANGE */ data/lam-7.1.4/share/memory/ptmalloc2/malloc.c:564:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. void* memcpy(void*, const void*, size_t); data/lam-7.1.4/share/memory/ptmalloc2/malloc.c:568:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. Void_t* memcpy(); data/lam-7.1.4/share/memory/ptmalloc2/malloc.c:1570:41: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define MALLOC_COPY(dest, src, nbytes) memcpy(dest, src, nbytes) data/lam-7.1.4/share/memory/ptmalloc2/malloc.c:1652:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). (dev_zero_fd = open("/dev/zero", O_RDWR), \ data/lam-7.1.4/share/memory/ptmalloc2/t-test1.c:182:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2048*1024]; data/lam-7.1.4/share/memory/ptmalloc2/t-test1.c:205:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 1) n_total_max = atoi(argv[1]); data/lam-7.1.4/share/memory/ptmalloc2/t-test1.c:207:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 2) n_thr = atoi(argv[2]); data/lam-7.1.4/share/memory/ptmalloc2/t-test1.c:210:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 3) i_max = atoi(argv[3]); data/lam-7.1.4/share/memory/ptmalloc2/t-test1.c:212:22: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 4) size = atol(argv[4]); data/lam-7.1.4/share/memory/ptmalloc2/t-test1.c:216:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 5) bins = atoi(argv[5]); data/lam-7.1.4/share/memory/ptmalloc2/t-test2.c:149:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 1) n_total_max = atoi(argv[1]); data/lam-7.1.4/share/memory/ptmalloc2/t-test2.c:151:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 2) n_thr = atoi(argv[2]); data/lam-7.1.4/share/memory/ptmalloc2/t-test2.c:154:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 3) i_max = atoi(argv[3]); data/lam-7.1.4/share/memory/ptmalloc2/t-test2.c:156:22: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 4) size = atol(argv[4]); data/lam-7.1.4/share/memory/ptmalloc2/t-test2.c:160:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(argc > 5) bins = atoi(argv[5]); data/lam-7.1.4/share/mpi/cdup.c:205:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) (*newcomm)->c_topo_dims, data/lam-7.1.4/share/mpi/cdup.c:219:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) (*newcomm)->c_topo_index, data/lam-7.1.4/share/mpi/errstring.c:116:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MPI_MAX_ERROR_STRING]; /* error message buffer */ data/lam-7.1.4/share/mpi/errstring.c:133:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "MPI: no errors"); data/lam-7.1.4/share/mpi/errstring.c:146:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(buf, ": "); data/lam-7.1.4/share/mpi/errstring.c:152:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(buf, "unknown error class"); data/lam-7.1.4/share/mpi/errstring.c:157:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(buf, ": "); data/lam-7.1.4/share/mpi/f77/cgetname_f.c:37:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[MPI_MAX_OBJECT_NAME]; data/lam-7.1.4/share/mpi/f77/errstring_f.c:39:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errstring[MPI_MAX_ERROR_STRING + 1]; data/lam-7.1.4/share/mpi/f77/getprocname_f.c:38:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cname[MPI_MAX_PROCESSOR_NAME + 1]; data/lam-7.1.4/share/mpi/f77/infoget_f.c:41:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[MPI_MAX_INFO_VAL + 1]; data/lam-7.1.4/share/mpi/f77/infogetnth_f.c:37:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[MPI_MAX_INFO_KEY + 1]; data/lam-7.1.4/share/mpi/f77/init_f.c:35:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[2]; data/lam-7.1.4/share/mpi/f77/initthr_f.c:34:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[2]; data/lam-7.1.4/share/mpi/f77/portopen_f.c:40:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char port[MPI_MAX_PORT_NAME]; data/lam-7.1.4/share/mpi/f77/tgetname_f.c:37:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[MPI_MAX_OBJECT_NAME]; data/lam-7.1.4/share/mpi/f77/wgetname_f.c:37:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[MPI_MAX_OBJECT_NAME]; data/lam-7.1.4/share/mpi/gcmp.c:125:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) sort1, (char *) g1->g_procs, i); data/lam-7.1.4/share/mpi/gcmp.c:126:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) sort2, (char *) g2->g_procs, i); data/lam-7.1.4/share/mpi/gunion.c:139:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) gu->g_procs, (char *) g1->g_procs, data/lam-7.1.4/share/mpi/init.c:225:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). requested = atoi(env); data/lam-7.1.4/share/mpi/lamapps.c:97:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(myprocs, procs, sizeof(struct _proc *) * numprocs); data/lam-7.1.4/share/mpi/lamclocks.c:122:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(msg, (char *) skew, sizeof(float8)); data/lam-7.1.4/share/mpi/lamclocks.c:134:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) skew, msg, sizeof(float8)); data/lam-7.1.4/share/mpi/lamclocks.c:230:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &remote, imsg, sizeof(float8)); data/lam-7.1.4/share/mpi/lamclocks.c:238:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(omsg, (char *) &skew, sizeof(float8)); data/lam-7.1.4/share/mpi/lamclocks.c:291:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(omsg, (char *) &local, sizeof(float8)); data/lam-7.1.4/share/mpi/lamclocks.c:299:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) skew, imsg, sizeof(float8)); data/lam-7.1.4/share/mpi/lamdeferr.c:162:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mpierrmsg[MPI_MAX_ERROR_STRING]; data/lam-7.1.4/share/mpi/lamdeferr.c:163:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[MPI_MAX_OBJECT_NAME+1]; data/lam-7.1.4/share/mpi/laminit.c:171:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/share/mpi/laminit.c:175:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[128]; data/lam-7.1.4/share/mpi/laminit.c:176:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char num[128]; data/lam-7.1.4/share/mpi/laminit.c:369:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(trworld + 2 * sizeof(int4), (char *) procs, data/lam-7.1.4/share/mpi/laminit.c:441:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(comm->c_name, "MPI_COMM_WORLD"); data/lam-7.1.4/share/mpi/laminited.c:36:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char host[MAXHOSTNAMELEN]; data/lam-7.1.4/share/mpi/laminited.c:37:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pid[32]; data/lam-7.1.4/share/mpi/lammemcpy.c:55:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, size); data/lam-7.1.4/share/mpi/lammemcpy.c:60:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(((char *) dest) + size, ((char *) src) + size, nleft); data/lam-7.1.4/share/mpi/lammpiinit.c:222:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[MAXHOSTNAMELEN]; data/lam-7.1.4/share/mpi/lammpiinit.c:223:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pid[32]; data/lam-7.1.4/share/mpi/lammpiinit.c:588:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(maei.maei_crmpi.masi_name, "none"); data/lam-7.1.4/share/mpi/lammpiinit.c:822:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(comm->c_name, "MPI_COMM_SELF"); data/lam-7.1.4/share/mpi/lammpiinit.c:871:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(lam_comm_parent->c_name, "MPI_COMM_PARENT"); data/lam-7.1.4/share/mpi/lammpiinit.c:1011:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) MPI_F_COMPLEX, (char *) newdtype, sizeof(struct _dtype)); data/lam-7.1.4/share/mpi/lammpiinit.c:1017:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(MPI_F_COMPLEX->dt_name, "MPI_COMPLEX"); data/lam-7.1.4/share/mpi/lammpiinit.c:1025:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) MPI_F_DOUBLE_COMPLEX, (char *) newdtype, data/lam-7.1.4/share/mpi/lammpiinit.c:1032:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(MPI_F_DOUBLE_COMPLEX->dt_name, "MPI_DOUBLE_COMPLEX"); data/lam-7.1.4/share/mpi/lammpiinit.c:1056:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) MPI_CXX_COMPLEX, (char *) newdtype, data/lam-7.1.4/share/mpi/lammpiinit.c:1063:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(MPI_CXX_COMPLEX->dt_name, "MPI_COMPLEX"); data/lam-7.1.4/share/mpi/lammpiinit.c:1072:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) MPI_CXX_DOUBLE_COMPLEX, (char *) newdtype, data/lam-7.1.4/share/mpi/lammpiinit.c:1079:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(MPI_CXX_DOUBLE_COMPLEX->dt_name, "MPI_DOUBLE_COMPLEX"); data/lam-7.1.4/share/mpi/lammpiinit.c:1088:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) MPI_CXX_LONG_DOUBLE_COMPLEX, (char *) newdtype, data/lam-7.1.4/share/mpi/lammpiinit.c:1095:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(MPI_CXX_LONG_DOUBLE_COMPLEX->dt_name, "MPI_LONG_DOUBLE_COMPLEX"); data/lam-7.1.4/share/mpi/lammpiinit.c:1127:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) MPI_2INT, (char *) newdtype, sizeof(struct _dtype)); data/lam-7.1.4/share/mpi/lammpiinit.c:1132:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(MPI_2INT->dt_name, "MPI_2INT"); data/lam-7.1.4/share/mpi/lammpiinit.c:1151:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) MPI_FLOAT_INT, (char *) newdtype, sizeof(struct _dtype)); data/lam-7.1.4/share/mpi/lammpiinit.c:1156:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(MPI_FLOAT_INT->dt_name, "MPI_FLOAT_INT"); data/lam-7.1.4/share/mpi/lammpiinit.c:1175:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) MPI_DOUBLE_INT, (char *) newdtype, data/lam-7.1.4/share/mpi/lammpiinit.c:1181:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(MPI_DOUBLE_INT->dt_name, "MPI_DOUBLE_INT"); data/lam-7.1.4/share/mpi/lammpiinit.c:1200:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) MPI_LONG_DOUBLE_INT, data/lam-7.1.4/share/mpi/lammpiinit.c:1206:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(MPI_LONG_DOUBLE_INT->dt_name, "MPI_LONG_DOUBLE_INT"); data/lam-7.1.4/share/mpi/lammpiinit.c:1225:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) MPI_LONG_INT, (char *) newdtype, sizeof(struct _dtype)); data/lam-7.1.4/share/mpi/lammpiinit.c:1230:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(MPI_LONG_INT->dt_name, "MPI_LONG_INT"); data/lam-7.1.4/share/mpi/lammpiinit.c:1249:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) MPI_SHORT_INT, (char *) newdtype, sizeof(struct _dtype)); data/lam-7.1.4/share/mpi/lammpiinit.c:1254:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(MPI_SHORT_INT->dt_name, "MPI_SHORT_INT"); data/lam-7.1.4/share/mpi/lammpiinit.c:1262:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) MPI_F_2INTEGER, (char *) newdtype, data/lam-7.1.4/share/mpi/lammpiinit.c:1268:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(MPI_F_2INTEGER->dt_name, "MPI_2INTEGER"); data/lam-7.1.4/share/mpi/lammpiinit.c:1276:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) MPI_F_2REAL, (char *) newdtype, sizeof(struct _dtype)); data/lam-7.1.4/share/mpi/lammpiinit.c:1281:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(MPI_F_2REAL->dt_name, "MPI_2REAL"); data/lam-7.1.4/share/mpi/lammpiinit.c:1289:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) MPI_F_2DOUBLE_PRECISION, data/lam-7.1.4/share/mpi/lammpiinit.c:1295:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(MPI_F_2DOUBLE_PRECISION->dt_name, "MPI_2DOUBLE_PRECISION"); data/lam-7.1.4/share/mpi/lammpiinit.c:1966:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *env, hostname[BUFSIZ], node[BUFSIZ], pid[BUFSIZ], rank[BUFSIZ]; data/lam-7.1.4/share/mpi/lamsig.c:125:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[512]; data/lam-7.1.4/share/mpi/lamsig.c:126:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char extra[512]; data/lam-7.1.4/share/mpi/lamsig.c:150:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(extra, "signal %d", sig); data/lam-7.1.4/share/mpi/lamsig.c:191:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(prefix, "LAM IMPI client daemon"); data/lam-7.1.4/share/mpi/lamsig.c:194:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(prefix, "MPI process rank %d", lam_myproc->p_gps.gps_grank); data/lam-7.1.4/share/mpi/lamspawn.c:54:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mpiworld, world, world_n * sizeof(struct _gps)); data/lam-7.1.4/share/mpi/lamspawn.c:119:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arg1[LAM_MPI_SSI_BASE_MAX_MODULE_NAME_LEN * 2], data/lam-7.1.4/share/mpi/portopen.c:74:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(port.prt_name, "n%d:i%d:%d", lam_myproc->p_gps.gps_node, data/lam-7.1.4/share/mpi/spawn.c:721:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char schema[MPI_MAX_OBJECT_NAME]; data/lam-7.1.4/share/mpi/spawn.c:722:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[MPI_MAX_OBJECT_NAME]; data/lam-7.1.4/share/mpi/spawn.c:1011:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start = atoi(value + 1); data/lam-7.1.4/share/nreq/drecv.c:38:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &incoming, (char *) nhead, sizeof(struct nmsg)); data/lam-7.1.4/share/nreq/drecv.c:46:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) nhead->nh_data, (char *) incoming.nh_data, data/lam-7.1.4/share/nreq/nrecv.c:126:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) nhead->nh_data, (char *) incoming.nh_data, data/lam-7.1.4/share/nreq/precv.c:73:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sndaddr[4]; /* sender address */ data/lam-7.1.4/share/nreq/precv.c:94:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) sndaddr, (char *) protocol.nh_data, 4); data/lam-7.1.4/share/nreq/precv.c:187:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) nhead->nh_data, data/lam-7.1.4/share/nreq/psend.c:78:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[MAXHOSTNAMELEN]; /* host name */ data/lam-7.1.4/share/nreq/psend.c:79:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char hostaddr[4]; /* host address */ data/lam-7.1.4/share/nreq/psend.c:126:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) protocol.nh_data, (char *) hostaddr, 4); data/lam-7.1.4/share/rreq/getrent.c:128:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) rent, (char *) phit, sizeof(struct route)); data/lam-7.1.4/share/ssi/base/ssi_hostmap.c:71:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr_ntoa[16]; data/lam-7.1.4/share/ssi/base/ssi_hostmap.c:92:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(filename, "r"); data/lam-7.1.4/share/ssi/base/ssi_hostmap.c:159:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &ret, h->h_addr_list[0], sizeof(ret)); data/lam-7.1.4/share/ssi/base/ssi_module_find.c:413:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFSIZ], *p; data/lam-7.1.4/share/ssi/base/ssi_module_find.c:428:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen(depname, "r")) == NULL) { data/lam-7.1.4/share/ssi/base/ssi_module_find.c:501:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFSIZ]; data/lam-7.1.4/share/ssi/base/ssi_mpi_param.c:138:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). storage->intval = atoi(env); data/lam-7.1.4/share/ssi/base/ssi_param.c:374:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). storage->intval = atoi(env); data/lam-7.1.4/share/ssi/base/ssi_set_verbose.c:44:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[BUFSIZ]; data/lam-7.1.4/share/ssi/base/ssi_set_verbose.c:45:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mpi_file_suffix[BUFSIZ]; data/lam-7.1.4/share/ssi/base/ssi_set_verbose.c:152:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *level = atoi(ptr + 6); data/lam-7.1.4/share/ssi/boot/base/ssi_boot_client.c:46:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char agent_haddr[4] = { 0, 0, 0, 0 }; data/lam-7.1.4/share/ssi/boot/base/ssi_boot_client.c:56:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char agent_haddr[4] = { 0, 0, 0, 0 }; data/lam-7.1.4/share/ssi/boot/base/ssi_boot_client.c:70:58: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. lam_ssi_boot_base_send_lamd_info_args(OPT *aod, unsigned char agent_haddr[4], data/lam-7.1.4/share/ssi/boot/base/ssi_boot_client.c:170:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char haddr[4]; data/lam-7.1.4/share/ssi/boot/base/ssi_boot_do_args.c:60:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char address_buffer[BUFSIZ]; data/lam-7.1.4/share/ssi/boot/base/ssi_boot_ioexecvp.c:77:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[256]; /* string holding space */ data/lam-7.1.4/share/ssi/boot/base/ssi_boot_ioexecvp.c:232:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptr, temp, (ret > outbuffsize) ? outbuffsize : ret); data/lam-7.1.4/share/ssi/boot/base/ssi_boot_lamgrow.c:54:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostip[60]; data/lam-7.1.4/share/ssi/boot/base/ssi_boot_server.c:315:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ip_addr[32]; data/lam-7.1.4/share/ssi/boot/base/ssi_boot_server.c:316:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ip_port[32]; data/lam-7.1.4/share/ssi/boot/bproc/src/ssi_boot_bproc.c:333:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char node_status[100]; data/lam-7.1.4/share/ssi/boot/bproc/src/ssi_boot_bproc.c:1007:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&s.sin_addr, name_resolver->h_addr_list[0], 4); data/lam-7.1.4/share/ssi/boot/bproc/src/ssi_boot_bproc.c:1073:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char nodelist[BUFSIZ]; data/lam-7.1.4/share/ssi/boot/bproc/src/ssi_boot_bproc.c:1076:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. ptr += sprintf(nodelist, "%d", nodes[0]); data/lam-7.1.4/share/ssi/boot/bproc/src/ssi_boot_bproc.c:1078:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. ptr += sprintf(ptr, ",%d", nodes[i]); data/lam-7.1.4/share/ssi/boot/globus/src/ssi_boot_globus.c:526:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arg_buffer[BUFSIZ]; data/lam-7.1.4/share/ssi/boot/globus/src/ssi_boot_globus_inetexec.c:67:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char printable[BUFSIZ]; /* command to exec */ data/lam-7.1.4/share/ssi/boot/globus/src/ssi_boot_globus_inetexec.c:68:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remote_host[BUFSIZ]; /* username@hostname */ data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh.c:499:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arg_buffer[BUFSIZ]; data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh_inetexec.c:68:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char remote_host[BUFSIZ]; /* username@hostname */ data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh_inetexec.c:70:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shellpath[BUFSIZ]; /* return of 'echo $SHELL' */ data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh_inetexec.c:274:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char delim_str[2]; data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:295:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char short_hostname[BUFSIZ], buf[BUFSIZ]; data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:299:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *nnodes_arg = atoi(getenv("SLURM_NNODES")); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:359:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&nodes[i].lnd_addr.sin_addr, host_ptr->h_addr_list[0], data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:415:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&nodes[i].lnd_addr.sin_addr, host_ptr->h_addr_list[0], data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:642:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(e); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:656:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char agent_haddr[4] = { 0, 0, 0, 0 }; data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:899:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[32]; data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:1136:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *dot_ptr, path_name[BUFSIZ]; data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm_hostlist.c:148:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *str, temp1[BUFSIZ], temp2[BUFSIZ]; data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm_hostlist.c:163:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start = atoi(range + i); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm_hostlist.c:192:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). end = atoi(range + i); data/lam-7.1.4/share/ssi/boot/tm/src/ssi_boot_tm_bhost.c:163:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[TMINFOLEN + 1]; data/lam-7.1.4/share/ssi/coll/base/ssi_coll_finalize_comm.c:32:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[BUFSIZ]; data/lam-7.1.4/share/ssi/coll/base/ssi_coll_init_comm.c:78:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[BUFSIZ]; data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:105:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). lam_ssi_coll_base_crossover = atoi(e); data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:107:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). lam_ssi_coll_base_associative = atoi(e); data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:109:42: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). lam_ssi_coll_base_reduce_crossover = atoi(e); data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:112:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(e) > 1024) data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:113:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). lam_ssi_coll_base_shmem_message_pool_size = atoi(e); data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:115:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(e) > 0 && atoi(e) <= 16) data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:115:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(e) > 0 && atoi(e) <= 16) data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:116:46: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). lam_ssi_coll_base_shmem_num_segments = atoi(e); data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:213:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[LAM_MPI_SSI_BASE_MAX_MODULE_NAME_LEN]; data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_util.c:74:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char objs[2][32]; data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_util.c:150:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char obj[32]; data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_util.c:170:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(obj, "%d", shmem_id); data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_util.c:172:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(obj, "%d", sem_id); data/lam-7.1.4/share/ssi/coll/smp/src/ssi_coll_smp.c:262:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[MPI_MAX_OBJECT_NAME]; data/lam-7.1.4/share/ssi/coll/smp/src/ssi_coll_smp_util.c:108:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[MPI_MAX_OBJECT_NAME]; data/lam-7.1.4/share/ssi/crlam/base/ssi_crlam.c:271:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_CREAT|O_EXCL|O_RDWR, 0666); data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:402:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pid_arg[sizeof(int) * 8]; data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:509:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pid_arg[sizeof(int) * 8]; data/lam-7.1.4/share/ssi/crmpi/blcr/src/ssi_crmpi_blcr.c:264:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pid[10]; data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp.c:208:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[256]; data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp.c:209:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char suffix[256]; data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp.c:839:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(msg.cm_buf, send->rq_packbuf, send->rq_packsize); data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp.c:890:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(recv->rq_packbuf, send->rq_packbuf, len); data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp.c:1024:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char myrankstr[32]; data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp.c:1554:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &PUB(read), (char*) &PUB(full_fd_set), sizeof(fd_set)); data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp.c:1555:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &PUB(except), (char*) &PUB(full_fd_set), sizeof(fd_set)); data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_cr.c:188:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_cr.c:192:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[128]; data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_cr.c:193:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char num[128]; data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_low.c:170:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &readfds, (char *) &PUB(read), data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_low.c:172:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &writefds, (char *) &PUB(write), data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_low.c:174:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &exceptfds, (char *) &PUB(except), data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_low.c:385:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sink[512]; data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_low.c:2061:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sink[512]; /* data sink */ data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm.c:245:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[128]; data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm.c:246:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[128]; data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_actions.c:53:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char gm_version[BUFSIZ]; data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_actions.c:217:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[64]; data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_actions.c:571:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(env + 1, body, body_len); data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_cr.c:381:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_cr.c:385:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[128]; data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_cr.c:386:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char num[128]; data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_dreg.c:49:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char myrankstr[ERRORSTR_SIZE]; data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_dreg.c:50:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char lenstr[ERRORSTR_SIZE]; data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_fast.c:133:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(env + 1, buf, packsize); data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_fast.c:179:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mystring[GM_MAX_HOST_NAME_LEN + 128]; data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_tiny.c:173:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->rq_packbuf, env + 1, env->ge_len); data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_tiny.c:175:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->rq_packbuf, env + 1, req->rq_packsize); data/lam-7.1.4/share/ssi/rpi/gm/src/ssi_rpi_gm_util.c:43:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mystring[GM_MAX_HOST_NAME_LEN + 128]; data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib.c:244:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[128]; data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib.c:245:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[128]; data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_dreg.c:96:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(kp, ret + lam_ssi_rpi_ib_reg_env_len, size_of_keys); data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_dreg.c:183:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(((char *) buf + len - size_of_keys), &kp, size_of_keys); data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_hashmap.c:400:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->key, key, lmap->keysize); data/lam-7.1.4/share/ssi/rpi/ib/src/ssi_rpi_ib_hashmap.c:405:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(node->value, value, lmap->valuesize); data/lam-7.1.4/share/ssi/rpi/sysv/src/rpi_sysv_proc.h:50:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pb_pad[CACHELINESIZE]; data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_common.c:91:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char align[LAM_ALIGNMENT]; /* alignment */ data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_common.c:854:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char objs[2][32]; data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_common.c:904:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(objs[0], "%d", shmid); data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_common.c:905:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(objs[1], "%d", semid); data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_shm.c:125:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char objs[2][32]; data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_shm.c:143:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(objs[1], "%d", semid); data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_shm.c:190:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char obj[32]; data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_shm.c:219:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(obj, "%d", ps->cp_ppsem); data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_shm.c:237:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char obj[32]; data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_shm.c:263:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(obj, "%d", ps->cp_sem); data/lam-7.1.4/share/ssi/rpi/sysv/src/ssi_rpi_sysv_shm.c:265:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(obj, "%d", ps->cp_shm); data/lam-7.1.4/share/ssi/rpi/tcp/src/ssi_rpi_tcp.c:785:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char myrankstr[32]; data/lam-7.1.4/share/ssi/rpi/tcp/src/ssi_rpi_tcp_low.c:146:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &readfds, (char *) &lam_ssi_rpi_tcp_read, sizeof(fd_set)); data/lam-7.1.4/share/ssi/rpi/tcp/src/ssi_rpi_tcp_low.c:147:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &writefds, (char *) &lam_ssi_rpi_tcp_write, sizeof(fd_set)); data/lam-7.1.4/share/ssi/rpi/tcp/src/ssi_rpi_tcp_low.c:148:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) &exceptfds, (char *) &lam_ssi_rpi_tcp_except, data/lam-7.1.4/share/ssi/rpi/tcp/src/ssi_rpi_tcp_low.c:376:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sink[512]; /* data sink */ data/lam-7.1.4/share/ssi/rpi/tcp/src/ssi_rpi_tcp_low.c:1977:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sink[512]; /* data sink */ data/lam-7.1.4/share/ssi/rpi/usysv/src/rpi_usysv_proc.h:51:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pb_pad[CACHELINESIZE]; data/lam-7.1.4/share/ssi/rpi/usysv/src/ssi_rpi_usysv_common.c:93:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char align[LAM_ALIGNMENT]; /* alignment */ data/lam-7.1.4/share/ssi/rpi/usysv/src/ssi_rpi_usysv_common.c:868:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char objs[2][32]; data/lam-7.1.4/share/ssi/rpi/usysv/src/ssi_rpi_usysv_common.c:919:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(objs[0], "%d", shmid); data/lam-7.1.4/share/ssi/rpi/usysv/src/ssi_rpi_usysv_common.c:920:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(objs[1], "%d", semid); data/lam-7.1.4/share/ssi/rpi/usysv/src/ssi_rpi_usysv_shm.c:70:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char obj[32]; data/lam-7.1.4/share/ssi/rpi/usysv/src/ssi_rpi_usysv_shm.c:96:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(obj, "%d", ps->cp_sem); data/lam-7.1.4/share/ssi/rpi/usysv/src/ssi_rpi_usysv_shm.c:98:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(obj, "%d", ps->cp_shm); data/lam-7.1.4/share/totalview/src/dll_lam.c:102:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data [8]; data/lam-7.1.4/share/totalview/src/dll_lam.c:125:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[8]; data/lam-7.1.4/share/totalview/src/dll_lam.c:237:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(p_info->lam_comm_list[i].name, "-- unnamed --"); data/lam-7.1.4/share/totalview/src/lam_dll_defs.h:96:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[64]; /* name of comm */ data/lam-7.1.4/share/totalview/src/mpi_interface.h:221:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char image_name [FILENAME_MAX]; data/lam-7.1.4/share/totalview/src/mpi_interface.h:222:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host_name [64]; data/lam-7.1.4/share/totalview/src/mpi_interface.h:259:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[64]; /* the name if it has one */ data/lam-7.1.4/share/totalview/src/mpi_interface.h:294:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char extra_text[5][64]; data/lam-7.1.4/share/trillium/TRIL.c:66:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[2]; data/lam-7.1.4/share/trillium/ldolinks.c:54:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char packet[MAXNMSGLEN]; /* segment number */ data/lam-7.1.4/share/trillium/ldolinks.c:155:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(*ppdol + (*pndol - num), packet, len); data/lam-7.1.4/share/trillium/rbflook.c:110:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) pnh_look->nh_data, (char *) nhbf.nh_data, data/lam-7.1.4/share/trillium/rflat.c:196:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data + argsize, envs, *envsize + 1); data/lam-7.1.4/share/trillium/rget.c:103:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[FLPATHLEN]; data/lam-7.1.4/share/trillium/rhreq.c:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dummy[1024]; data/lam-7.1.4/share/trillium/rhreq.c:198:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char name[1024]; data/lam-7.1.4/share/trillium/rpcreate.c:74:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char server[LAM_PATH_MAX]; /* fd server socket name */ data/lam-7.1.4/share/trillium/rpgo.c:87:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char server[LAM_PATH_MAX]; /* fd server socket name */ data/lam-7.1.4/share/trillium/rtrname.c:207:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXNMSGLEN]; /* reply data buffer */ data/lam-7.1.4/share/trillium/rversion.c:40:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cached_string[MAXNMSGLEN]; data/lam-7.1.4/share/tstdio/iomap.c:87:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). return(open(fname, iomode, perm)); data/lam-7.1.4/share/tstdio/tprint.c:50:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char converted_arg[MAXLENGTH]; data/lam-7.1.4/share/tstdio/tscan.c:147:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ccltab[256]; /* character class table for %[...] */ data/lam-7.1.4/share/tstdio/tscan.c:148:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BUF]; /* buffer for numeric conversions */ data/lam-7.1.4/tools/hboot/hboot.c:63:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char rtfbuf[32]; /* RTF env. var. */ data/lam-7.1.4/tools/hboot/hboot.c:80:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; /* formatting buffer */ data/lam-7.1.4/tools/hboot/hboot.c:290:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(rtfbuf, "TROLLIUSRTF=%d", RTF_SYSGEN); data/lam-7.1.4/tools/hboot/hboot.c:355:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open("/dev/null", O_RDWR)) < 0) { data/lam-7.1.4/tools/hboot/hboot.c:385:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "[%d]", n); data/lam-7.1.4/tools/laminfo/laminfo.cc:455:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[BUFSIZ]; data/lam-7.1.4/tools/laminfo/laminfo.cc:539:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *default_value_string, temp[BUFSIZ]; data/lam-7.1.4/tools/laminfo/laminfo.cc:680:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[MAXHOSTNAMELEN]; data/lam-7.1.4/tools/tkill/tkill.c:62:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char extra[1024]; /* place for ASCII messages */ data/lam-7.1.4/tools/tkill/tkill.c:190:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd_kill = open(f_kill, O_RDWR, 0)) < 0) { data/lam-7.1.4/examples/romio/simple.c:53:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/otb/filedr/filedr.c:446:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(s); data/lam-7.1.4/otb/lamexec/lamexec.c:292:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(fmtbuf, " "); data/lam-7.1.4/otb/lamexec/lamexec.c:307:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(fmtbuf, " "); data/lam-7.1.4/otb/lamexec/lamexec.c:321:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(fmtbuf, " "); data/lam-7.1.4/otb/lamexec/lamexec.c:327:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). app = asc_bufparse(fmtbuf, strlen(fmtbuf), &lineno, env); data/lam-7.1.4/otb/lamexec/lamexec.c:599:2: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf, " "); data/lam-7.1.4/otb/lamgrow/lamgrow.c:530:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(02); data/lam-7.1.4/otb/lamgrow/lamgrow.c:535:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(fd, new_hostname, strlen(new_hostname)); data/lam-7.1.4/otb/lamrestart/lamrestart.c:109:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(lampath) + strlen("/mpirun") + 1; data/lam-7.1.4/otb/lamrestart/lamrestart.c:109:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(lampath) + strlen("/mpirun") + 1; data/lam-7.1.4/otb/lamtrace/lamtrace.c:246:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(fd, (char *) &nworld, sizeof(int4)) < 0) data/lam-7.1.4/otb/lamtrace/lamtrace.c:256:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(fd, (char *) world, sizeof(struct _gps) * nworld) < 0) data/lam-7.1.4/otb/mpirun/mpirun.c:752:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). app = asc_bufparse(fmtbuf, strlen(fmtbuf), &lineno, env); data/lam-7.1.4/otb/mpirun/mpirun.c:1543:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). slen1 = strlen(*src); data/lam-7.1.4/otb/mpirun/mpirun.c:1544:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). slen2 = strlen(suffix); data/lam-7.1.4/otb/mpirun/mpirun.c:1582:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size = strlen(server_string) + strlen(rank_string) + 4; data/lam-7.1.4/otb/mpirun/mpirun.c:1582:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size = strlen(server_string) + strlen(rank_string) + 4; data/lam-7.1.4/otb/mpirun/totalview.c:221:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_hostname = strlen(name); data/lam-7.1.4/otb/mpirun/totalview.c:248:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (char *) malloc(sizeof(char) * ( strlen(pp->asc_args->apa_argv[0]) data/lam-7.1.4/otb/mpirun/totalview.c:261:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (char *) malloc(sizeof(char) * (strlen(cwd) + data/lam-7.1.4/otb/mpirun/totalview.c:262:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(pp->asc_args->apa_argv[0]) data/lam-7.1.4/otb/mpirun/totalview.c:269:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(MPIR_proctable[j].executable_name, "/"); data/lam-7.1.4/otb/mpirun/totalview.c:283:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (char *) malloc(sizeof(char) * (strlen(cwd) + data/lam-7.1.4/otb/mpirun/totalview.c:284:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(pp->asc_args->apa_argv[0]) data/lam-7.1.4/otb/mpirun/totalview.c:291:2: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(MPIR_proctable[j].executable_name, "/"); data/lam-7.1.4/otb/mpirun/totalview.c:299:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (char *) malloc(sizeof(char) * (strlen(executable_path) + 1 )); data/lam-7.1.4/otb/mpitask/mpitask.c:649:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf, " "); data/lam-7.1.4/otb/sys/bforward/bw_main.c:61:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/lam-7.1.4/otb/sys/bufferd/bf_main.c:60:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/lam-7.1.4/otb/sys/dli_inet/di_main.c:69:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/lam-7.1.4/otb/sys/dlo_inet/do_main.c:58:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/lam-7.1.4/otb/sys/echod/e_main.c:61:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/lam-7.1.4/otb/sys/filed/f_main.c:60:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/lam-7.1.4/otb/sys/filed/fface.c:69:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). { return(read(fd, buf, nbytes)); } data/lam-7.1.4/otb/sys/filed/fqopen.c:196:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). f->f_name = malloc((unsigned) (strlen(fbuf) + 1)); data/lam-7.1.4/otb/sys/filed/fqopenfd.c:272:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). f->f_name = malloc((unsigned) (strlen(fname) + 1)); data/lam-7.1.4/otb/sys/filed/fqpathfind.c:62:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(fbuf) == 0) { data/lam-7.1.4/otb/sys/filed/fqpathfind.c:70:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dir = fbuf + strlen(fbuf) + 1; data/lam-7.1.4/otb/sys/filed/fqpathfind.c:84:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = LAM_min(strlen(filename), MAXNMSGLEN - 1); data/lam-7.1.4/otb/sys/filed/fqsimplex.c:316:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). 0, INT4_NIL, (int4) strlen(fbuf) + 1, INT4_NIL); data/lam-7.1.4/otb/sys/flatd/fl_main.c:67:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/lam-7.1.4/otb/sys/haltd/h_main.c:60:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/lam-7.1.4/otb/sys/impid/dance.c:119:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (hostname != NULL && strlen(hostname) > 0) { data/lam-7.1.4/otb/sys/impid/dance.c:120:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (my_hostname, hostname, LAM_MAXHOSTNAMELEN); data/lam-7.1.4/otb/sys/iod/io_main.c:60:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/lam-7.1.4/otb/sys/iod/iod.c:215:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (((nread = read(fd, iobuf, MAXNMSGLEN)) < 0) && (errno == EINTR)); data/lam-7.1.4/otb/sys/kenyad/p_main.c:68:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). original_umask = umask(077); data/lam-7.1.4/otb/sys/kenyad/pqcreate.c:379:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(avfd, args, (int) avstat.st_size) < 0) { data/lam-7.1.4/otb/sys/kenyad/pqcreate.c:429:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(args); data/lam-7.1.4/otb/sys/kenyad/pqcreate.c:551:2: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(dir, ""); data/lam-7.1.4/otb/sys/kenyad/pqdetach.c:235:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(pq.pq_name) + 1); data/lam-7.1.4/otb/sys/kenyad/pqdetach.c:256:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pattach->p_loadpt = malloc((unsigned) strlen(pq.pq_name) + 1); data/lam-7.1.4/otb/sys/kenyad/pqdetach.c:371:2: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read(diedfd, &i, sizeof(i)); data/lam-7.1.4/otb/sys/kernel/k_main.c:62:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/lam-7.1.4/otb/sys/kernel/kernelio.c:166:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode = umask(0177); data/lam-7.1.4/otb/sys/kernel/kernelio.c:205:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(addr_file) > sizeof(kernel_un.sun_path)) { data/lam-7.1.4/otb/sys/kernel/kernelio.c:211:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy((char *) kernel_un.sun_path, addr_file, strlen(addr_file) + 1); data/lam-7.1.4/otb/sys/kernel/kernelio.c:215:3: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(kernel_un.sun_path) + 1; data/lam-7.1.4/otb/sys/kernel/kernelio.c:218:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(kernel_un.sun_path) + sizeof(kernel_un.sun_family); data/lam-7.1.4/otb/sys/kernel/kernelio.c:278:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/otb/sys/lamd/lamd_main.c:61:20: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). original_umask = umask(077); data/lam-7.1.4/otb/sys/loadd/l_main.c:61:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/lam-7.1.4/otb/sys/loadd/loadd.c:166:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(fdesc, filebuf, ldlength) < 0) lampanic("loadd (read)"); data/lam-7.1.4/otb/sys/router/r_main.c:61:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/lam-7.1.4/otb/sys/traced/tr_main.c:61:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/lam-7.1.4/otb/sys/traced/trbuf.c:436:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). data = bfound->trb_buffer + strlen(bfound->trb_buffer) + 1; data/lam-7.1.4/otb/sys/traced/trbuf.c:438:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). reply.trr_length = strlen(data) + 1; data/lam-7.1.4/otb/sys/versiond/v_main.c:61:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/lam-7.1.4/otb/sys/versiond/versiond.c:56:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(LAM_VERSION) + 1; data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_open.c:19:13: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). old_mask = umask(022); data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_open.c:20:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_read.c:38:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, buf, len); data/lam-7.1.4/romio/adio/ad_hfs/ad_hfs_read.c:45:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, buf, len); data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_getsh.c:35:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->shared_fp_fd->fd_sys, shared_fp, sizeof(ADIO_Offset)); data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_getsh.c:43:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->shared_fp_fd->fd_sys, shared_fp, sizeof(ADIO_Offset)); data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_open.c:20:13: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). old_mask = umask(022); data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_open.c:21:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_read.c:30:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, buf, len); data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_read.c:42:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, buf, len); data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_read.c:73:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, readbuf, readbuf_len);\ data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_read.c:90:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, readbuf+partial_read, readbuf_len-partial_read);\ data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_read.c:169:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, readbuf, readbuf_len); data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_read.c:286:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, readbuf, readbuf_len); data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_wait.c:35:44: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. while (tmp->aio_return == AIO_INPROGRESS) usleep(1000); data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_write.c:74:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, writebuf, writebuf_len); \ data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_write.c:93:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, writebuf, writebuf_len); \ data/lam-7.1.4/romio/adio/ad_nfs/ad_nfs_write.c:323:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, writebuf, writebuf_len); data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_hints.c:69:15: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). old_mask = umask(022); data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_hints.c:70:4: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_open.c:24:13: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). old_mask = umask(022); data/lam-7.1.4/romio/adio/ad_pfs/ad_pfs_open.c:25:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_hints.c:72:15: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). old_mask = umask(022); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_hints.c:73:4: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_hints.c:83:19: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. if (!slash) strcpy(path, "."); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_open.c:24:13: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). old_mask = umask(022); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_open.c:25:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_read.c:39:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, buf, len); data/lam-7.1.4/romio/adio/ad_piofs/ad_piofs_read.c:59:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, buf, len); data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_open.c:22:13: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). old_mask = umask(022); data/lam-7.1.4/romio/adio/ad_pvfs/ad_pvfs_open.c:23:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_open.c:19:13: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). old_mask = umask(022); data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_open.c:20:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_read.c:26:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, buf, len); data/lam-7.1.4/romio/adio/ad_sfs/ad_sfs_read.c:33:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, buf, len); data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_open.c:19:13: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). old_mask = umask(022); data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_open.c:20:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_read.c:26:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, buf, len); data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_read.c:33:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). err = read(fd->fd_sys, buf, len); data/lam-7.1.4/romio/adio/ad_ufs/ad_ufs_wait.c:35:44: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. while (tmp->aio_return == AIO_INPROGRESS) usleep(1000); data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_open.c:21:13: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). old_mask = umask(022); data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_open.c:22:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(old_mask); data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_read.c:59:21: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. newbuf = (void *) memalign(XFS_MEMALIGN, size); data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_read.c:74:24: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. newbuf = (void *) memalign(XFS_MEMALIGN, len); data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_write.c:59:21: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. newbuf = (void *) memalign(XFS_MEMALIGN, size); data/lam-7.1.4/romio/adio/ad_xfs/ad_xfs_write.c:74:24: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. newbuf = (void *) memalign(XFS_MEMALIGN, len); data/lam-7.1.4/romio/adio/common/ad_fstype.c:117:17: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. if (!slash) strcpy(dir, "."); data/lam-7.1.4/romio/adio/common/ad_hints.c:254:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fd->hints->cb_config_list = ADIOI_Malloc((strlen(value)+1) * sizeof(char)); data/lam-7.1.4/romio/adio/common/ad_hints.c:272:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fd->hints->cb_config_list = ADIOI_Malloc((strlen(ADIOI_CB_CONFIG_LIST_DFLT)+1) * sizeof(char)); data/lam-7.1.4/romio/adio/common/malloc.c:38:20: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. new = (void *) memalign(XFS_MEMALIGN, size); data/lam-7.1.4/romio/adio/common/shfp_fname.c:44:6: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(fd->shared_fp_fname, "."); data/lam-7.1.4/romio/adio/common/shfp_fname.c:54:6: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(slash + 1, "."); data/lam-7.1.4/romio/adio/common/shfp_fname.c:61:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(fd->shared_fp_fname); data/lam-7.1.4/romio/mpi-io/fortran/get_viewf.c:125:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmpreplen = strlen(tmprep); data/lam-7.1.4/romio/mpi-io/fortran/get_viewf.c:175:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmpreplen = strlen(tmprep); data/lam-7.1.4/romio/mpi2-other/info/fortran/info_deletef.c:114:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(newkey, key, new_keylen); data/lam-7.1.4/romio/mpi2-other/info/fortran/info_getf.c:115:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(newkey, key, new_keylen); data/lam-7.1.4/romio/mpi2-other/info/fortran/info_getf.c:137:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmpvaluelen = strlen(tmpvalue); data/lam-7.1.4/romio/mpi2-other/info/fortran/info_getf.c:138:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(value, tmpvalue, tmpvaluelen); data/lam-7.1.4/romio/mpi2-other/info/fortran/info_getnthf.c:104:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmpkeylen = strlen(tmpkey); data/lam-7.1.4/romio/mpi2-other/info/fortran/info_getnthf.c:107:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(key, tmpkey, tmpkeylen); data/lam-7.1.4/romio/mpi2-other/info/fortran/info_getnthf.c:114:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(key, tmpkey, keylen); data/lam-7.1.4/romio/mpi2-other/info/fortran/info_getvlnf.c:115:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(newkey, key, new_keylen); data/lam-7.1.4/romio/mpi2-other/info/fortran/info_setf.c:120:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(newkey, key, new_keylen); data/lam-7.1.4/romio/mpi2-other/info/fortran/info_setf.c:139:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(newvalue, value, new_vallen); data/lam-7.1.4/romio/mpi2-other/info/info_delete.c:51:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(key) > MPI_MAX_INFO_KEY) { data/lam-7.1.4/romio/mpi2-other/info/info_delete.c:56:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(key)) { data/lam-7.1.4/romio/mpi2-other/info/info_get.c:55:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(key) > MPI_MAX_INFO_KEY) { data/lam-7.1.4/romio/mpi2-other/info/info_get.c:60:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(key)) { data/lam-7.1.4/romio/mpi2-other/info/info_get.c:80:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(value, curr->value, valuelen); data/lam-7.1.4/romio/mpi2-other/info/info_getvln.c:54:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(key) > MPI_MAX_INFO_KEY) { data/lam-7.1.4/romio/mpi2-other/info/info_getvln.c:59:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(key)) { data/lam-7.1.4/romio/mpi2-other/info/info_getvln.c:69:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *valuelen = strlen(curr->value); data/lam-7.1.4/romio/mpi2-other/info/info_set.c:56:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(key) > MPI_MAX_INFO_KEY) { data/lam-7.1.4/romio/mpi2-other/info/info_set.c:61:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(value) > MPI_MAX_INFO_VAL) { data/lam-7.1.4/romio/mpi2-other/info/info_set.c:66:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(key)) { data/lam-7.1.4/romio/mpi2-other/info/info_set.c:71:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(value)) { data/lam-7.1.4/romio/test/async.c:38:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/atomicity.c:42:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/coll_perf.c:47:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/coll_test.c:47:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/error.c:38:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/excl.c:32:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/file_info.c:36:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/i_noncontig.c:44:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/large_array.c:47:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/noncontig.c:44:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/noncontig_coll.c:43:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/noncontig_coll2.c:242:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ptr, len, array->names[i]); data/lam-7.1.4/romio/test/noncontig_coll2.c:251:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dest[strlen(dest) - 1] = '\0'; data/lam-7.1.4/romio/test/noncontig_coll2.c:265:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dest[strlen(dest) - 1] = '\0'; data/lam-7.1.4/romio/test/noncontig_coll2.c:286:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dest[strlen(dest) - 1] = '\0'; data/lam-7.1.4/romio/test/noncontig_coll2.c:305:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dest[strlen(dest) - 1] = '\0'; data/lam-7.1.4/romio/test/noncontig_coll2.c:336:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/noncontig_coll2.c:363:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cb_config_len += strlen(array->names[i]) + 1; data/lam-7.1.4/romio/test/perf.c:39:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/psimple.c:40:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/shared_fp.c:35:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/simple.c:37:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/split_coll.c:47:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/romio/test/status.c:35:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*argv); data/lam-7.1.4/share/args/all_argv.c:60:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (*argv)[*argc] = (char*) malloc((unsigned) strlen(arg) + 1); data/lam-7.1.4/share/args/all_argv.c:208:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len += strlen(*p) + 1; data/lam-7.1.4/share/args/all_argv.c:260:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length += strlen(*p) + 1 + sizeof(char *); data/lam-7.1.4/share/args/all_argv.c:462:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(s); data/lam-7.1.4/share/args/all_opt.c:433:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sizeof(struct ao_opt) + strlen(opt) + 1); data/lam-7.1.4/share/args/all_opt.c:546:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(popt->aoo_string) > 1) { data/lam-7.1.4/share/args/all_opt.c:712:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str += strlen(str); data/lam-7.1.4/share/args/ndi_parse.c:187:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(fmt_str, "?"); data/lam-7.1.4/share/args/ndi_parse.c:191:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(fmt_str, "N"); data/lam-7.1.4/share/args/ndi_parse.c:197:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(fmt_str, "C"); data/lam-7.1.4/share/args/parse_id.c:324:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(fmt_str, "?"); data/lam-7.1.4/share/args/parse_id.c:328:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(fmt_str, "N"); data/lam-7.1.4/share/args/parse_id.c:334:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(fmt_str, "C"); data/lam-7.1.4/share/boot/asc_parse.c:84:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nbytes = read(fd, filebuf, bufsize); data/lam-7.1.4/share/boot/asc_parse.c:564:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(argv[i]) > 1 && data/lam-7.1.4/share/boot/asc_parse.c:701:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). v = varlist + strlen(varlist); data/lam-7.1.4/share/boot/asc_parse.c:744:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(var); data/lam-7.1.4/share/boot/asc_parse.c:772:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((var = malloc(strlen(v) + strlen(val) + 2)) == 0) data/lam-7.1.4/share/boot/asc_parse.c:772:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((var = malloc(strlen(v) + strlen(val) + 2)) == 0) data/lam-7.1.4/share/boot/asc_parse.c:775:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(var, "="); data/lam-7.1.4/share/boot/asc_run.c:258:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(env.pe_wrkdir, ""); data/lam-7.1.4/share/boot/bhostparse.c:123:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen(linecopy); data/lam-7.1.4/share/boot/bhostparse.c:356:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lamnet[node].lnd_hname = malloc((unsigned) strlen(host) + 1); data/lam-7.1.4/share/boot/bhostparse.c:371:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lamnet[node].lnd_uname = malloc((unsigned) strlen(user) + 1); data/lam-7.1.4/share/boot/hbootparse.c:114:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). prefix_len = 24 + strlen(opt_prefix); data/lam-7.1.4/share/boot/hbootparse.c:125:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). suffix_len = 24 + strlen(opt_suffix); data/lam-7.1.4/share/boot/hbootparse.c:144:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pathprefix_len = strlen(opt_pathprefix) + strlen("/bin/") + 1; data/lam-7.1.4/share/boot/hbootparse.c:144:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pathprefix_len = strlen(opt_pathprefix) + strlen("/bin/") + 1; data/lam-7.1.4/share/boot/hbootparse.c:227:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). override = malloc((unsigned) (strlen(var) + strlen(opt) + 2)); data/lam-7.1.4/share/boot/hbootparse.c:227:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). override = malloc((unsigned) (strlen(var) + strlen(opt) + 2)); data/lam-7.1.4/share/boot/hbootparse.c:234:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(override, " "); data/lam-7.1.4/share/boot/proc_schema.c:163:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). full = (char *) malloc((strlen(prefix) data/lam-7.1.4/share/boot/proc_schema.c:164:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). + strlen(p->psc_argv[0]) + 1) data/lam-7.1.4/share/boot/proc_schema.c:222:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strncmp(*p, var, strlen(var))) data/lam-7.1.4/share/etc/bootsockio.c:288:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name_len = is_hostname ? strlen((char*) hostaddr_or_name) : 0; data/lam-7.1.4/share/etc/itoa.c:64:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0, j = strlen(s) - 1; i < j; i++, j--) { data/lam-7.1.4/share/etc/kill.c:151:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(tmpsuffix) + strlen(LAM_SUFFIX_ENV) + 2; data/lam-7.1.4/share/etc/kill.c:151:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(tmpsuffix) + strlen(LAM_SUFFIX_ENV) + 2; data/lam-7.1.4/share/etc/kill.c:518:10: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode = umask(077); data/lam-7.1.4/share/etc/kill.c:522:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/kill.c:555:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retstrlen = strlen(tmp) + strlen("pbs-") + 2; data/lam-7.1.4/share/etc/kill.c:555:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retstrlen = strlen(tmp) + strlen("pbs-") + 2; data/lam-7.1.4/share/etc/kill.c:562:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retstrlen = strlen(tmp) + strlen("slurm-") + 2; data/lam-7.1.4/share/etc/kill.c:562:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retstrlen = strlen(tmp) + strlen("slurm-") + 2; data/lam-7.1.4/share/etc/kill.c:570:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retstrlen = strlen(tmp) + strlen(tmp2) + strlen("lsf--") + 2; data/lam-7.1.4/share/etc/kill.c:570:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retstrlen = strlen(tmp) + strlen(tmp2) + strlen("lsf--") + 2; data/lam-7.1.4/share/etc/kill.c:570:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retstrlen = strlen(tmp) + strlen(tmp2) + strlen("lsf--") + 2; data/lam-7.1.4/share/etc/kill.c:582:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retstrlen = strlen("sge-") + strlen(tmp) + strlen(tmp2) + 3; data/lam-7.1.4/share/etc/kill.c:582:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retstrlen = strlen("sge-") + strlen(tmp) + strlen(tmp2) + 3; data/lam-7.1.4/share/etc/kill.c:582:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retstrlen = strlen("sge-") + strlen(tmp) + strlen(tmp2) + 3; data/lam-7.1.4/share/etc/lam_gethostby.c:95:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (MAXHOSTNAMELEN <= strlen(tmp)) { data/lam-7.1.4/share/etc/lam_gethostby.c:157:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (MAXHOSTNAMELEN <= strlen(tmp)) { data/lam-7.1.4/share/etc/lam_gethostname.c:57:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (len <= strlen(tmp)) { data/lam-7.1.4/share/etc/lamdebug.c:143:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). info[i].ldi_prefix_len = strlen(lds->lds_prefix); data/lam-7.1.4/share/etc/lamdebug.c:285:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). total_len = len = strlen(str); data/lam-7.1.4/share/etc/lamdebug.c:291:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). total_len += strlen(ldi->ldi_prefix); data/lam-7.1.4/share/etc/mpiformout.c:160:18: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (collective) strcat(str, "*"); data/lam-7.1.4/share/etc/mpitr_dtprint.c:272:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). colcount += strlen(fmtbuf); data/lam-7.1.4/share/etc/mpitr_dtprint.c:301:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). colcount += strlen(fmtbuf); data/lam-7.1.4/share/etc/mpitr_dtprint.c:334:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). colcount += strlen(fmtbuf); data/lam-7.1.4/share/etc/mpitr_dtprint.c:343:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). colcount += strlen(fmtbuf); data/lam-7.1.4/share/etc/mpitr_dtprint.c:388:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). colcount += strlen(fmtbuf); data/lam-7.1.4/share/etc/mpitr_dtprint.c:407:13: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (obuf) strcat(obuf, "\n"); data/lam-7.1.4/share/etc/mpitr_dtprint.c:417:39: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. for (; colcount < lev; ++colcount) strcat(obuf, " "); data/lam-7.1.4/share/etc/mpitr_dtprint.c:419:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(obuf, " "); data/lam-7.1.4/share/etc/mrw.c:49:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(fd, buf, nbytes); data/lam-7.1.4/share/etc/pathsearch.c:104:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pfix = malloc((unsigned) strlen(env) + strlen(delimit) + 1); data/lam-7.1.4/share/etc/pathsearch.c:104:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pfix = malloc((unsigned) strlen(env) + strlen(delimit) + 1); data/lam-7.1.4/share/etc/pathsearch.c:229:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fullpath = malloc((unsigned) strlen(path) + strlen(fname) + 2); data/lam-7.1.4/share/etc/pathsearch.c:229:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fullpath = malloc((unsigned) strlen(path) + strlen(fname) + 2); data/lam-7.1.4/share/etc/pathsearch.c:232:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(path) > 0) { data/lam-7.1.4/share/etc/pathsearch.c:310:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(var); data/lam-7.1.4/share/etc/pty.c:68:10: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode = umask(077); data/lam-7.1.4/share/etc/pty.c:70:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:75:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:100:12: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode = umask(077); data/lam-7.1.4/share/etc/pty.c:103:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:108:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:113:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:118:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:121:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:133:12: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode = umask(077); data/lam-7.1.4/share/etc/pty.c:136:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:142:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:148:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:151:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:167:12: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode = umask(077); data/lam-7.1.4/share/etc/pty.c:176:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:184:6: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:188:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:200:12: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode = umask(077); data/lam-7.1.4/share/etc/pty.c:207:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/pty.c:210:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/registry.c:159:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(fd, buf, strlen(buf)); data/lam-7.1.4/share/etc/show_help.c:84:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int i, j, out, len = strlen(vars[which]); data/lam-7.1.4/share/etc/show_help.c:110:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). out = strlen(ret); data/lam-7.1.4/share/etc/show_help.c:146:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = 64 + strlen(LAM_VERSION); data/lam-7.1.4/share/etc/show_help.c:246:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str = malloc(strlen(program) + strlen(topic) + 16); data/lam-7.1.4/share/etc/show_help.c:246:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str = malloc(strlen(program) + strlen(topic) + 16); data/lam-7.1.4/share/etc/show_help.c:248:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/lam-7.1.4/share/etc/show_help.c:296:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j = 0; j < strlen(buffer); j++) data/lam-7.1.4/share/etc/show_help.c:326:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int num, i, last = 0, len = strlen(line); data/lam-7.1.4/share/etc/socket.c:197:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(addr) == 0) { data/lam-7.1.4/share/etc/socket.c:206:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). mode = umask(0177); data/lam-7.1.4/share/etc/socket.c:230:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(addr_file) > sizeof(server_un.sun_path)) { data/lam-7.1.4/share/etc/socket.c:243:3: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(server_un.sun_path) + 1; data/lam-7.1.4/share/etc/socket.c:246:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(server_un.sun_path) + sizeof(server_un.sun_family); data/lam-7.1.4/share/etc/socket.c:251:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/socket.c:259:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/socket.c:269:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(mode); data/lam-7.1.4/share/etc/socket.c:316:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(addr_file) > sizeof(server_un.sun_path)) { data/lam-7.1.4/share/etc/socket.c:324:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(server_un.sun_path) + 1; data/lam-7.1.4/share/etc/socket.c:327:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(server_un.sun_path) + sizeof(server_un.sun_family); data/lam-7.1.4/share/etc/srfd.c:112:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(stream, buf, 1); data/lam-7.1.4/share/etc/srfd.c:181:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(stream, commbuf, 1); data/lam-7.1.4/share/etc/srfd.c:253:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(stream, buf, 1); data/lam-7.1.4/share/etc/srfd.c:295:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(stream, buf, 1); data/lam-7.1.4/share/etc/terror.c:140:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(emsgbuf, lam_emsg[ecode - ELOW], emsgbuflen); data/lam-7.1.4/share/etc/terror.c:149:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(emsgbuf, sys_errlist[ecode], emsgbuflen); data/lam-7.1.4/share/etc/terror.c:153:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(syserrmsg) > 0) { data/lam-7.1.4/share/etc/terror.c:154:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(emsgbuf, syserrmsg, emsgbuflen); data/lam-7.1.4/share/etc/terror.c:173:4: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(emsgbuf, baderror, emsgbuflen); data/lam-7.1.4/share/etc/terror.c:175:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(baderror) < emsgbuflen) { data/lam-7.1.4/share/etc/terror.c:176:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(emsgbuf, anum, data/lam-7.1.4/share/etc/terror.c:177:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). emsgbuflen - strlen(baderror)); data/lam-7.1.4/share/etc/terror.c:197:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(emsgbuf, "\n"); data/lam-7.1.4/share/etc/terror.c:202:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(umsg); data/lam-7.1.4/share/etc/terror.c:203:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(emsgbuf, umsg, LAM_EMSGBUFLEN - 2); data/lam-7.1.4/share/etc/terror.c:215:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(emsgbuf, "\n"); data/lam-7.1.4/share/etc/terror.c:218:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(2, emsgbuf, strlen(emsgbuf)); data/lam-7.1.4/share/etc/vsnprintf.c:78:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(format) + 128; data/lam-7.1.4/share/etc/vsnprintf.c:79:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(format); ++i) { data/lam-7.1.4/share/etc/vsnprintf.c:80:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (format[i] == '%' && i + 1 < strlen(format) && format[i + 1] != '%') { data/lam-7.1.4/share/etc/vsnprintf.c:87:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(sarg); data/lam-7.1.4/share/etc/vsnprintf.c:149:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (i + 1 < strlen(format)) { data/lam-7.1.4/share/freq/lfopenfd.c:103:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nhead.nh_length = strlen(server) + 1; data/lam-7.1.4/share/freq/lfopenfd.c:305:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read_err = read(fd_stdout, buffer, MAXNMSGLEN); data/lam-7.1.4/share/freq/lfopenfd.c:323:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read_err = read(fd_stderr, buffer, MAXNMSGLEN); data/lam-7.1.4/share/freq/rfopen.c:90:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nhead.nh_length = strlen(name) + 1; data/lam-7.1.4/share/freq/rfpathfind.c:63:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nhead.nh_length = strlen(name) + 1; data/lam-7.1.4/share/freq/rfpathfind.c:65:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nhead.nh_length += strlen(cwd) + 1; data/lam-7.1.4/share/freq/rfsimplex.c:69:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int4) (strlen(fname) + 1); data/lam-7.1.4/share/freq/rfsimplex.c:94:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int4) (strlen(fname) + 1); data/lam-7.1.4/share/freq/rfsimplex.c:117:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int4) (strlen(newdir) + 1); data/lam-7.1.4/share/freq/rfsimplex.c:183:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int4) (strlen(cmd) + 1); data/lam-7.1.4/share/freq/rfsimplex.c:206:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int4) (strlen(fname) + 1); data/lam-7.1.4/share/freq/rfsimplex.c:229:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int4) (strlen(fname) + 1); data/lam-7.1.4/share/freq/rfsimplex.c:282:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lfname = (int4) (strlen(fname) + 1); data/lam-7.1.4/share/freq/rfstat.c:69:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int4) (strlen(fname) + 1); data/lam-7.1.4/share/include/lam_ltdl.h:89:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define LT_STRLEN(s) (((s) && (s)[0]) ? strlen (s) : 0) data/lam-7.1.4/share/kreq/kcreate.c:121:7: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(umask_mode); data/lam-7.1.4/share/libltdl/ltdl.c:100:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define LT_D_NAMLEN(dirent) (strlen((dirent)->d_name)) data/lam-7.1.4/share/libltdl/ltdl.c:103:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define LT_D_NAMLEN(dirent) (strlen((dirent)->d_name)) data/lam-7.1.4/share/libltdl/ltdl.c:272:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp = LT_DLMALLOC (char, 1+ strlen (str)); data/lam-7.1.4/share/libltdl/ltdl.c:461:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void) strncpy (file_specification, path, LT_FILENAME_MAX-6); data/lam-7.1.4/share/libltdl/ltdl.c:463:10: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. (void) strcat(file_specification,"\\"); data/lam-7.1.4/share/libltdl/ltdl.c:501:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void) strncpy(entry->file_info.d_name,entry->Win32FindData.cFileName, data/lam-7.1.4/share/libltdl/ltdl.c:504:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). entry->file_info.d_namlen = strlen(entry->file_info.d_name); data/lam-7.1.4/share/libltdl/ltdl.c:1674:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!errstr || !strlen(errstr)) errstr = othererror; data/lam-7.1.4/share/libltdl/ltdl.c:1927:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(saveError, lt_int_dyld_error(LT_DLSTRERROR(SYMBOL_NOT_FOUND)), 255); data/lam-7.1.4/share/libltdl/ltdl.c:3032:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp, &str[1], (end - str) - 1); data/lam-7.1.4/share/libltdl/ltdl.c:3124:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (dir, canonical, dirlen); data/lam-7.1.4/share/libltdl/ltdl.c:3664:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (buf, "/"); data/lam-7.1.4/share/libltdl/ltdl.c:3665:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat (buf, dp->d_name, end_offset); data/lam-7.1.4/share/libltdl/ltdl.c:4022:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert (before - *ppath <= strlen (*ppath)); data/lam-7.1.4/share/libltdl/ltdl.h:89:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define LT_STRLEN(s) (((s) && (s)[0]) ? strlen (s) : 0) data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.c:985:25: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. #define mEMALIGn memalign data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.c:4778:71: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. weak_alias (__libc_memalign, __memalign) weak_alias (__libc_memalign, memalign) data/lam-7.1.4/share/memory/ptmalloc/ptmalloc.h:106:23: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. extern __malloc_ptr_t memalign __MALLOC_P ((size_t __alignment, size_t __size)); data/lam-7.1.4/share/memory/ptmalloc/t-test.h:91:29: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. m->ptr = (unsigned char *)memalign(sizeof(int) << r, size); data/lam-7.1.4/share/memory/ptmalloc2/malloc.c:512:26: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. #define public_mEMALIGn memalign data/lam-7.1.4/share/memory/ptmalloc2/malloc.c:5363:71: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. weak_alias (__libc_memalign, __memalign) weak_alias (__libc_memalign, memalign) data/lam-7.1.4/share/memory/ptmalloc2/malloc.h:137:23: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. extern __malloc_ptr_t memalign __MALLOC_P ((size_t __alignment, size_t __size)); data/lam-7.1.4/share/memory/ptmalloc2/t-test.h:92:29: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. m->ptr = (unsigned char *)memalign(sizeof(int) << r, size); data/lam-7.1.4/share/mpi/MPI.c:323:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(cstr); i < len; i++) { data/lam-7.1.4/share/mpi/accept.c:136:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((rank == root) && (strlen(port_name) > LAM_PORTLEN)) { data/lam-7.1.4/share/mpi/accept.c:329:8: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. int4 mismatch; /* run-time flags mismatch? */ data/lam-7.1.4/share/mpi/accept.c:378:23: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. outmsg.nh_data[3] = (mismatch) ? MPI_ERR_FLAGS : 0; data/lam-7.1.4/share/mpi/accept.c:384:6: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (mismatch) { data/lam-7.1.4/share/mpi/cgetname.c:79:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *length = strlen(name); data/lam-7.1.4/share/mpi/connect.c:135:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((rank == root) && (strlen(port_name) > LAM_PORTLEN)) { data/lam-7.1.4/share/mpi/errstring.c:138:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(buf, ""); data/lam-7.1.4/share/mpi/errstring.c:159:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buf); data/lam-7.1.4/share/mpi/errstring.c:168:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *plen = strlen(msg); data/lam-7.1.4/share/mpi/getprocname.c:61:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *len = strlen(name); data/lam-7.1.4/share/mpi/infodel.c:66:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = (key) ? strlen(key) : 0; data/lam-7.1.4/share/mpi/infoget.c:79:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = (key) ? strlen(key) : 0; data/lam-7.1.4/share/mpi/infoget.c:89:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vallen = strlen(found->ie_value); data/lam-7.1.4/share/mpi/infogetvlen.c:75:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = (key) ? strlen(key) : 0; data/lam-7.1.4/share/mpi/infogetvlen.c:85:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *valuelen = strlen(found->ie_value); data/lam-7.1.4/share/mpi/infoset.c:72:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keylen = (key) ? strlen(key) : 0; data/lam-7.1.4/share/mpi/infoset.c:78:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vallen = (value) ? strlen(value) : 0; data/lam-7.1.4/share/mpi/join.c:349:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(fd, inbuf, ntoread); data/lam-7.1.4/share/mpi/portclose.c:59:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(port_name) > LAM_PORTLEN) { data/lam-7.1.4/share/mpi/tgetname.c:79:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *length = strlen(name); data/lam-7.1.4/share/ssi/base/ssi_ao.c:79:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buflen = strlen(ssi_kind_argv[i]) + strlen(ssi_arg_argv[i]) + 32; data/lam-7.1.4/share/ssi/base/ssi_ao.c:79:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buflen = strlen(ssi_kind_argv[i]) + strlen(ssi_arg_argv[i]) + 32; data/lam-7.1.4/share/ssi/base/ssi_hostmap.c:81:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (filename == NULL || strlen(filename) == 0) data/lam-7.1.4/share/ssi/base/ssi_module_check.c:43:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = 32 + strlen(type); data/lam-7.1.4/share/ssi/base/ssi_module_find.c:237:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = sizeof(module_template) + strlen(params->type) + 32; data/lam-7.1.4/share/ssi/base/ssi_module_find.c:239:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(params->name); data/lam-7.1.4/share/ssi/base/ssi_module_find.c:242:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). prefix_len = strlen(prefix); data/lam-7.1.4/share/ssi/base/ssi_module_find.c:245:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). total_len = strlen(prefix); data/lam-7.1.4/share/ssi/base/ssi_module_find.c:342:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(file->type) + strlen(file->name) + 32; data/lam-7.1.4/share/ssi/base/ssi_module_find.c:342:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(file->type) + strlen(file->name) + 32; data/lam-7.1.4/share/ssi/base/ssi_module_find.c:419:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(file->filename) + strlen(laminfo_suffix) + 16; data/lam-7.1.4/share/ssi/base/ssi_module_find.c:419:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(file->filename) + strlen(laminfo_suffix) + 16; data/lam-7.1.4/share/ssi/base/ssi_module_find.c:444:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buffer); data/lam-7.1.4/share/ssi/base/ssi_module_find.c:461:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strncasecmp(p, key_dependency, strlen(key_dependency)) == 0) { data/lam-7.1.4/share/ssi/base/ssi_module_find.c:462:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (check_dependency(p + strlen(key_dependency), index, data/lam-7.1.4/share/ssi/base/ssi_module_find.c:518:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(type) + strlen(name) + 32 >= BUFSIZ) { data/lam-7.1.4/share/ssi/base/ssi_module_find.c:518:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(type) + strlen(name) + 32 >= BUFSIZ) { data/lam-7.1.4/share/ssi/base/ssi_param.c:163:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(param_name) + strlen(ssi_prefix) + 32; data/lam-7.1.4/share/ssi/base/ssi_param.c:163:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(param_name) + strlen(ssi_prefix) + 32; data/lam-7.1.4/share/ssi/base/ssi_param.c:165:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(value); data/lam-7.1.4/share/ssi/base/ssi_param.c:191:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(param_name) + strlen(ssi_prefix) + 32; data/lam-7.1.4/share/ssi/base/ssi_param.c:191:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(param_name) + strlen(ssi_prefix) + 32; data/lam-7.1.4/share/ssi/base/ssi_param.c:259:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = 16 + strlen(type_name); data/lam-7.1.4/share/ssi/base/ssi_param.c:262:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(module_name); data/lam-7.1.4/share/ssi/base/ssi_param.c:264:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(param_name); data/lam-7.1.4/share/ssi/base/ssi_param.c:273:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(param.lsbp_full_name, type_name, len); data/lam-7.1.4/share/ssi/base/ssi_param.c:276:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(param.lsbp_full_name, "_"); data/lam-7.1.4/share/ssi/base/ssi_param.c:280:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(param.lsbp_full_name, "_"); data/lam-7.1.4/share/ssi/base/ssi_param.c:290:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(param.lsbp_full_name) + strlen(ssi_prefix) + 16; data/lam-7.1.4/share/ssi/base/ssi_param.c:290:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(param.lsbp_full_name) + strlen(ssi_prefix) + 16; data/lam-7.1.4/share/ssi/base/ssi_set_verbose.c:115:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while (ptr != NULL && strlen(ptr) > 0) { data/lam-7.1.4/share/ssi/boot/base/ssi_boot_append_path.c:46:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path_len = strlen(prefix) + strlen(dir) + strlen(fname) + 3; data/lam-7.1.4/share/ssi/boot/base/ssi_boot_append_path.c:46:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path_len = strlen(prefix) + strlen(dir) + strlen(fname) + 3; data/lam-7.1.4/share/ssi/boot/base/ssi_boot_append_path.c:46:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path_len = strlen(prefix) + strlen(dir) + strlen(fname) + 3; data/lam-7.1.4/share/ssi/boot/base/ssi_boot_ioexecvp.c:174:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(kidstderr[0], temp, 256); data/lam-7.1.4/share/ssi/boot/base/ssi_boot_ioexecvp.c:188:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(2, stderr_announce, strlen(stderr_announce)); data/lam-7.1.4/share/ssi/boot/base/ssi_boot_ioexecvp.c:218:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(kidstdout[0], temp, 256); data/lam-7.1.4/share/ssi/boot/base/ssi_boot_open.c:131:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (boot != NULL && strlen(boot) > 0) { data/lam-7.1.4/share/ssi/boot/bproc/src/ssi_boot_bproc.c:562:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(pd[0], &val, sizeof(int)); data/lam-7.1.4/share/ssi/boot/bproc/src/ssi_boot_bproc.c:565:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(pd[0], &val, sizeof(int)); data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh_inetexec.c:155:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(shellpath) == 0) { data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh_inetexec.c:167:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (shellpath[strlen(shellpath) - 1] == '\n') data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh_inetexec.c:168:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). shellpath[strlen(shellpath) - 1] = '\0'; data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh_inetexec.c:281:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len += strlen(*p) + 3; data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh_inetexec.c:299:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(str, "\'"); data/lam-7.1.4/share/ssi/boot/rsh/src/ssi_boot_rsh_inetexec.c:303:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(str, "\'"); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:940:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read(pipe_fd[0], &ret, sizeof(int)); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm.c:1146:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dot_ptr = path_name + strlen(path_name); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm_hostlist.c:61:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(regexp); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm_hostlist.c:117:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(ranges); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm_hostlist.c:154:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(range); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm_hostlist.c:155:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). base_len = strlen(base); data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm_hostlist.c:216:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(temp2) < num_str_len) { data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm_hostlist.c:217:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j = 0; j < num_str_len - strlen(temp2); ++j) { data/lam-7.1.4/share/ssi/boot/slurm/src/ssi_boot_slurm_hostlist.c:218:11: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(temp1, "0"); data/lam-7.1.4/share/ssi/coll/base/ssi_coll_open.c:95:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((e = getenv("LAM_MPI_SSI_coll")) != NULL && strlen(e) > 0) { data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_util.c:241:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(argv1[0],"a"); data/lam-7.1.4/share/ssi/coll/shmem/src/ssi_coll_shmem_util.c:243:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(argv1[1],"h"); data/lam-7.1.4/share/ssi/crlam/base/ssi_crlam.c:54:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define signal_puts(S) write(STDOUT_FILENO, (S), strlen(S)) data/lam-7.1.4/share/ssi/crlam/base/ssi_crlam.c:111:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(fd, app_schema, strlen(app_schema)) < 0) { data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:421:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cr_env.pe_wrkdir, ""); data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:525:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(cr_filearr[i]) + sizeof(int) * 8 + 2; data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:584:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((crdir != NULL) && (strlen(crdir) > 0) data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:592:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if ((strlen(LAM_CHECKPOINT_FILE_DIR) != 0) data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:611:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(crdir) + strlen("/context.") + sizeof(int) * 8 * 3 + 4; data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:611:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(crdir) + strlen("/context.") + sizeof(int) * 8 * 3 + 4; data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:613:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len += strlen(suffix); data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:642:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dst, name, len); data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:662:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(LAM_LBNL_LIBCR_PATH); data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:664:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len += strlen("/bin/") + strlen(util) + 1; data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:664:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len += strlen("/bin/") + strlen(util) + 1; data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:710:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). asc_line_len = strlen(cr_file) + strlen(cr_restart) + 5 + data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:710:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). asc_line_len = strlen(cr_file) + strlen(cr_restart) + 5 + data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:766:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(fname_arr[i]) + sizeof(int) * 8 + 2; data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:798:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((crdir != NULL) && (strlen(crdir) > 0) data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:806:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if ((strlen(LAM_CHECKPOINT_FILE_DIR) != 0) data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:826:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(crdir) + strlen("/context.") + strlen("mpirun.") data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:826:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(crdir) + strlen("/context.") + strlen("mpirun.") data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:826:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(crdir) + strlen("/context.") + strlen("mpirun.") data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:839:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len += strlen("cr_checkpoint -f ") + (sizeof(int) * 8) + strlen(" ") + 1; data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:839:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len += strlen("cr_checkpoint -f ") + (sizeof(int) * 8) + strlen(" ") + 1; data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:883:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (context_file != NULL && strlen(context_file) != 0) { data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:884:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen("cr_restart ") + strlen(context_file) + 1; data/lam-7.1.4/share/ssi/crlam/blcr/src/ssi_crlam_blcr.c:884:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen("cr_restart ") + strlen(context_file) + 1; data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:44:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define signal_puts(S) write(STDOUT_FILENO, (S), strlen(S)) data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:220:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len += strlen(argv[i]) + 1; data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:225:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len += strlen("# ") + 1; data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:239:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len += strlen("\n"); data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:458:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(crlam_self_filedesc[0], &status, sizeof(status)) == -1) { data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:519:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(cr_env.pe_wrkdir, ""); data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:569:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((crdir != NULL) && (strlen(crdir) > 0) data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:577:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if ((strlen(LAM_CHECKPOINT_FILE_DIR) != 0) data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:596:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(crdir) + strlen("/context.") + sizeof(int) * 8 * 3 + 4; data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:596:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen(crdir) + strlen("/context.") + sizeof(int) * 8 * 3 + 4; data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:652:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). asc_line_len = strlen(cr_self_file) + strlen(cr_self_restart) + 5 + data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:652:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). asc_line_len = strlen(cr_self_file) + strlen(cr_self_restart) + 5 + data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:730:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((restart_args != NULL) && (strlen(restart_args) != 0)) { data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:731:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen("mpirun") + strlen(restart_args) + 2; data/lam-7.1.4/share/ssi/crlam/self/src/ssi_crlam_self.c:731:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_len = strlen("mpirun") + strlen(restart_args) + 2; data/lam-7.1.4/share/ssi/crmpi/base/ssi_crmpi_open.c:113:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (cr != NULL && strlen(cr) > 0) { data/lam-7.1.4/share/ssi/crmpi/blcr/src/ssi_crmpi_blcr.c:38:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define signal_puts(S) write(STDOUT_FILENO, (S), strlen(S)) data/lam-7.1.4/share/ssi/crmpi/self/src/ssi_crmpi_self.c:338:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(crmpi_self_filedesc[0], &status, sizeof(status)) == -1) { data/lam-7.1.4/share/ssi/crmpi/self/src/ssi_crmpi_self.c:436:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (prefix != NULL && strlen(prefix) != 0) { data/lam-7.1.4/share/ssi/crmpi/self/src/ssi_crmpi_self.c:437:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(prefix) + strlen(suffix) + 16; data/lam-7.1.4/share/ssi/crmpi/self/src/ssi_crmpi_self.c:437:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(prefix) + strlen(suffix) + 16; data/lam-7.1.4/share/ssi/rpi/base/ssi_rpi_open.c:109:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (rpi != NULL && strlen(rpi) > 0) { data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp.c:476:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FD_ZERO(&PUB(read)); data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp.c:952:36: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (FD_ISSET(ps->cp_sock, &PUB(read))) data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp.c:958:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FD_SET(ps->cp_sock, &PUB(read)); data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp.c:1508:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FD_ZERO(&PUB(read)); data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp.c:1554:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). memcpy((char *) &PUB(read), (char*) &PUB(full_fd_set), sizeof(fd_set)); data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_cr.c:561:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FD_ZERO(&PUB(read)); data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_cr.c:609:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). lam_memcpy((char *) &PUB(read), (char*) &PUB(full_fd_set), sizeof(fd_set)); data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_cr.c:637:56: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (FD_ISSET(PUB(procs)[i]->p_rpi->cp_sock, &PUB(read))) { data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_cr.c:668:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FD_ZERO(&PUB(read)); data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_cr.c:676:52: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FD_SET(PUB(procs)[i]->p_rpi->cp_sock, &PUB(read)); data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_low.c:118:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). fd_set PUB(read); /* read sockets */ data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_low.c:170:43: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). memcpy((char *) &readfds, (char *) &PUB(read), data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_low.c:1202:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(ps->cp_sock, *buf, num); data/lam-7.1.4/share/ssi/rpi/crtcp/src/ssi_rpi_crtcp_low.c:1523:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FD_CLR(sock, &PUB(read)); data/lam-7.1.4/share/ssi/rpi/tcp/src/ssi_rpi_tcp_low.c:1209:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(sock, buf, nbytes); data/lam-7.1.4/share/trillium/rflat.c:177:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). argsize = strlen(args); data/lam-7.1.4/share/trillium/rflat.c:186:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *envsize = (int4) strlen(envs); data/lam-7.1.4/share/trillium/rload.c:60:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nhead.nh_length = strlen(fullpath) + 1; data/lam-7.1.4/share/trillium/rload.c:63:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nhead.nh_length = strlen(filename) + 1; data/lam-7.1.4/share/trillium/rpcreate.c:83:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) >= PSMAXNAME) { data/lam-7.1.4/share/trillium/rpcreate.c:119:6: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(request.pq_wrkdir, ""); data/lam-7.1.4/share/trillium/rpcreate.c:208:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(env.pe_wrkdir, ""); data/lam-7.1.4/share/trillium/rploadgo.c:166:2: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(env.pe_wrkdir, ""); data/lam-7.1.4/share/trillium/rtrname.c:68:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(name) + strlen(data) + 2; data/lam-7.1.4/share/trillium/rtrname.c:68:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(name) + strlen(data) + 2; data/lam-7.1.4/share/trillium/rtrname.c:79:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strcpy(buf + strlen(name) + 1, data); data/lam-7.1.4/share/trillium/rtrname.c:154:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nhead.nh_length = strlen(name) + 1; data/lam-7.1.4/share/trillium/rtrname.c:219:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nhead.nh_length = strlen(name) + 1; data/lam-7.1.4/share/tstdio/iomap.c:135:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return(read(fd, buf, nbyte)); data/lam-7.1.4/share/tstdio/tfscan.c:169:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). f._bsiz = strlen(str); data/lam-7.1.4/share/tstdio/tprint.c:707:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t length = strlen(stringp); data/lam-7.1.4/share/tstdio/tscan.c:1039:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). f._bf._size = f._r = strlen(str); data/lam-7.1.4/tools/hboot/hboot.c:169:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). inet_topo[strlen(inet_topo) - 1] = '\0'; data/lam-7.1.4/tools/hboot/hboot.c:193:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). prefix_len = strlen(opt_prefix) + strlen("/bin/") + 1; data/lam-7.1.4/tools/hboot/hboot.c:193:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). prefix_len = strlen(opt_prefix) + strlen("/bin/") + 1; data/lam-7.1.4/tools/hboot/hboot.c:205:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(prefix) + 16; data/lam-7.1.4/tools/hboot/hboot.c:207:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(path_env); data/lam-7.1.4/tools/hboot/hboot.c:246:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tkill_len = strlen(prefix) + strlen(t_tkill) + 1; data/lam-7.1.4/tools/hboot/hboot.c:246:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tkill_len = strlen(prefix) + strlen(t_tkill) + 1; data/lam-7.1.4/tools/lamboot/lamboot.c:134:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cmdv0_len = strlen("/bin/lamboot") + strlen(lamprefix) + 2; data/lam-7.1.4/tools/lamboot/lamboot.c:134:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cmdv0_len = strlen("/bin/lamboot") + strlen(lamprefix) + 2; data/lam-7.1.4/tools/laminfo/laminfo.cc:590:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(default_value_string) == 0) data/lam-7.1.4/tools/wipe/wipe.c:112:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cmdv0_len = strlen("/bin/wipe") + strlen(lamprefix) + 2; data/lam-7.1.4/tools/wipe/wipe.c:112:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cmdv0_len = strlen("/bin/wipe") + strlen(lamprefix) + 2; ANALYSIS SUMMARY: Hits = 1799 Lines analyzed = 291841 in approximately 11.57 seconds (25233 lines/second) Physical Source Lines of Code (SLOC) = 165652 Hits@level = [0] 1049 [1] 516 [2] 906 [3] 106 [4] 266 [5] 5 Hits@level+ = [0+] 2848 [1+] 1799 [2+] 1283 [3+] 377 [4+] 271 [5+] 5 Hits/KSLOC@level+ = [0+] 17.1927 [1+] 10.8601 [2+] 7.74515 [3+] 2.27586 [4+] 1.63596 [5+] 0.0301838 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.