Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libdsk-1.5.9+dfsg/lib/dskreprt.c
Examining data/libdsk-1.5.9+dfsg/lib/drvwin32.h
Examining data/libdsk-1.5.9+dfsg/lib/rpcserv.c
Examining data/libdsk-1.5.9+dfsg/lib/compgz.h
Examining data/libdsk-1.5.9+dfsg/lib/dskcopy.c
Examining data/libdsk-1.5.9+dfsg/lib/dsktrkid.c
Examining data/libdsk-1.5.9+dfsg/lib/rpcfork.c
Examining data/libdsk-1.5.9+dfsg/lib/drvwin16.h
Examining data/libdsk-1.5.9+dfsg/lib/drvrcpm.h
Examining data/libdsk-1.5.9+dfsg/lib/drvsap.c
Examining data/libdsk-1.5.9+dfsg/lib/compress.h
Examining data/libdsk-1.5.9+dfsg/lib/drvntwdm.c
Examining data/libdsk-1.5.9+dfsg/lib/drvlinux.h
Examining data/libdsk-1.5.9+dfsg/lib/drvldbs.h
Examining data/libdsk-1.5.9+dfsg/lib/dskgeom.c
Examining data/libdsk-1.5.9+dfsg/lib/rpcwin32.h
Examining data/libdsk-1.5.9+dfsg/lib/drvimd.c
Examining data/libdsk-1.5.9+dfsg/lib/dskfmt.c
Examining data/libdsk-1.5.9+dfsg/lib/drvldbs.c
Examining data/libdsk-1.5.9+dfsg/lib/drvqm.c
Examining data/libdsk-1.5.9+dfsg/lib/compbz2.c
Examining data/libdsk-1.5.9+dfsg/lib/dskwrite.c
Examining data/libdsk-1.5.9+dfsg/lib/remote.h
Examining data/libdsk-1.5.9+dfsg/lib/drvdskf.h
Examining data/libdsk-1.5.9+dfsg/lib/dskretry.c
Examining data/libdsk-1.5.9+dfsg/lib/drvqrst.h
Examining data/libdsk-1.5.9+dfsg/lib/crc16.c
Examining data/libdsk-1.5.9+dfsg/lib/drvmyz80.c
Examining data/libdsk-1.5.9+dfsg/lib/drvadisk.c
Examining data/libdsk-1.5.9+dfsg/lib/drvdskf.c
Examining data/libdsk-1.5.9+dfsg/lib/drivers.h
Examining data/libdsk-1.5.9+dfsg/lib/drvint25.h
Examining data/libdsk-1.5.9+dfsg/lib/drvsimh.c
Examining data/libdsk-1.5.9+dfsg/lib/drvrcpm.c
Examining data/libdsk-1.5.9+dfsg/lib/drvcfi.h
Examining data/libdsk-1.5.9+dfsg/lib/remote.c
Examining data/libdsk-1.5.9+dfsg/lib/dsksecid.c
Examining data/libdsk-1.5.9+dfsg/lib/dskerror.c
Examining data/libdsk-1.5.9+dfsg/lib/drvmyz80.h
Examining data/libdsk-1.5.9+dfsg/lib/compbz2.h
Examining data/libdsk-1.5.9+dfsg/lib/comptlzh.h
Examining data/libdsk-1.5.9+dfsg/lib/crctable.c
Examining data/libdsk-1.5.9+dfsg/lib/dskjni.c
Examining data/libdsk-1.5.9+dfsg/lib/drvsap.h
Examining data/libdsk-1.5.9+dfsg/lib/dskcheck.c
Examining data/libdsk-1.5.9+dfsg/lib/dskpars.c
Examining data/libdsk-1.5.9+dfsg/lib/drvlinux.c
Examining data/libdsk-1.5.9+dfsg/lib/drvposix.c
Examining data/libdsk-1.5.9+dfsg/lib/drvcfi.c
Examining data/libdsk-1.5.9+dfsg/lib/compdskf.c
Examining data/libdsk-1.5.9+dfsg/lib/drvtele.h
Examining data/libdsk-1.5.9+dfsg/lib/drvsimh.h
Examining data/libdsk-1.5.9+dfsg/lib/dsklphys.c
Examining data/libdsk-1.5.9+dfsg/lib/rpctios.h
Examining data/libdsk-1.5.9+dfsg/lib/remall.h
Examining data/libdsk-1.5.9+dfsg/lib/dskseek.c
Examining data/libdsk-1.5.9+dfsg/lib/drvdos32.c
Examining data/libdsk-1.5.9+dfsg/lib/rpcmap.c
Examining data/libdsk-1.5.9+dfsg/lib/compsq.c
Examining data/libdsk-1.5.9+dfsg/lib/comptlzh.c
Examining data/libdsk-1.5.9+dfsg/lib/drvtele.c
Examining data/libdsk-1.5.9+dfsg/lib/compdskf.h
Examining data/libdsk-1.5.9+dfsg/lib/drvdos32.h
Examining data/libdsk-1.5.9+dfsg/lib/dskstat.c
Examining data/libdsk-1.5.9+dfsg/lib/dskread.c
Examining data/libdsk-1.5.9+dfsg/lib/drvint25.c
Examining data/libdsk-1.5.9+dfsg/lib/dsktread.c
Examining data/libdsk-1.5.9+dfsg/lib/drvwin16.c
Examining data/libdsk-1.5.9+dfsg/lib/rpcfossl.c
Examining data/libdsk-1.5.9+dfsg/lib/dskrtrd.c
Examining data/libdsk-1.5.9+dfsg/lib/crctable.h
Examining data/libdsk-1.5.9+dfsg/lib/drvposix.h
Examining data/libdsk-1.5.9+dfsg/lib/drvdos16.c
Examining data/libdsk-1.5.9+dfsg/lib/comp.h
Examining data/libdsk-1.5.9+dfsg/lib/drvcpcem.c
Examining data/libdsk-1.5.9+dfsg/lib/drvqm.h
Examining data/libdsk-1.5.9+dfsg/lib/drvnwasp.h
Examining data/libdsk-1.5.9+dfsg/lib/rpcpack.c
Examining data/libdsk-1.5.9+dfsg/lib/rpcwin32.c
Examining data/libdsk-1.5.9+dfsg/lib/compsq.h
Examining data/libdsk-1.5.9+dfsg/lib/rpcfossl.h
Examining data/libdsk-1.5.9+dfsg/lib/w16defs.h
Examining data/libdsk-1.5.9+dfsg/lib/w95defs.h
Examining data/libdsk-1.5.9+dfsg/lib/drvi.h
Examining data/libdsk-1.5.9+dfsg/lib/dskopen.c
Examining data/libdsk-1.5.9+dfsg/lib/compgz.c
Examining data/libdsk-1.5.9+dfsg/lib/drvdos16.h
Examining data/libdsk-1.5.9+dfsg/lib/drvqrst.c
Examining data/libdsk-1.5.9+dfsg/lib/drvjv3.h
Examining data/libdsk-1.5.9+dfsg/lib/ldbs.h
Examining data/libdsk-1.5.9+dfsg/lib/crc16.h
Examining data/libdsk-1.5.9+dfsg/lib/dskdirty.c
Examining data/libdsk-1.5.9+dfsg/lib/drvydsk.h
Examining data/libdsk-1.5.9+dfsg/lib/dskiconv.c
Examining data/libdsk-1.5.9+dfsg/lib/ldbs.c
Examining data/libdsk-1.5.9+dfsg/lib/drvlogi.h
Examining data/libdsk-1.5.9+dfsg/lib/drvcpcem.h
Examining data/libdsk-1.5.9+dfsg/lib/rpcfuncs.h
Examining data/libdsk-1.5.9+dfsg/lib/drvnwasp.c
Examining data/libdsk-1.5.9+dfsg/lib/drvntwdm.h
Examining data/libdsk-1.5.9+dfsg/lib/dsksgeom.c
Examining data/libdsk-1.5.9+dfsg/lib/compi.h
Examining data/libdsk-1.5.9+dfsg/lib/rpcfork.h
Examining data/libdsk-1.5.9+dfsg/lib/drvjv3.c
Examining data/libdsk-1.5.9+dfsg/lib/compress.c
Examining data/libdsk-1.5.9+dfsg/lib/drv.h
Examining data/libdsk-1.5.9+dfsg/lib/drvydsk.c
Examining data/libdsk-1.5.9+dfsg/lib/drvadisk.h
Examining data/libdsk-1.5.9+dfsg/lib/rpctios.c
Examining data/libdsk-1.5.9+dfsg/lib/dskcmt.c
Examining data/libdsk-1.5.9+dfsg/lib/drvimd.h
Examining data/libdsk-1.5.9+dfsg/lib/drvwin32.c
Examining data/libdsk-1.5.9+dfsg/lib/drvlogi.c
Examining data/libdsk-1.5.9+dfsg/lib/rpccli.c
Examining data/libdsk-1.5.9+dfsg/tools/dskscan.c
Examining data/libdsk-1.5.9+dfsg/tools/forkslave.c
Examining data/libdsk-1.5.9+dfsg/tools/dsktrans.c
Examining data/libdsk-1.5.9+dfsg/tools/dskform.c
Examining data/libdsk-1.5.9+dfsg/tools/apriboot.h
Examining data/libdsk-1.5.9+dfsg/tools/dskid.c
Examining data/libdsk-1.5.9+dfsg/tools/crc16.c
Examining data/libdsk-1.5.9+dfsg/tools/check2.c
Examining data/libdsk-1.5.9+dfsg/tools/serslave.c
Examining data/libdsk-1.5.9+dfsg/tools/check3.c
Examining data/libdsk-1.5.9+dfsg/tools/dskdump.c
Examining data/libdsk-1.5.9+dfsg/tools/bootsec.c
Examining data/libdsk-1.5.9+dfsg/tools/md3serial.c
Examining data/libdsk-1.5.9+dfsg/tools/utilopts.c
Examining data/libdsk-1.5.9+dfsg/tools/apriboot.c
Examining data/libdsk-1.5.9+dfsg/tools/utilopts.h
Examining data/libdsk-1.5.9+dfsg/tools/dskutil.c
Examining data/libdsk-1.5.9+dfsg/tools/formname.c
Examining data/libdsk-1.5.9+dfsg/tools/crc16.h
Examining data/libdsk-1.5.9+dfsg/tools/dskconv.c
Examining data/libdsk-1.5.9+dfsg/tools/check1.c
Examining data/libdsk-1.5.9+dfsg/tools/dsktest.c
Examining data/libdsk-1.5.9+dfsg/tools/formname.h
Examining data/libdsk-1.5.9+dfsg/include/libdsk.h
Examining data/libdsk-1.5.9+dfsg/rpcserv/ldserver.c
Examining data/libdsk-1.5.9+dfsg/rpcserv/resource.h
Examining data/libdsk-1.5.9+dfsg/rpcserv/aboutbox.c
Examining data/libdsk-1.5.9+dfsg/rpcserv/mailslot.h
Examining data/libdsk-1.5.9+dfsg/rpcserv/ldserver.h
Examining data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c
Examining data/libdsk-1.5.9+dfsg/LDBS/dsk2ldbs.c
Examining data/libdsk-1.5.9+dfsg/LDBS/ldbscopy.c
Examining data/libdsk-1.5.9+dfsg/LDBS/ldbstest.c
Examining data/libdsk-1.5.9+dfsg/LDBS/ldbs.h
Examining data/libdsk-1.5.9+dfsg/LDBS/ldbs.c
Examining data/libdsk-1.5.9+dfsg/LDBS/ldbsdump.c
FINAL RESULTS:
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:943:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(rcpmfs_mkname(self, realname), attrs))
data/libdsk-1.5.9+dfsg/LDBS/dsk2ldbs.c:313:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target, filename);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:292:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (tdir) sprintf(tmpdir, "%s/ldbsXXXXXXXX", tdir);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:293:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
else sprintf(tmpdir, TMPDIR "/ldbsXXXXXXXX");
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:298:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(self->filename, tmpdir);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:303:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (tdir) sprintf(tmpdir, "%s/LBXXXXXX", tdir);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:307:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(self->filename, mktemp(tmpdir));
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:307:25: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
strcpy(self->filename, mktemp(tmpdir));
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:595:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp.filename, filename);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:693:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp.filename, filename);
data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c:248:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target, filename);
data/libdsk-1.5.9+dfsg/lib/compress.c:78:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "Checking compression: %s...", cc->cc_description);
data/libdsk-1.5.9+dfsg/lib/compress.c:294:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (tdir) sprintf(tmpdir, "%s/libdskdXXXXXXXX", tdir);
data/libdsk-1.5.9+dfsg/lib/compress.c:295:15: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
else sprintf(tmpdir, TMPDIR "/libdskXXXXXXXX");
data/libdsk-1.5.9+dfsg/lib/compress.c:300:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(self->cd_ufilename, tmpdir);
data/libdsk-1.5.9+dfsg/lib/compress.c:305:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (tdir) sprintf(tmpdir, "%s/LDXXXXXX", tdir);
data/libdsk-1.5.9+dfsg/lib/compress.c:308:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(self->cd_ufilename, mktemp(tmpdir));
data/libdsk-1.5.9+dfsg/lib/compress.c:308:32: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
strcpy(self->cd_ufilename, mktemp(tmpdir));
data/libdsk-1.5.9+dfsg/lib/drvadisk.c:444:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)buf + 16, cmt);
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:436:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (extended) strcpy((char *)dskhead,
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:438:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy((char *)dskhead,
data/libdsk-1.5.9+dfsg/lib/drvimd.c:122:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "IMD LibDsk %s: %02d/%02d/%04d %02d:%02d:%02d\r\n",
data/libdsk-1.5.9+dfsg/lib/drvqm.c:570:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(qm_self->qm_filename, filename);
data/libdsk-1.5.9+dfsg/lib/drvqm.c:709:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(qm_self->qm_filename, filename);
data/libdsk-1.5.9+dfsg/lib/drvqm.c:1013:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *) &header[QM_H_DESCR], "%dK %s-Sided", tmp,
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:90:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define RTRACE(x) printf x
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:306:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, rcpmfs_mkname(self, oldname));
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:307:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, rcpmfs_mkname(self, newname));
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:414:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tempbuf, "%s=%s", variable, value);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:772:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(realname, map_entry);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1087:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(findpath, rcpmfs_mkname(self, "*.*"));
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1692:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(realname, self->rc_namemap+ NAMEMAP_ENTRYSIZE* entryno);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1740:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(realname, self->rc_namemap+ NAMEMAP_ENTRYSIZE* entryno);
data/libdsk-1.5.9+dfsg/lib/drvwin32.c:342:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(vname, "\\\\.\\%s", filename);
data/libdsk-1.5.9+dfsg/lib/drvwin32.c:1045:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)(buf+2), w32self->w32_slotname);
data/libdsk-1.5.9+dfsg/lib/dskcmt.c:30:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, s);
data/libdsk-1.5.9+dfsg/lib/dskcmt.c:44:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(self->dr_comment, comment);
data/libdsk-1.5.9+dfsg/lib/dskpars.c:67:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(opt->do_name, name);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:99:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, result);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:107:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, result);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:156:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, s);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:169:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, pw->pw_dir);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:187:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, s);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:248:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, s);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:306:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(description, value);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:446:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(formname, linebuf+1);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:461:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)pg->name, formname);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:462:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)pg->desc, formdesc);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:493:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s", path, "libdskrc");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:509:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s", path, ".libdskrc");
data/libdsk-1.5.9+dfsg/lib/ldbs.c:292:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (tdir) sprintf(tmpdir, "%s/ldbsXXXXXXXX", tdir);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:293:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
else sprintf(tmpdir, TMPDIR "/ldbsXXXXXXXX");
data/libdsk-1.5.9+dfsg/lib/ldbs.c:298:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(self->filename, tmpdir);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:303:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (tdir) sprintf(tmpdir, "%s/LBXXXXXX", tdir);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:307:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(self->filename, mktemp(tmpdir));
data/libdsk-1.5.9+dfsg/lib/ldbs.c:307:25: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
strcpy(self->filename, mktemp(tmpdir));
data/libdsk-1.5.9+dfsg/lib/ldbs.c:595:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp.filename, filename);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:693:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp.filename, filename);
data/libdsk-1.5.9+dfsg/lib/rpcfork.c:68:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nameout, comma + 1);
data/libdsk-1.5.9+dfsg/lib/rpcfork.c:92:3: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp(self->filename, self->filename, NULL);
data/libdsk-1.5.9+dfsg/lib/rpcfossl.c:243:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (sep) strcpy(nameout, sep + 1);
data/libdsk-1.5.9+dfsg/lib/rpctios.c:129:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (sep) strcpy(nameout, sep + 1);
data/libdsk-1.5.9+dfsg/lib/rpcwin32.c:125:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (sep) strcpy(nameout, sep + 1);
data/libdsk-1.5.9+dfsg/rpcserv/ldserver.c:409:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Ref count = %d Status = %s", nRefCount, busy ? "Active " : "Waiting ");
data/libdsk-1.5.9+dfsg/tools/dskid.c:247:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s:", comment + 3);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:457:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (infile) strcpy(infile, argv[1]);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:464:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[1]);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:523:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bufcopy, buffer);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:542:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, bufcopy);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:761:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, cmd);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:782:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(infile, name);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:797:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(infile, name);
data/libdsk-1.5.9+dfsg/tools/serslave.c:108:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, name);
data/libdsk-1.5.9+dfsg/tools/serslave.c:300:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, name);
data/libdsk-1.5.9+dfsg/tools/serslave.c:531:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, name);
data/libdsk-1.5.9+dfsg/tools/utilopts.c:167:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(st_cmt, s);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:254:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(ldbs_peek2(s));
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:278:14: [3] (tmpfile) GetTempFileName:
Temporary file race condition in certain cases (e.g., if run as SYSTEM in
many versions of Windows) (CWE-377).
if (!GetTempFileName(tmpdir, "ldbs", 0, self->filename))
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:291:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tdir = getenv("TMPDIR");
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:301:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tdir = getenv("TMP");
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:302:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!tdir) tdir = getenv("TEMP");
data/libdsk-1.5.9+dfsg/lib/compress.c:280:14: [3] (tmpfile) GetTempFileName:
Temporary file race condition in certain cases (e.g., if run as SYSTEM in
many versions of Windows) (CWE-377).
if (!GetTempFileName(tmpdir, "dsk", 0, self->cd_ufilename))
data/libdsk-1.5.9+dfsg/lib/compress.c:293:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tdir = getenv("TMPDIR");
data/libdsk-1.5.9+dfsg/lib/compress.c:303:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tdir = getenv("TMP");
data/libdsk-1.5.9+dfsg/lib/compress.c:304:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!tdir) tdir = getenv("TEMP");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:153:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv("HOME");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:184:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *s = getenv("HOME");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:238:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *s = getenv("LIBDSK");
data/libdsk-1.5.9+dfsg/lib/ldbs.c:254:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(ldbs_peek2(s));
data/libdsk-1.5.9+dfsg/lib/ldbs.c:278:14: [3] (tmpfile) GetTempFileName:
Temporary file race condition in certain cases (e.g., if run as SYSTEM in
many versions of Windows) (CWE-377).
if (!GetTempFileName(tmpdir, "ldbs", 0, self->filename))
data/libdsk-1.5.9+dfsg/lib/ldbs.c:291:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tdir = getenv("TMPDIR");
data/libdsk-1.5.9+dfsg/lib/ldbs.c:301:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tdir = getenv("TMP");
data/libdsk-1.5.9+dfsg/lib/ldbs.c:302:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!tdir) tdir = getenv("TEMP");
data/libdsk-1.5.9+dfsg/LDBS/dsk2ldbs.c:39:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dsk_header[256];
data/libdsk-1.5.9+dfsg/LDBS/dsk2ldbs.c:70:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char alle5[10] = { 0xE5, 0xE5, 0xE5, 0xE5, 0xE5,
data/libdsk-1.5.9+dfsg/LDBS/dsk2ldbs.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char block_id[4];
data/libdsk-1.5.9+dfsg/LDBS/dsk2ldbs.c:316:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (dot) strcpy(dot, ".ldbs");
data/libdsk-1.5.9+dfsg/LDBS/dsk2ldbs.c:317:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(target, ".ldbs");
data/libdsk-1.5.9+dfsg/LDBS/dsk2ldbs.c:320:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpi = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/LDBS/dsk2ldbs.c:353:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creator[15];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:141:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char FREEBLOCK[4] = {0,0,0,0};
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:142:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char USEDBLOCK[4] = {0,1,0,1};
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpdir[PATH_MAX];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:284:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
self->fp = fopen(self->filename, "w+b");
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:295:7: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(tmpdir);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:304:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(tmpdir, "./LBXXXXXX");
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:313:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(self->filename, "rb");
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:325:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
self->fp = fopen(self->filename, "w+b");
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:385:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[HEADER_LEN];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:401:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->header.magic, header, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:402:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->header.subtype, header + 4, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:415:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[BLOCKHEAD_LEN];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:423:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bh, ptr, sizeof(LDBS_BLOCKHEAD));
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:440:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bh->magic, header, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:441:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bh->type, header + 4, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:452:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[HEADER_LEN];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:465:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header, self->header.magic, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:466:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header + 4, self->header.subtype, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:483:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[BLOCKHEAD_LEN];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:490:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, bh, sizeof(LDBS_BLOCKHEAD));
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:499:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header, LDBS_BLOCKHEAD_MAGIC, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:500:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header + 4, bh->type, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:529:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest + sizeof(LDBS_BLOCKHEAD), data, len);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:571:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char st[5];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:580:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(st, type, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:586:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
temp.fp = fopen(filename, "w+b");
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:612:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp.header.magic, LDBS_HEADER_MAGIC, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:613:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp.header.subtype, st, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:649:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pres, &temp, sizeof(LDBS));
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:679:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
temp.fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:684:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
temp.fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:738:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(type, temp.header.subtype, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:740:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pres, &temp, sizeof(LDBS));
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:882:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_get_blockinfo(PLDBS self, LDBLOCKID blockid, char type[4],
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:901:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(type, blockhead.type, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:914:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_getblock(PLDBS self, LDBLOCKID blockid, char type[4],
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:933:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(type, blockhead.type, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:949:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, src + sizeof(LDBS_BLOCKHEAD), *len);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:969:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, src + sizeof(LDBS_BLOCKHEAD), *len);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1014:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(type, blockhead.type, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1024:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*data, src + sizeof(LDBS_BLOCKHEAD), *len);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1046:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tb[5];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1051:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tb, type, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1055:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tb, USEDBLOCK, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1142:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(blockhead.type, tb, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1159:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(blockhead.type, tb, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cur_type[5];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[5];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1217:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(type, t, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1221:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(type, USEDBLOCK, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1255:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[BLOCKHEAD_LEN];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1379:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(blockhead.type, FREEBLOCK, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1520:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1600:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->header.subtype, source->header.subtype, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1623:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1650:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->header.subtype, source->header.subtype, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1730:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(copy->entry, self->dir->entry,
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1740:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirtype[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1772:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dir->entry[n].id, ptr, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1808:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 2 + 8 * count, dir->entry[n].id, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1828:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1830:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:1935:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:2085:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->dir->entry[n].id,
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:2107:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_trackdir_add(LDBS_TRACKDIR **dir, const char type[4], LDBLOCKID blockid)
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:2120:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dir[0]->entry[n].id, type, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:2136:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d2->entry[d2->count].id, type, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:2204:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_get_asciiz(PLDBS self, const char type[4], char **buffer)
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:2208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:2276:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[15];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:2278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:2319:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[15];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:2345:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[17];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:2347:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:2388:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[17];
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; /* Magic number, 'LBS\1' */
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subtype[4]; /* File subtype, set by ldbs_new() */
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; /* Magic number, "LDB\1' */
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4]; /* Block type, set by ldbs_addblock()
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4]; /* Object identifier */
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:254:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char al[2]; /* Directory allocation bitmap */
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:284:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_new(PLDBS *result, const char *filename, const char type[4]);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:284:63: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_new(PLDBS *result, const char *filename, const char type[4]);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:305:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_open(PLDBS *result, const char *filename, char type[4],
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:305:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_open(PLDBS *result, const char *filename, char type[4],
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:341:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_get_blockinfo(PLDBS self, LDBLOCKID blockid, char type[4],
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:377:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_getblock(PLDBS self, LDBLOCKID blockid, char type[4],
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:510:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ldbs_encode_trackid(char trackid[4], dsk_pcyl_t cylinder, dsk_phead_t head);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:514:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int ldbs_decode_trackid(const char trackid[4], dsk_pcyl_t *cylinder, dsk_phead_t *head);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:517:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ldbs_encode_secid(char secid[4], dsk_pcyl_t cylinder, dsk_phead_t head,
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:521:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int ldbs_decode_secid(const char secid[4], dsk_pcyl_t *cylinder,
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:587:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_getblock_d(PLDBS self, const char type[4],
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:638:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_putblock_d(PLDBS self, const char type[4],
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:683:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_trackdir_add(LDBS_TRACKDIR **dir, const char type[4],
data/libdsk-1.5.9+dfsg/LDBS/ldbs.h:702:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_trackdir_find(LDBS_TRACKDIR *dir, const char type[4], LDBLOCKID *result);
data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c:40:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dsk_header[256];
data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c:54:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char trackinfo[2304];
data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c:61:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *)trackinfo, "Track-Info\r\n");
data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c:166:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char secid[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c:228:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c:251:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (dot) strcpy(dot, ".dsk");
data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c:252:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else strcat(target, ".dsk");
data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c:307:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *)dsk_header, "MV - CPCEMU Disk-File\r\nDisk-Info\r\n");
data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c:312:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *)dsk_header, "EXTENDED CPC DSK File\r\nDisk-Info\r\n");
data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c:336:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpo = fopen(target, "w+b");
data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c:355:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(offset_rec, "Offset-Info\r\n", 14);
data/libdsk-1.5.9+dfsg/LDBS/ldbscopy.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbsdump.c:71:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char blockhead[20];
data/libdsk-1.5.9+dfsg/LDBS/ldbsdump.c:105:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(type, blockhead + 4, 4);
data/libdsk-1.5.9+dfsg/LDBS/ldbsdump.c:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbsdump.c:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[75], txt[17];
data/libdsk-1.5.9+dfsg/LDBS/ldbsdump.c:152:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hex + strlen(hex), "%02x ", data[n]);
data/libdsk-1.5.9+dfsg/LDBS/ldbsdump.c:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbsdump.c:239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/LDBS/ldbsdump.c:281:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[20];
data/libdsk-1.5.9+dfsg/LDBS/ldbsdump.c:282:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char blockhead[20];
data/libdsk-1.5.9+dfsg/LDBS/ldbsdump.c:286:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/LDBS/ldbstest.c:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[5];
data/libdsk-1.5.9+dfsg/LDBS/ldbstest.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/libdsk-1.5.9+dfsg/lib/compbz2.c:47:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bzin[3];
data/libdsk-1.5.9+dfsg/lib/compbz2.c:110:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(self->cd_ufilename, "rb");
data/libdsk-1.5.9+dfsg/lib/compdskf.c:119:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(self->cd_ufilename, "rb");
data/libdsk-1.5.9+dfsg/lib/compgz.c:48:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char uzin[2];
data/libdsk-1.5.9+dfsg/lib/compgz.c:102:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(self->cd_ufilename, "rb");
data/libdsk-1.5.9+dfsg/lib/compress.c:258:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*fp = fopen(self->cd_cfilename, "r+b");
data/libdsk-1.5.9+dfsg/lib/compress.c:262:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
(*fp) = fopen(self->cd_cfilename, "rb");
data/libdsk-1.5.9+dfsg/lib/compress.c:273:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpdir[PATH_MAX];
data/libdsk-1.5.9+dfsg/lib/compress.c:286:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*fp = fopen(self->cd_ufilename, "wb");
data/libdsk-1.5.9+dfsg/lib/compress.c:297:10: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(tmpdir);
data/libdsk-1.5.9+dfsg/lib/compress.c:306:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(tmpdir, "./LDXXXXXX");
data/libdsk-1.5.9+dfsg/lib/compress.c:309:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp[0] = fopen(self->cd_ufilename, "wb");
data/libdsk-1.5.9+dfsg/lib/compsq.c:627:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sq_self->fp_in = fopen(self->cd_ufilename, "rb");
data/libdsk-1.5.9+dfsg/lib/compsq.c:628:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sq_self->fp_out = fopen(self->cd_cfilename, "wb");
data/libdsk-1.5.9+dfsg/lib/compsq.c:675:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (ss) memcpy(ss, ".DSK", 4);
data/libdsk-1.5.9+dfsg/lib/compsq.c:679:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (ss) memcpy(ss, ".dsk", 4);
data/libdsk-1.5.9+dfsg/lib/compsq.h:66:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char huf_bits[65];
data/libdsk-1.5.9+dfsg/lib/comptlzh.c:176:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char d_code[256] = {
data/libdsk-1.5.9+dfsg/lib/comptlzh.c:211:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char d_len[256] = {
data/libdsk-1.5.9+dfsg/lib/comptlzh.c:531:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char head[12];
data/libdsk-1.5.9+dfsg/lib/comptlzh.c:581:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char magic[12];
data/libdsk-1.5.9+dfsg/lib/comptlzh.c:733:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[BLKSZ];
data/libdsk-1.5.9+dfsg/lib/comptlzh.c:738:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if((fp = open(argv[1],O_RDONLY|O_BINARY)) == EOF)
data/libdsk-1.5.9+dfsg/lib/comptlzh.h:61:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char inbuf[TLZH_BUFSZ]; // input buffer
data/libdsk-1.5.9+dfsg/lib/comptlzh.h:62:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[TLZH_BUFSZ]; // output buffer
data/libdsk-1.5.9+dfsg/lib/comptlzh.h:64:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char text_buf[TLZH_N + TLZH_F - 1];
data/libdsk-1.5.9+dfsg/lib/drv.h:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char do_name[1];
data/libdsk-1.5.9+dfsg/lib/drvadisk.c:56:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char adisk_wmagic[128] =
data/libdsk-1.5.9+dfsg/lib/drvadisk.c:76:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[16];
data/libdsk-1.5.9+dfsg/lib/drvadisk.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char secid[4];
data/libdsk-1.5.9+dfsg/lib/drvadisk.c:330:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[128];
data/libdsk-1.5.9+dfsg/lib/drvadisk.c:331:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char magbuf[4];
data/libdsk-1.5.9+dfsg/lib/drvadisk.c:337:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvadisk.c:341:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvadisk.c:405:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvadisk.c:511:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/lib/drvadisk.c:594:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
adiskself->adisk_fp = fopen(adiskself->adisk_filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvcfi.c:105:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(udp, cdp, blklen);
data/libdsk-1.5.9+dfsg/lib/drvcfi.c:216:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char secid[4];
data/libdsk-1.5.9+dfsg/lib/drvcfi.c:299:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wrptr + 2, rdbase, blklen);
data/libdsk-1.5.9+dfsg/lib/drvcfi.c:326:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wrptr + 2, rdbase, blklen);
data/libdsk-1.5.9+dfsg/lib/drvcfi.c:355:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvcfi.c:359:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvcfi.c:415:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvcfi.c:466:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cfiself->cfi_fp = fopen(cfiself->cfi_filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvcfi.c:538:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, secbuf, geom->dg_secsize);
data/libdsk-1.5.9+dfsg/lib/drvcfi.c:560:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(secbuf, buf, geom->dg_secsize);
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char block_id[4];
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:267:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dskhead[256];
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:268:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char trkhead[256];
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:273:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[15];
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:281:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cpc_self->cpc_fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:285:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cpc_self->cpc_fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:449:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dskhead[256];
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:455:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cpc_self->cpc_fp = fopen(filename, "w+b");
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:502:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char trackinfo[2304];
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:509:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *)trackinfo, "Track-Info\r\n");
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:622:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char secid[4];
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:680:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dskhead[256];
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:751:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cpc_self->cpc_fp = fopen(cpc_self->cpc_filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvcpcem.c:798:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(offset_rec, "Offset-Info\r\n", 14);
data/libdsk-1.5.9+dfsg/lib/drvdos16.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vname[20];
data/libdsk-1.5.9+dfsg/lib/drvdos16.c:170:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char new_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvdos16.c:195:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char old_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvdos16.c:230:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char old_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvdos16.c:270:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char old_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvdos16.c:348:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char old_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvdos32.c:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vname[20];
data/libdsk-1.5.9+dfsg/lib/drvdos32.c:160:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char new_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvdos32.c:184:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char old_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvdos32.c:213:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char old_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvdos32.c:248:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char old_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvdos32.c:321:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char old_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvdskf.c:80:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dskfself->dskf_fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvdskf.c:84:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dskfself->dskf_fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvdskf.h:33:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dskf_header[40];
data/libdsk-1.5.9+dfsg/lib/drvimd.c:103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/libdsk-1.5.9+dfsg/lib/drvimd.c:285:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char secid[4];
data/libdsk-1.5.9+dfsg/lib/drvimd.c:393:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvimd.c:397:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvimd.c:533:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvimd.c:774:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
imdself->imd_fp = fopen(imdself->imd_filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvint25.c:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vname[20];
data/libdsk-1.5.9+dfsg/lib/drvint25.c:403:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bpb[92];
data/libdsk-1.5.9+dfsg/lib/drvjv3.c:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/lib/drvjv3.c:173:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char secbuf[1024];
data/libdsk-1.5.9+dfsg/lib/drvjv3.c:176:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvjv3.c:180:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvjv3.c:256:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvjv3.c:302:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char secbuf[1024];
data/libdsk-1.5.9+dfsg/lib/drvjv3.c:372:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
self->jv3_fp = fopen(self->jv3_filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvjv3.h:47:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jv3_header[JV3_HEADER_LEN];
data/libdsk-1.5.9+dfsg/lib/drvldbs.c:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/lib/drvldbs.c:526:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbtype[4];
data/libdsk-1.5.9+dfsg/lib/drvldbs.c:551:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, secbuf + offset, size_actual);
data/libdsk-1.5.9+dfsg/lib/drvldbs.c:654:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/lib/drvldbs.c:893:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(geom, &stats.dg, sizeof(*geom));
data/libdsk-1.5.9+dfsg/lib/drvlinux.c:162:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&self->lx_geom, dg, sizeof(*dg));
data/libdsk-1.5.9+dfsg/lib/drvlinux.c:190:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lxself->lx_fd = open(filename, O_NONBLOCK | O_RDWR);
data/libdsk-1.5.9+dfsg/lib/drvlinux.c:194:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lxself->lx_fd = open(filename, O_NONBLOCK | O_RDONLY);
data/libdsk-1.5.9+dfsg/lib/drvlinux.c:289:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lxself->lx_status, raw_cmd.reply, 4);
data/libdsk-1.5.9+dfsg/lib/drvlinux.c:353:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lxself->lx_status, raw_cmd.reply, 4);
data/libdsk-1.5.9+dfsg/lib/drvlinux.c:411:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lxself->lx_status, raw_cmd.reply, 4);
data/libdsk-1.5.9+dfsg/lib/drvlinux.c:456:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lxself->lx_status, raw_cmd.reply, 4);
data/libdsk-1.5.9+dfsg/lib/drvlinux.c:491:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lxself->lx_status, raw_cmd.reply, 4);
data/libdsk-1.5.9+dfsg/lib/drvlinux.c:570:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lxself->lx_status, raw_cmd.reply, 4);
data/libdsk-1.5.9+dfsg/lib/drvlinux.h:36:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lx_status[4];
data/libdsk-1.5.9+dfsg/lib/drvlogi.c:74:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lpxself->lpx_fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvlogi.c:78:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lpxself->lpx_fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvlogi.c:100:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lpxself->lpx_fp = fopen(filename, "w+b");
data/libdsk-1.5.9+dfsg/lib/drvlogi.c:279:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bootblock[512];
data/libdsk-1.5.9+dfsg/lib/drvlogi.c:368:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char secid[4];
data/libdsk-1.5.9+dfsg/lib/drvmyz80.c:68:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[256];
data/libdsk-1.5.9+dfsg/lib/drvmyz80.c:75:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mzself->mz_fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvmyz80.c:79:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mzself->mz_fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvmyz80.c:123:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mzself->mz_fp = fopen(filename, "w+b");
data/libdsk-1.5.9+dfsg/lib/drvmyz80.c:189:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)buf)[aread++] = 0xE5;
data/libdsk-1.5.9+dfsg/lib/drvmyz80.c:352:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char secbuf[1024];
data/libdsk-1.5.9+dfsg/lib/drvmyz80.c:415:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4];
data/libdsk-1.5.9+dfsg/lib/drvmyz80.c:445:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char secbuf[1024];
data/libdsk-1.5.9+dfsg/lib/drvntwdm.c:117:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&self->nt_geom, dg, sizeof(*dg));
data/libdsk-1.5.9+dfsg/lib/drvntwdm.c:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vname[20];
data/libdsk-1.5.9+dfsg/lib/drvntwdm.c:142:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(vname, "\\\\.\\fdraw%u", tolower(filename[0])-'a');
data/libdsk-1.5.9+dfsg/lib/drvntwdm.c:260:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, iobuffer, geom->dg_secsize);
data/libdsk-1.5.9+dfsg/lib/drvntwdm.c:322:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iobuffer, buf, sector_size);
data/libdsk-1.5.9+dfsg/lib/drvntwdm.c:519:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, iobuffer, geom->dg_secsize);
data/libdsk-1.5.9+dfsg/lib/drvnwasp.c:79:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
nwself->nw_fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvnwasp.c:83:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
nwself->nw_fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvnwasp.c:105:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
nwself->nw_fp = fopen(filename, "w+b");
data/libdsk-1.5.9+dfsg/lib/drvnwasp.c:325:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char secbuf[512];
data/libdsk-1.5.9+dfsg/lib/drvnwasp.c:391:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4];
data/libdsk-1.5.9+dfsg/lib/drvnwasp.c:424:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char secbuf[512];
data/libdsk-1.5.9+dfsg/lib/drvposix.c:140:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pxself->px_fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvposix.c:144:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pxself->px_fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvposix.c:181:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pxself->px_fp = fopen(filename, "w+b");
data/libdsk-1.5.9+dfsg/lib/drvposix.c:410:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bootblock[512];
data/libdsk-1.5.9+dfsg/lib/drvposix.c:498:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char secid[4];
data/libdsk-1.5.9+dfsg/lib/drvqm.c:260:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2];
data/libdsk-1.5.9+dfsg/lib/drvqm.c:401:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sector_id[4];
data/libdsk-1.5.9+dfsg/lib/drvqm.c:460:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rlbuf[2];
data/libdsk-1.5.9+dfsg/lib/drvqm.c:544:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[QM_HEADER_SIZE];
data/libdsk-1.5.9+dfsg/lib/drvqm.c:555:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvqm.c:559:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvqm.c:648:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(u8cmt, "[%04d-%02d-%02dT%02d:%02d:%02d] ",
data/libdsk-1.5.9+dfsg/lib/drvqm.c:686:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[QM_HEADER_SIZE];
data/libdsk-1.5.9+dfsg/lib/drvqm.c:696:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvqm.c:715:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *) &header[QM_H_BASE], "CQ\x14"); /* Signature */
data/libdsk-1.5.9+dfsg/lib/drvqm.c:716:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *) &header[QM_H_DESCR], "0K CQM floppy image");
data/libdsk-1.5.9+dfsg/lib/drvqm.c:811:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header + QM_H_SECSIZE, dosbpb, len);
data/libdsk-1.5.9+dfsg/lib/drvqm.c:905:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header + QM_H_LABEL, dirbuf + 32 * n,
data/libdsk-1.5.9+dfsg/lib/drvqm.c:924:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[QM_HEADER_SIZE];
data/libdsk-1.5.9+dfsg/lib/drvqm.c:989:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(qm_self->qm_filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvqm.c:1017:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *) &header[QM_H_LABEL], "%.*s", QM_H_LBL_SIZE, "** NONE ** ");
data/libdsk-1.5.9+dfsg/lib/drvqm.c:1020:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *) &header[QM_H_BASE], "CQ\x14"); /* Signature */
data/libdsk-1.5.9+dfsg/lib/drvqm.c:1191:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(trk_buf, ucmt, len);
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:158:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[796];
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:164:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chbuf[3];
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sectype[4];
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:179:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:183:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:235:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(comment, "\r\n");
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:410:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:452:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest + dptr + 1, src + pos, n - pos);
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:520:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char trkh[5]; /* QRST track header */
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:614:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[796];
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:618:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char volinfo[2];
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:654:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header, "QRST", 5);
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:750:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
qrself->qrst_fp = fopen(qrself->qrst_filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:224:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_MAX + 20];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:301:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[PATH_MAX + 20];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:302:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[PATH_MAX + 20];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:334:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest, "%02d..", dirent[0]);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:367:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempbuf[160];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:378:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!strcmp(variable, "blocksize") && atoi(value))
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:379:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->rc_blocksize = atoi(value);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:380:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!strcmp(variable, "dirblocks") && atoi(value))
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:381:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->rc_dirblocks = atoi(value);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:382:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!strcmp(variable, "totalblocks") && atoi(value))
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:383:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->rc_totalblocks = atoi(value);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:385:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->rc_systracks = atoi(value);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:386:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!strcmp(variable, "version") && atoi(value))
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:387:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->rc_fsversion = atoi(value);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:468:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuf[160];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:538:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rcb->rcb_data, data, self->rc_geom.dg_secsize);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:546:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rcb->rcb_data, data, self->rc_geom.dg_secsize);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:600:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(pathname, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:601:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fp) fp = fopen(pathname, "wb");
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:644:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uid = atoi(name);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:762:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->rc_sectorbuf, rcb->rcb_data,
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:778:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry, self->rc_sectorbuf + 32 * entryno, 32);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:824:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->rc_sectorbuf, rcb->rcb_data,
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:836:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->rc_sectorbuf + 32 * entryno, entry, 32);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:846:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char timestamp[42];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:892:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char entry[32];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:960:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char label[32];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1041:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char findpath[PATH_MAX];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1045:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char findpath[PATH_MAX];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1050:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cpm_dirent[32];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1283:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1359:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1368:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "w");
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1431:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fnbuf[20];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1579:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, buffer, rcself->rc_geom.dg_secsize);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1584:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(rcpmfs_mkname(rcself, filename), "rb");
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1603:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)buf)[fr++] = 0x1A;
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1646:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char realname[17], newname[17];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1651:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char entry[32];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1679:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(rcpmfs_mkname(self, realname), "wb");
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1920:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, buf, rcself->rc_geom.dg_secsize);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1930:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, buf, rcself->rc_geom.dg_secsize);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:2000:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rcself->rc_geom, geom, sizeof(DSK_GEOMETRY));
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:2003:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "w");
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:2107:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(geom, &rcself->rc_geom, sizeof(DSK_GEOMETRY));
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:2139:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "w");
data/libdsk-1.5.9+dfsg/lib/drvrcpm.h:38:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rcb_data[1];
data/libdsk-1.5.9+dfsg/lib/drvrcpm.h:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rc_dir[PATH_MAX];
data/libdsk-1.5.9+dfsg/lib/drvsap.c:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[66];
data/libdsk-1.5.9+dfsg/lib/drvsap.c:88:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char secbuf[1030];
data/libdsk-1.5.9+dfsg/lib/drvsap.c:99:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvsap.c:103:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvsap.c:231:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char secid[4];
data/libdsk-1.5.9+dfsg/lib/drvsap.c:286:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvsap.c:367:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char secbuf[1030];
data/libdsk-1.5.9+dfsg/lib/drvsap.c:450:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[66];
data/libdsk-1.5.9+dfsg/lib/drvsap.c:481:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sapself->sap_fp = fopen(sapself->sap_filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvsap.c:498:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header + 1, sap_magic, 65);
data/libdsk-1.5.9+dfsg/lib/drvsimh.c:91:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
simh_self->simh_fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvsimh.c:95:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
simh_self->simh_fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvsimh.c:128:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
simh_self->simh_fp = fopen(filename, "w+b");
data/libdsk-1.5.9+dfsg/lib/drvsimh.c:183:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)buf)[aread++] = 0xE5;
data/libdsk-1.5.9+dfsg/lib/drvsimh.c:188:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char trailer[4] = { 0xE5, 0xE5, 0xE5, 0xE5 };
data/libdsk-1.5.9+dfsg/lib/drvsimh.c:348:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char secbuf[128];
data/libdsk-1.5.9+dfsg/lib/drvsimh.c:416:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4];
data/libdsk-1.5.9+dfsg/lib/drvsimh.c:447:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char secbuf[128];
data/libdsk-1.5.9+dfsg/lib/drvtele.c:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char secid[4];
data/libdsk-1.5.9+dfsg/lib/drvtele.c:198:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(secbuf + pos, pattern, plen);
data/libdsk-1.5.9+dfsg/lib/drvtele.c:209:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(secbuf + pos, pattern,wleft);
data/libdsk-1.5.9+dfsg/lib/drvtele.c:210:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(secbuf + pos, pattern, 1 << ptype);
data/libdsk-1.5.9+dfsg/lib/drvtele.c:257:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[12];
data/libdsk-1.5.9+dfsg/lib/drvtele.c:260:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
self->tele_fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvtele.c:264:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
self->tele_fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvtele.c:280:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->tele_head.magic, header, 2);
data/libdsk-1.5.9+dfsg/lib/drvtele.c:370:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ucomment, "[%04d-%02d-%02dT%02d:%02d:%02d] ",
data/libdsk-1.5.9+dfsg/lib/drvtele.c:500:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[12];
data/libdsk-1.5.9+dfsg/lib/drvtele.c:503:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
self->tele_fp = fopen(filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvtele.c:633:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest + dptr + 2, src, patlen);
data/libdsk-1.5.9+dfsg/lib/drvtele.c:685:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char thead[4];
data/libdsk-1.5.9+dfsg/lib/drvtele.c:795:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(secdata + 9, secdata + seclen + 9, complen);
data/libdsk-1.5.9+dfsg/lib/drvtele.c:827:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[12];
data/libdsk-1.5.9+dfsg/lib/drvtele.c:995:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
self->tele_fp = fopen(self->tele_filename, "wb");
data/libdsk-1.5.9+dfsg/lib/drvtele.h:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[3];
data/libdsk-1.5.9+dfsg/lib/drvwin16.c:214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vname[20];
data/libdsk-1.5.9+dfsg/lib/drvwin16.c:284:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char new_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvwin16.c:309:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char old_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvwin16.c:344:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char old_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvwin16.c:384:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char old_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvwin16.c:462:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char old_dpt[11];
data/libdsk-1.5.9+dfsg/lib/drvwin32.c:76:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[1024];
data/libdsk-1.5.9+dfsg/lib/drvwin32.c:298:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vname[20];
data/libdsk-1.5.9+dfsg/lib/drvwin32.c:432:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, iobuffer, geom->dg_secsize);
data/libdsk-1.5.9+dfsg/lib/drvwin32.c:479:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iobuffer, buf, geom->dg_secsize);
data/libdsk-1.5.9+dfsg/lib/drvwin32.c:566:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[512];
data/libdsk-1.5.9+dfsg/lib/drvwin32.c:649:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vname[20];
data/libdsk-1.5.9+dfsg/lib/drvwin32.c:1047:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+2+buflen, input, inp_len);
data/libdsk-1.5.9+dfsg/lib/drvwin32.c:1084:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(w32self->w32_slotname, "\\\\.\\mailslot\\%08x", n);
data/libdsk-1.5.9+dfsg/lib/drvwin32.h:34:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char w32_slotname[PATH_MAX];
data/libdsk-1.5.9+dfsg/lib/drvydsk.c:159:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ydsk_self->ydsk_fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/drvydsk.c:163:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ydsk_self->ydsk_fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/drvydsk.c:196:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ydsk_self->ydsk_fp = fopen(filename, "w+b");
data/libdsk-1.5.9+dfsg/lib/drvydsk.c:202:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ydsk_self->ydsk_header, "<CPM_Disk>", 10);
data/libdsk-1.5.9+dfsg/lib/drvydsk.c:265:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)buf)[aread++] = 0xE5;
data/libdsk-1.5.9+dfsg/lib/drvydsk.c:628:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4];
data/libdsk-1.5.9+dfsg/lib/drvydsk.h:32:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ydsk_header[128];
data/libdsk-1.5.9+dfsg/lib/dskgeom.c:589:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char alle5[10] = { 0xE5, 0xE5, 0xE5, 0xE5, 0xE5,
data/libdsk-1.5.9+dfsg/lib/dskiconv.c:30:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char cp437[129][4] =
data/libdsk-1.5.9+dfsg/lib/dskiconv.c:223:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
l = strlen((char *)cp437[sc - 0x7f]);
data/libdsk-1.5.9+dfsg/lib/dskiconv.c:225:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (!append((char *)cp437[sc - 0x7f], l, dst, &dpos, &limit))
data/libdsk-1.5.9+dfsg/lib/dskiconv.c:246:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (!strcmp((char *)cp437[n], (char *)t)) return 127 + n;
data/libdsk-1.5.9+dfsg/lib/dskiconv.c:261:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char token[5];
data/libdsk-1.5.9+dfsg/lib/dskread.c:51:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)buf)[m] = ~((char *)buf)[m];
data/libdsk-1.5.9+dfsg/lib/dskread.c:51:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)buf)[m] = ~((char *)buf)[m];
data/libdsk-1.5.9+dfsg/lib/dskread.c:103:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)buf)[m] = ~((char *)buf)[m];
data/libdsk-1.5.9+dfsg/lib/dskread.c:103:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)buf)[m] = ~((char *)buf)[m];
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:95:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[PATH_MAX];
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:118:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_MAX];
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:149:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_MAX];
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:183:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_MAX];
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:201:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_MAX + 8];
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:229:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "share/");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:237:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_MAX];
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuf[160];
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:265:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dg, &stdg[0].dg, sizeof(*dg));
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:320:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!strcmp(linebuf, "cylinders") && atoi(value))
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:321:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dg->dg_cylinders = atoi(value);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:322:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!strcmp(linebuf, "heads") && atoi(value))
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:323:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dg->dg_heads = atoi(value);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:324:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!strcmp(linebuf, "sectors") && atoi(value))
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:325:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dg->dg_sectors = atoi(value);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:327:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dg->dg_secbase = atoi(value);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:328:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!strcmp(linebuf, "secsize") && atoi(value))
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:329:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dg->dg_secsize = atoi(value);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:338:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!strcmp(linebuf, "rwgap") && atoi(value))
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:339:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dg->dg_rwgap = atoi(value);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:340:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!strcmp(linebuf, "fmtgap") && atoi(value))
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:341:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dg->dg_fmtgap = atoi(value);
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:427:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuf[160];
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:428:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formname[160];
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:429:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formdesc[160];
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:457:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pg, &ng, sizeof(ng));
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:472:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2 * PATH_MAX];
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:494:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(buf, "r");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:510:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(buf, "r");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:547:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (self) memcpy(self, &cg->dg, sizeof(*self));
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:553:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (self) memcpy(self, &stdg[idx].dg, sizeof(*self));
data/libdsk-1.5.9+dfsg/lib/dsktread.c:50:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)buf)[sec] = ~((char *)buf)[sec];
data/libdsk-1.5.9+dfsg/lib/dsktread.c:50:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)buf)[sec] = ~((char *)buf)[sec];
data/libdsk-1.5.9+dfsg/lib/dsktread.c:108:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)buf)[sec] = ~((char *)buf)[sec];
data/libdsk-1.5.9+dfsg/lib/dsktread.c:108:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)buf)[sec] = ~((char *)buf)[sec];
data/libdsk-1.5.9+dfsg/lib/dsktrkid.c:61:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char found[256];
data/libdsk-1.5.9+dfsg/lib/dsktrkid.c:89:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&headers[lcount], &fmt, sizeof(fmt));
data/libdsk-1.5.9+dfsg/lib/dsktrkid.c:100:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*results, headers, lcount * sizeof(DSK_FORMAT)) ;
data/libdsk-1.5.9+dfsg/lib/dskwrite.c:52:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
inv_buf[m] = ~((char *)buf)[m];
data/libdsk-1.5.9+dfsg/lib/dskwrite.c:117:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
inv_buf[m] = ~((char *)buf)[m];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:141:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char FREEBLOCK[4] = {0,0,0,0};
data/libdsk-1.5.9+dfsg/lib/ldbs.c:142:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char USEDBLOCK[4] = {0,1,0,1};
data/libdsk-1.5.9+dfsg/lib/ldbs.c:270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpdir[PATH_MAX];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:284:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
self->fp = fopen(self->filename, "w+b");
data/libdsk-1.5.9+dfsg/lib/ldbs.c:295:7: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(tmpdir);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:304:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(tmpdir, "./LBXXXXXX");
data/libdsk-1.5.9+dfsg/lib/ldbs.c:313:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(self->filename, "rb");
data/libdsk-1.5.9+dfsg/lib/ldbs.c:325:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
self->fp = fopen(self->filename, "w+b");
data/libdsk-1.5.9+dfsg/lib/ldbs.c:385:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[HEADER_LEN];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:401:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->header.magic, header, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:402:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->header.subtype, header + 4, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:415:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[BLOCKHEAD_LEN];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:423:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bh, ptr, sizeof(LDBS_BLOCKHEAD));
data/libdsk-1.5.9+dfsg/lib/ldbs.c:440:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bh->magic, header, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:441:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bh->type, header + 4, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:452:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[HEADER_LEN];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:465:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header, self->header.magic, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:466:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header + 4, self->header.subtype, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:483:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[BLOCKHEAD_LEN];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:490:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, bh, sizeof(LDBS_BLOCKHEAD));
data/libdsk-1.5.9+dfsg/lib/ldbs.c:499:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header, LDBS_BLOCKHEAD_MAGIC, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:500:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header + 4, bh->type, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:529:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest + sizeof(LDBS_BLOCKHEAD), data, len);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:571:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char st[5];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:580:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(st, type, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:586:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
temp.fp = fopen(filename, "w+b");
data/libdsk-1.5.9+dfsg/lib/ldbs.c:612:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp.header.magic, LDBS_HEADER_MAGIC, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:613:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp.header.subtype, st, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:649:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pres, &temp, sizeof(LDBS));
data/libdsk-1.5.9+dfsg/lib/ldbs.c:679:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
temp.fp = fopen(filename, "r+b");
data/libdsk-1.5.9+dfsg/lib/ldbs.c:684:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
temp.fp = fopen(filename, "rb");
data/libdsk-1.5.9+dfsg/lib/ldbs.c:738:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(type, temp.header.subtype, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:740:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pres, &temp, sizeof(LDBS));
data/libdsk-1.5.9+dfsg/lib/ldbs.c:882:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_get_blockinfo(PLDBS self, LDBLOCKID blockid, char type[4],
data/libdsk-1.5.9+dfsg/lib/ldbs.c:901:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(type, blockhead.type, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:914:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_getblock(PLDBS self, LDBLOCKID blockid, char type[4],
data/libdsk-1.5.9+dfsg/lib/ldbs.c:933:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(type, blockhead.type, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:949:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, src + sizeof(LDBS_BLOCKHEAD), *len);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:969:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, src + sizeof(LDBS_BLOCKHEAD), *len);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1014:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(type, blockhead.type, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1024:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*data, src + sizeof(LDBS_BLOCKHEAD), *len);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1046:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tb[5];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1051:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tb, type, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1055:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tb, USEDBLOCK, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1142:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(blockhead.type, tb, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1159:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(blockhead.type, tb, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cur_type[5];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[5];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1217:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(type, t, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1221:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(type, USEDBLOCK, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1255:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[BLOCKHEAD_LEN];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1379:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(blockhead.type, FREEBLOCK, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1520:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1600:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->header.subtype, source->header.subtype, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1623:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1650:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->header.subtype, source->header.subtype, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1730:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(copy->entry, self->dir->entry,
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1740:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirtype[4];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1772:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dir->entry[n].id, ptr, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1808:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 2 + 8 * count, dir->entry[n].id, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1828:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[4];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1830:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:1935:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:2085:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->dir->entry[n].id,
data/libdsk-1.5.9+dfsg/lib/ldbs.c:2107:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_trackdir_add(LDBS_TRACKDIR **dir, const char type[4], LDBLOCKID blockid)
data/libdsk-1.5.9+dfsg/lib/ldbs.c:2120:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dir[0]->entry[n].id, type, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:2136:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d2->entry[d2->count].id, type, 4);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:2204:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_get_asciiz(PLDBS self, const char type[4], char **buffer)
data/libdsk-1.5.9+dfsg/lib/ldbs.c:2208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[4];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:2276:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[15];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:2278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[4];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:2319:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[15];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:2345:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[17];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:2347:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[4];
data/libdsk-1.5.9+dfsg/lib/ldbs.c:2388:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[17];
data/libdsk-1.5.9+dfsg/lib/ldbs.h:161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; /* Magic number, 'LBS\1' */
data/libdsk-1.5.9+dfsg/lib/ldbs.h:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subtype[4]; /* File subtype, set by ldbs_new() */
data/libdsk-1.5.9+dfsg/lib/ldbs.h:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; /* Magic number, "LDB\1' */
data/libdsk-1.5.9+dfsg/lib/ldbs.h:172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4]; /* Block type, set by ldbs_addblock()
data/libdsk-1.5.9+dfsg/lib/ldbs.h:185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4]; /* Object identifier */
data/libdsk-1.5.9+dfsg/lib/ldbs.h:254:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char al[2]; /* Directory allocation bitmap */
data/libdsk-1.5.9+dfsg/lib/ldbs.h:284:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_new(PLDBS *result, const char *filename, const char type[4]);
data/libdsk-1.5.9+dfsg/lib/ldbs.h:284:63: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_new(PLDBS *result, const char *filename, const char type[4]);
data/libdsk-1.5.9+dfsg/lib/ldbs.h:305:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_open(PLDBS *result, const char *filename, char type[4],
data/libdsk-1.5.9+dfsg/lib/ldbs.h:305:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_open(PLDBS *result, const char *filename, char type[4],
data/libdsk-1.5.9+dfsg/lib/ldbs.h:341:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_get_blockinfo(PLDBS self, LDBLOCKID blockid, char type[4],
data/libdsk-1.5.9+dfsg/lib/ldbs.h:377:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_getblock(PLDBS self, LDBLOCKID blockid, char type[4],
data/libdsk-1.5.9+dfsg/lib/ldbs.h:510:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ldbs_encode_trackid(char trackid[4], dsk_pcyl_t cylinder, dsk_phead_t head);
data/libdsk-1.5.9+dfsg/lib/ldbs.h:514:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int ldbs_decode_trackid(const char trackid[4], dsk_pcyl_t *cylinder, dsk_phead_t *head);
data/libdsk-1.5.9+dfsg/lib/ldbs.h:517:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ldbs_encode_secid(char secid[4], dsk_pcyl_t cylinder, dsk_phead_t head,
data/libdsk-1.5.9+dfsg/lib/ldbs.h:521:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int ldbs_decode_secid(const char secid[4], dsk_pcyl_t *cylinder,
data/libdsk-1.5.9+dfsg/lib/ldbs.h:587:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_getblock_d(PLDBS self, const char type[4],
data/libdsk-1.5.9+dfsg/lib/ldbs.h:638:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_putblock_d(PLDBS self, const char type[4],
data/libdsk-1.5.9+dfsg/lib/ldbs.h:683:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_trackdir_add(LDBS_TRACKDIR **dir, const char type[4],
data/libdsk-1.5.9+dfsg/lib/ldbs.h:702:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
dsk_err_t ldbs_trackdir_find(LDBS_TRACKDIR *dir, const char type[4], LDBLOCKID *result);
data/libdsk-1.5.9+dfsg/lib/rpccli.c:36:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[PATH_MAX + 100], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:37:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[20] , *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:59:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[PATH_MAX + 100], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:60:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[20] , *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:83:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[20], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:84:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[20], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:102:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:103:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[LARGEBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:120:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, buf2, geom->dg_secsize);
data/libdsk-1.5.9+dfsg/lib/rpccli.c:128:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:129:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[SMALLBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:153:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[LARGEBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:154:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[SMALLBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:176:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[300], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:177:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[SMALLBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:205:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:206:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[SMALLBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:229:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:230:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[SMALLBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:251:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:252:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[SMALLBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:276:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:277:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[LARGEBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:300:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, buf2, sector_size);
data/libdsk-1.5.9+dfsg/lib/rpccli.c:312:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[LARGEBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:313:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[SMALLBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:340:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:341:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[LARGEBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:357:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, buf2, geom->dg_secsize * geom->dg_sectors);
data/libdsk-1.5.9+dfsg/lib/rpccli.c:369:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:370:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[LARGEBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:388:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, buf2, geom->dg_secsize * geom->dg_sectors);
data/libdsk-1.5.9+dfsg/lib/rpccli.c:396:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:399:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char obuf[SMALLBUF];
data/libdsk-1.5.9+dfsg/lib/rpccli.c:427:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:428:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[SMALLBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:449:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:450:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[SMALLBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:473:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:476:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char obuf[2*SMALLBUF];
data/libdsk-1.5.9+dfsg/lib/rpccli.c:502:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[2*SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:503:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[2*SMALLBUF];
data/libdsk-1.5.9+dfsg/lib/rpccli.c:531:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:532:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[LARGEBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:574:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:575:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[LARGEBUF], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:594:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, buf2, buflen);
data/libdsk-1.5.9+dfsg/lib/rpccli.c:606:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ibuf[SMALLBUF], *iptr = ibuf;
data/libdsk-1.5.9+dfsg/lib/rpccli.c:607:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char obuf[400], *optr = obuf;
data/libdsk-1.5.9+dfsg/lib/rpcfork.c:55:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fork_err[2];
data/libdsk-1.5.9+dfsg/lib/rpcfork.c:154:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, tmpbuf, *out_len);
data/libdsk-1.5.9+dfsg/lib/rpcfossl.c:129:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char crc16tab[512];
data/libdsk-1.5.9+dfsg/lib/rpcfossl.c:182:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->portno = atoi(self->filename);
data/libdsk-1.5.9+dfsg/lib/rpcfossl.c:215:16: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->baud = atol(sep);
data/libdsk-1.5.9+dfsg/lib/rpcfossl.c:349:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, tmpbuf, *out_len);
data/libdsk-1.5.9+dfsg/lib/rpcpack.c:184:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*output, buf, len);
data/libdsk-1.5.9+dfsg/lib/rpcserv.c:50:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char secbuf[8192], *pbuf;
data/libdsk-1.5.9+dfsg/lib/rpctios.c:66:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char crc16tab[512];
data/libdsk-1.5.9+dfsg/lib/rpctios.c:83:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
self->infd = open(self->filename, O_RDONLY | O_NONBLOCK);
data/libdsk-1.5.9+dfsg/lib/rpctios.c:90:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
self->outfd = open(self->filename, O_WRONLY | O_APPEND | O_NONBLOCK);
data/libdsk-1.5.9+dfsg/lib/rpctios.c:119:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->baud = atoi(sep);
data/libdsk-1.5.9+dfsg/lib/rpctios.c:229:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, tmpbuf, *out_len);
data/libdsk-1.5.9+dfsg/lib/rpcwin32.c:55:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char crc16tab[512];
data/libdsk-1.5.9+dfsg/lib/rpcwin32.c:105:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self->baud = atoi(sep);
data/libdsk-1.5.9+dfsg/lib/rpcwin32.c:225:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, tmpbuf, *out_len);
data/libdsk-1.5.9+dfsg/lib/w16defs.h:16:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char midVolLabel[11]; // volume label for the medium
data/libdsk-1.5.9+dfsg/lib/w16defs.h:17:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char midFileSysType[8]; // type of file system as 8-byte ASCII
data/libdsk-1.5.9+dfsg/lib/w95defs.h:43:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char midVolLabel[11]; // volume label for the medium
data/libdsk-1.5.9+dfsg/lib/w95defs.h:44:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char midFileSysType[8]; // type of file system as 8-byte ASCII
data/libdsk-1.5.9+dfsg/rpcserv/ldserver.c:37:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char inbuf[16384], outbuf[16384];
data/libdsk-1.5.9+dfsg/rpcserv/ldserver.c:168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sErr[128];
data/libdsk-1.5.9+dfsg/rpcserv/ldserver.c:217:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sErr, "Cannot create mailslot: ");
data/libdsk-1.5.9+dfsg/rpcserv/ldserver.c:222:31: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case NERR_NetNotStarted: strcat(sErr, "The network is not started.");
data/libdsk-1.5.9+dfsg/rpcserv/ldserver.c:224:30: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
case ERROR_ALREADY_EXISTS: strcat(sErr, "The mailslot is already in use. "
data/libdsk-1.5.9+dfsg/rpcserv/ldserver.c:228:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sErr, "Invalid parameter");
data/libdsk-1.5.9+dfsg/rpcserv/ldserver.c:231:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sErr, "Path not found");
data/libdsk-1.5.9+dfsg/rpcserv/ldserver.c:402:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[50];
data/libdsk-1.5.9+dfsg/tools/bootsec.c:30:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char apri_magic[12] =
data/libdsk-1.5.9+dfsg/tools/bootsec.c:35:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pcd_magic[12] =
data/libdsk-1.5.9+dfsg/tools/bootsec.c:77:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf2, buf + 0x150, 0xA0); /* Copy in saved sector */
data/libdsk-1.5.9+dfsg/tools/bootsec.c:92:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf2, apricot_dummy, sizeof(apricot_dummy));
data/libdsk-1.5.9+dfsg/tools/bootsec.c:93:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf2, buf + 3, 8); /* OEM ID */
data/libdsk-1.5.9+dfsg/tools/bootsec.c:108:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf2 + 0x50, buf + 0x0b, 13); /* BPB */
data/libdsk-1.5.9+dfsg/tools/bootsec.c:120:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf2 + 0x144, pcd_magic, sizeof(pcd_magic));
data/libdsk-1.5.9+dfsg/tools/bootsec.c:121:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf2 + 0x150, buf, 0xA0);
data/libdsk-1.5.9+dfsg/tools/bootsec.c:123:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, buf2, sizeof(buf2));
data/libdsk-1.5.9+dfsg/tools/bootsec.c:137:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf2, buf + 0x150, 0xA0); /* Copy in saved sector */
data/libdsk-1.5.9+dfsg/tools/bootsec.c:138:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf2, pcdos_dummy, 3); /* and patch its code to be */
data/libdsk-1.5.9+dfsg/tools/bootsec.c:139:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf2 + 0x40, pcdos_dummy + 0x40, 4);
data/libdsk-1.5.9+dfsg/tools/bootsec.c:147:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf2, pcdos_dummy, sizeof(pcdos_dummy));
data/libdsk-1.5.9+dfsg/tools/bootsec.c:148:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf2 + 3, buf, 8); /* OEM ID */
data/libdsk-1.5.9+dfsg/tools/bootsec.c:149:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf2 + 0x0b, buf + 0x50, 13); /* BPB */
data/libdsk-1.5.9+dfsg/tools/bootsec.c:156:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf2 + 0x144, apri_magic, sizeof(apri_magic));
data/libdsk-1.5.9+dfsg/tools/bootsec.c:157:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf2 + 0x150, buf, 0xA0);
data/libdsk-1.5.9+dfsg/tools/bootsec.c:161:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, buf2, sizeof(buf2));
data/libdsk-1.5.9+dfsg/tools/check2.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/libdsk-1.5.9+dfsg/tools/check3.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20000];
data/libdsk-1.5.9+dfsg/tools/dskdump.c:69:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (n >= *argc || atoi(argv[n]) == 0)
data/libdsk-1.5.9+dfsg/tools/dskdump.c:74:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nr = atoi(argv[n]);
data/libdsk-1.5.9+dfsg/tools/dskform.c:125:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char spec169 [10] = { 0, 0, 40, 9, 2, 2, 3, 2, 0x2A, 0x52 };
data/libdsk-1.5.9+dfsg/tools/dskform.c:126:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char spec180 [10] = { 0, 0, 40, 9, 2, 1, 3, 2, 0x2A, 0x52 };
data/libdsk-1.5.9+dfsg/tools/dskform.c:127:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char spec200 [10] = { 0, 0, 40,10, 2, 1, 3, 3, 0x0C, 0x17 };
data/libdsk-1.5.9+dfsg/tools/dskform.c:128:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char spec720 [10] = { 3, 0x81, 80, 9, 2, 1, 4, 4, 0x2A, 0x52 };
data/libdsk-1.5.9+dfsg/tools/dskform.c:129:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char spec800 [10] = { 3, 0x81, 80,10, 2, 1, 4, 4, 0x0C, 0x17 };
data/libdsk-1.5.9+dfsg/tools/dskform.c:311:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(secbuf + 3, "IBM 3.3", 8);
data/libdsk-1.5.9+dfsg/tools/dskform.c:339:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(secbuf + 39, &tm, 4); /* Volume serial number */
data/libdsk-1.5.9+dfsg/tools/dskform.c:340:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(secbuf + 43, "NO NAME ", 11);
data/libdsk-1.5.9+dfsg/tools/dskform.c:341:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(secbuf + 54, "FAT12 ", 8);
data/libdsk-1.5.9+dfsg/tools/dskform.c:388:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(secbuf, "not named ", 11);
data/libdsk-1.5.9+dfsg/tools/dskform.c:433:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bootsec[512];
data/libdsk-1.5.9+dfsg/tools/dskform.c:440:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bootsec, spec180, 10);
data/libdsk-1.5.9+dfsg/tools/dskform.c:444:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bootsec, spec169, 10);
data/libdsk-1.5.9+dfsg/tools/dskform.c:450:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bootsec, spec200, 10);
data/libdsk-1.5.9+dfsg/tools/dskform.c:454:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bootsec, spec720, 10);
data/libdsk-1.5.9+dfsg/tools/dskform.c:458:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bootsec, spec800, 10);
data/libdsk-1.5.9+dfsg/tools/dskid.c:236:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/libdsk-1.5.9+dfsg/tools/dskscan.c:68:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (n >= *argc || atoi(argv[n]) == 0)
data/libdsk-1.5.9+dfsg/tools/dskscan.c:73:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nr = atoi(argv[n]);
data/libdsk-1.5.9+dfsg/tools/dsktest.c:181:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char spec180 [10] = { 0, 0, 40, 9, 2, 1, 3, 2, 0x2A, 0x52 };
data/libdsk-1.5.9+dfsg/tools/dsktest.c:183:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char secbuf[512];
data/libdsk-1.5.9+dfsg/tools/dsktest.c:184:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char trkbuf[8192];
data/libdsk-1.5.9+dfsg/tools/dsktest.c:284:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(secbuf, spec180, sizeof(spec180));
data/libdsk-1.5.9+dfsg/tools/dsktest.c:288:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((char *)secbuf, "Cyl=3 Head=1 Sec=5");
data/libdsk-1.5.9+dfsg/tools/dsktrans.c:75:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (n >= *argc || atoi(argv[n]) == 0)
data/libdsk-1.5.9+dfsg/tools/dsktrans.c:80:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nr = atoi(argv[n]);
data/libdsk-1.5.9+dfsg/tools/dsktrans.c:323:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xbuf[20];
data/libdsk-1.5.9+dfsg/tools/dskutil.c:111:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[1];
data/libdsk-1.5.9+dfsg/tools/dskutil.c:179:36: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*((dsk_sides_t *)(var->data)) = atol(value);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:183:35: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*((dsk_pcyl_t *)(var->data)) = atol(value);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:187:36: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*((dsk_phead_t *)(var->data)) = atol(value);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:191:36: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*((dsk_psect_t *)(var->data)) = atol(value);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:195:9: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!atol(value))
data/libdsk-1.5.9+dfsg/tools/dskutil.c:202:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int err = new_secsize(atoi(value));
data/libdsk-1.5.9+dfsg/tools/dskutil.c:205:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*((size_t *)(var->data)) = atoi(value);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:386:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (n >= *argc || atoi(argv[n]) == 0)
data/libdsk-1.5.9+dfsg/tools/dskutil.c:391:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nr = atoi(argv[n]);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:477:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200], bufcopy[200], *c;
data/libdsk-1.5.9+dfsg/tools/dskutil.c:513:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer, "x\n");
data/libdsk-1.5.9+dfsg/tools/dskutil.c:520:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isdigit(*slash)) repeat = atoi(slash);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:643:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(s);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:664:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b->data, secbuf, dg.dg_secsize);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:829:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(s, "wb");
data/libdsk-1.5.9+dfsg/tools/dskutil.c:901:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(clipbuf, secbuf, dg.dg_secsize);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:906:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(secbuf, clipbuf, dg.dg_secsize);
data/libdsk-1.5.9+dfsg/tools/forkslave.c:43:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char okay[2] = {0, 0};
data/libdsk-1.5.9+dfsg/tools/forkslave.c:44:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pkt_in[9000];
data/libdsk-1.5.9+dfsg/tools/forkslave.c:45:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pkt_out[9000];
data/libdsk-1.5.9+dfsg/tools/forkslave.c:46:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2];
data/libdsk-1.5.9+dfsg/tools/md3serial.c:113:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[8];
data/libdsk-1.5.9+dfsg/tools/md3serial.c:128:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[8];
data/libdsk-1.5.9+dfsg/tools/md3serial.c:129:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sbuf[8];
data/libdsk-1.5.9+dfsg/tools/md3serial.c:132:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *)sbuf, "%-7.7s", s);
data/libdsk-1.5.9+dfsg/tools/md3serial.c:150:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256];
data/libdsk-1.5.9+dfsg/tools/md3serial.c:170:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+17, scramble((unsigned char *)newser), 7);
data/libdsk-1.5.9+dfsg/tools/serslave.c:57:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char okay[2] = {0, 0};
data/libdsk-1.5.9+dfsg/tools/serslave.c:58:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pkt_in[20000];
data/libdsk-1.5.9+dfsg/tools/serslave.c:59:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pkt_out[20000];
data/libdsk-1.5.9+dfsg/tools/serslave.c:60:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[2];
data/libdsk-1.5.9+dfsg/tools/serslave.c:61:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pkt_h[2];
data/libdsk-1.5.9+dfsg/tools/serslave.c:62:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pkt_t[2];
data/libdsk-1.5.9+dfsg/tools/serslave.c:68:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char crc16tab[512];
data/libdsk-1.5.9+dfsg/tools/serslave.c:112:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
infd = open(filename, O_RDONLY | O_NONBLOCK);
data/libdsk-1.5.9+dfsg/tools/serslave.c:119:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfd = open(filename, O_WRONLY | O_APPEND | O_NONBLOCK);
data/libdsk-1.5.9+dfsg/tools/serslave.c:148:10: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
baud = atol(sep);
data/libdsk-1.5.9+dfsg/tools/serslave.c:333:10: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
baud = atol(sep);
data/libdsk-1.5.9+dfsg/tools/serslave.c:534:11: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
portno = atol(filename);
data/libdsk-1.5.9+dfsg/tools/serslave.c:567:10: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
baud = atol(sep);
data/libdsk-1.5.9+dfsg/tools/utilopts.c:130:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (n >= *argc || atoi(argv[n]) == 0)
data/libdsk-1.5.9+dfsg/tools/utilopts.c:135:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nr = atoi(argv[n]);
data/libdsk-1.5.9+dfsg/tools/utilopts.c:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[81];
data/libdsk-1.5.9+dfsg/tools/utilopts.c:193:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[81];
data/libdsk-1.5.9+dfsg/tools/utilopts.c:194:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/libdsk-1.5.9+dfsg/LDBS/dsk2ldbs.c:299:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *target = malloc(10 + strlen(filename));
data/libdsk-1.5.9+dfsg/LDBS/dsk2ldbs.c:359:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(creator, (char *)(dsk_header + 0x22), 14);
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:320:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = self->filename + strlen(self->filename) - 6;
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:588:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp.filename = ldbs_malloc(1 + strlen(filename));
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:687:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp.filename = ldbs_malloc(1 + strlen(filename));
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:2252:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(creator));
data/libdsk-1.5.9+dfsg/LDBS/ldbs.c:2268:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(comment));
data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c:230:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *target = malloc(10 + strlen(filename));
data/libdsk-1.5.9+dfsg/LDBS/ldbs2dsk.c:324:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)dsk_header + 0x22, creator, 14);
data/libdsk-1.5.9+dfsg/LDBS/ldbsdump.c:152:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(hex + strlen(hex), "%02x ", data[n]);
data/libdsk-1.5.9+dfsg/LDBS/ldbstest.c:63:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = ldbs_putblock(ldbs, &blkid[0], "BL0K", test1, 1 + strlen(test1));
data/libdsk-1.5.9+dfsg/LDBS/ldbstest.c:65:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = ldbs_putblock(ldbs, &blkid[1], "BL0K", test2, 1 + strlen(test2));
data/libdsk-1.5.9+dfsg/LDBS/ldbstest.c:67:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = ldbs_putblock(ldbs, &blkid[2], "BL0K", test3, 1 + strlen(test3));
data/libdsk-1.5.9+dfsg/LDBS/ldbstest.c:72:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = ldbs_putblock(ldbs, &blkid[2], "BL0K", test2, strlen(test2));
data/libdsk-1.5.9+dfsg/LDBS/ldbstest.c:78:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = ldbs_putblock(ldbs, &blkid[3], "BL0K", test2, 1 + strlen(test2));
data/libdsk-1.5.9+dfsg/LDBS/ldbstest.c:80:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = ldbs_putblock(ldbs, &blkid[4], "BL0K", test3, 1 + strlen(test3));
data/libdsk-1.5.9+dfsg/LDBS/ldbstest.c:113:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = ldbs_putblock(ldbs, &blkid[0], "BL0K", test1, 1 + strlen(test1));
data/libdsk-1.5.9+dfsg/LDBS/ldbstest.c:115:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = ldbs_putblock(ldbs, &blkid[1], "BL0K", test2, 1 + strlen(test2));
data/libdsk-1.5.9+dfsg/LDBS/ldbstest.c:117:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = ldbs_putblock(ldbs, &blkid[2], "BL0K", test3, 1 + strlen(test3));
data/libdsk-1.5.9+dfsg/lib/compbz2.c:117:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = fgetc(fp)) != EOF)
data/libdsk-1.5.9+dfsg/lib/compdskf.c:126:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = fgetc(fp)) != EOF)
data/libdsk-1.5.9+dfsg/lib/compdskf.c:231:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ch = fgetc(self->dskf_fpin);
data/libdsk-1.5.9+dfsg/lib/compdskf.c:238:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
hi = fgetc(self->dskf_fpin);
data/libdsk-1.5.9+dfsg/lib/compdskf.c:239:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
lo = fgetc(self->dskf_fpin);
data/libdsk-1.5.9+dfsg/lib/compdskf.c:270:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = fgetc(self->dskf_fpin);
data/libdsk-1.5.9+dfsg/lib/compgz.c:109:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = fgetc(fp)) != EOF)
data/libdsk-1.5.9+dfsg/lib/compress.c:75:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = dsk_malloc(strlen(cc->cc_description) + 50);
data/libdsk-1.5.9+dfsg/lib/compress.c:145:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) == 2 && filename[1] == ':') return DSK_ERR_NOTME;
data/libdsk-1.5.9+dfsg/lib/compsq.c:94:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (c = fgetc(self->fp_in)) != EOF )
data/libdsk-1.5.9+dfsg/lib/compsq.c:397:6: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = fgetc(self->fp_in);
data/libdsk-1.5.9+dfsg/lib/comptlzh.c:762:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rd = read(fp,buf,BLKSZ);
data/libdsk-1.5.9+dfsg/lib/drvadisk.c:93:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(fp) == EOF) return DSK_ERR_SEEKFAIL;
data/libdsk-1.5.9+dfsg/lib/drvadisk.c:441:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = dsk_malloc(slen = 17 + strlen(cmt));
data/libdsk-1.5.9+dfsg/lib/drvcfi.c:53:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = fgetc(fp);
data/libdsk-1.5.9+dfsg/lib/drvcfi.c:56:6: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp);
data/libdsk-1.5.9+dfsg/lib/drvdos16.c:107:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) != 2 || filename[1] != ':') return DSK_ERR_NOTME;
data/libdsk-1.5.9+dfsg/lib/drvdos32.c:101:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) != 2 || filename[1] != ':') return DSK_ERR_NOTME;
data/libdsk-1.5.9+dfsg/lib/drvimd.c:83:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc(fp);
data/libdsk-1.5.9+dfsg/lib/drvimd.c:127:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fwrite(buf, 1, strlen(buf), fp) < strlen(buf))
data/libdsk-1.5.9+dfsg/lib/drvimd.c:127:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fwrite(buf, 1, strlen(buf), fp) < strlen(buf))
data/libdsk-1.5.9+dfsg/lib/drvimd.c:134:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fwrite(ucomment, 1, strlen(ucomment), fp) < strlen(ucomment))
data/libdsk-1.5.9+dfsg/lib/drvimd.c:134:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fwrite(ucomment, 1, strlen(ucomment), fp) < strlen(ucomment))
data/libdsk-1.5.9+dfsg/lib/drvimd.c:173:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
psh = fgetc(fp);
data/libdsk-1.5.9+dfsg/lib/drvimd.c:225:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp);
data/libdsk-1.5.9+dfsg/lib/drvimd.c:238:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp);
data/libdsk-1.5.9+dfsg/lib/drvimd.c:253:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp);
data/libdsk-1.5.9+dfsg/lib/drvimd.c:269:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
l = fgetc(fp);
data/libdsk-1.5.9+dfsg/lib/drvimd.c:270:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
h = fgetc(fp);
data/libdsk-1.5.9+dfsg/lib/drvimd.c:291:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp);
data/libdsk-1.5.9+dfsg/lib/drvimd.c:329:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp);
data/libdsk-1.5.9+dfsg/lib/drvint25.c:104:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) != 2 || filename[1] != ':') return DSK_ERR_NOTME;
data/libdsk-1.5.9+dfsg/lib/drvntwdm.c:140:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) == 2 && filename[1] == ':')
data/libdsk-1.5.9+dfsg/lib/drvntwdm.c:149:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) < 10) return DSK_ERR_NOTME;
data/libdsk-1.5.9+dfsg/lib/drvqm.c:269:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nextc = fgetc(rs->fp);
data/libdsk-1.5.9+dfsg/lib/drvqm.c:277:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nextc = fgetc(rs->fp);
data/libdsk-1.5.9+dfsg/lib/drvqm.c:1095:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qm_self->qm_h_comment_len = strlen(ccmt);
data/libdsk-1.5.9+dfsg/lib/drvqm.c:1132:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(1 != fwrite(ccmt, strlen(ccmt), 1, fp))
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:77:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp); /* Length of literal data */
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:119:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp); /* Length of literal data */
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:129:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
d = fgetc(fp); /* Byte to repeat */
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:236:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp437_to_utf8((char *)(header + 0x4B), comment + strlen(comment), -1);
data/libdsk-1.5.9+dfsg/lib/drvqrst.c:284:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:227:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, self->rc_dir, PATH_MAX - 1);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:229:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
target = buf + strlen(buf);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:232:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(target, filename, 18);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:317:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(map_entry, newname, NAMEMAP_ENTRYSIZE-1);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:335:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dest += strlen(dest);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:664:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > 8) return 0;
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:678:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dot) > 4) return 0; /* 3 chars right of dot */
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:832:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(map_entry, realname, NAMEMAP_ENTRYSIZE-1);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1243:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dirname, passed, PATH_MAX - 1);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1256:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dirname[strlen(dirname)-1] == SEPARATOR)
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1258:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirname[strlen(dirname)-1] = 0;
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1320:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dirname, passed, PATH_MAX - 1);
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1334:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dirname[strlen(dirname)-1] == SEPARATOR)
data/libdsk-1.5.9+dfsg/lib/drvrcpm.c:1336:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirname[strlen(dirname)-1] = 0;
data/libdsk-1.5.9+dfsg/lib/drvwin16.c:222:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) != 2 || filename[1] != ':') return DSK_ERR_NOTME;
data/libdsk-1.5.9+dfsg/lib/drvwin32.c:305:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) != 2 || filename[1] != ':') return DSK_ERR_NOTME;
data/libdsk-1.5.9+dfsg/lib/drvwin32.c:1039:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buflen = 1 + strlen(w32self->w32_slotname);
data/libdsk-1.5.9+dfsg/lib/dskcmt.c:27:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = dsk_malloc(1 + strlen(s));
data/libdsk-1.5.9+dfsg/lib/dskiconv.c:223:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen((char *)cp437[sc - 0x7f]);
data/libdsk-1.5.9+dfsg/lib/dskopen.c:50:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dn += 1 + strlen(dn);
data/libdsk-1.5.9+dfsg/lib/dskpars.c:63:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
opt = dsk_malloc(sizeof(DSK_OPTION) + strlen(name));
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:98:22: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if (cwd == NULL) strcpy(result, ".");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:137:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf)-1] != '/') strcat(buf, "/");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:137:36: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (buf[strlen(buf)-1] != '/') strcat(buf, "/");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:159:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf)-1] != '/') strcat(buf, "/");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:159:40: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (buf[strlen(buf)-1] != '/') strcat(buf, "/");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:170:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( buf[strlen(buf)-1] != '/') strcat(buf, "/");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:170:49: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if ( buf[strlen(buf)-1] != '/') strcat(buf, "/");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:189:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s && buf[strlen(buf)-1] != '/') strcat(buf, "/");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:189:41: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (s && buf[strlen(buf)-1] != '/') strcat(buf, "/");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:221:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (t = buf + strlen(buf); t >= buf; t--)
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:250:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s && buf[strlen(buf)-1] != '/') strcat(buf, "/");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:250:41: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (s && buf[strlen(buf)-1] != '/') strcat(buf, "/");
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:455:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(formdesc) + strlen(formname));
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:455:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(formdesc) + strlen(formname));
data/libdsk-1.5.9+dfsg/lib/dsksgeom.c:460:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pg->desc = ((char *)pg) + sizeof(ng) + 1 + strlen(formname);
data/libdsk-1.5.9+dfsg/lib/ldbs.c:320:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *s = self->filename + strlen(self->filename) - 6;
data/libdsk-1.5.9+dfsg/lib/ldbs.c:588:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp.filename = ldbs_malloc(1 + strlen(filename));
data/libdsk-1.5.9+dfsg/lib/ldbs.c:687:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp.filename = ldbs_malloc(1 + strlen(filename));
data/libdsk-1.5.9+dfsg/lib/ldbs.c:2252:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(creator));
data/libdsk-1.5.9+dfsg/lib/ldbs.c:2268:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(comment));
data/libdsk-1.5.9+dfsg/lib/remote.c:95:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*fileout = dsk_malloc(1 + strlen(filename));
data/libdsk-1.5.9+dfsg/lib/remote.c:100:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(classes[n]->rc_name);
data/libdsk-1.5.9+dfsg/lib/rpcfork.c:71:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else strcpy(nameout, "");
data/libdsk-1.5.9+dfsg/lib/rpcfork.c:104:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(pipes[2], fork_err, 2) < 2) return DSK_ERR_SYSERR;
data/libdsk-1.5.9+dfsg/lib/rpcfork.c:146:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(self->infd, wvar, 2) < 2) return DSK_ERR_SYSERR;
data/libdsk-1.5.9+dfsg/lib/rpcfork.c:151:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(self->infd, tmpbuf, wire_len) < 2) return DSK_ERR_SYSERR;
data/libdsk-1.5.9+dfsg/lib/rpcfossl.c:211:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!opte) opte = sep + strlen(sep);
data/libdsk-1.5.9+dfsg/lib/rpcfossl.c:244:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else strcpy(nameout, "");
data/libdsk-1.5.9+dfsg/lib/rpcpack.c:193:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else return dsk_pack_bytes(output, out_len, (const unsigned char *)str, 1 + strlen(str));
data/libdsk-1.5.9+dfsg/lib/rpctios.c:115:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!opte) opte = sep + strlen(sep);
data/libdsk-1.5.9+dfsg/lib/rpctios.c:130:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else strcpy(nameout, "");
data/libdsk-1.5.9+dfsg/lib/rpctios.c:195:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(read(self->infd, &var, 1) > 0);
data/libdsk-1.5.9+dfsg/lib/rpctios.c:335:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
err = read(self->infd, c, count);
data/libdsk-1.5.9+dfsg/lib/rpcwin32.c:101:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!opte) opte = sep + strlen(sep);
data/libdsk-1.5.9+dfsg/lib/rpcwin32.c:126:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else strcpy(nameout, "");
data/libdsk-1.5.9+dfsg/rpcserv/ldserver.c:233:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
default: wsprintf(sErr + strlen(sErr), "Unknown error 0x%04x", err);
data/libdsk-1.5.9+dfsg/rpcserv/ldserver.c:410:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TextOut(hdc, rc.left, rc.top, str, strlen(str));
data/libdsk-1.5.9+dfsg/tools/dskutil.c:456:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infile = dsk_malloc(1 + strlen(argv[1]));
data/libdsk-1.5.9+dfsg/tools/dskutil.c:461:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(long)(1 + strlen(argv[1])));
data/libdsk-1.5.9+dfsg/tools/dskutil.c:754:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = dsk_malloc(1 + strlen(cmd));
data/libdsk-1.5.9+dfsg/tools/dskutil.c:780:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infile = dsk_malloc(strlen(name) + 1);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:795:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infile = dsk_malloc(strlen(name) + 1);
data/libdsk-1.5.9+dfsg/tools/dskutil.c:1096:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*buf = (unsigned char *)dsk_malloc(strlen(arg));
data/libdsk-1.5.9+dfsg/tools/dskutil.c:1125:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*buf = (unsigned char *)dsk_malloc(strlen(arg));
data/libdsk-1.5.9+dfsg/tools/dskutil.c:1207:6: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getchar();
data/libdsk-1.5.9+dfsg/tools/forkslave.c:50:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(0, data, count) < count)
data/libdsk-1.5.9+dfsg/tools/serslave.c:106:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = dsk_malloc(strlen(name) + 1);
data/libdsk-1.5.9+dfsg/tools/serslave.c:144:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!opte) opte = sep + strlen(sep);
data/libdsk-1.5.9+dfsg/tools/serslave.c:247:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
err = read(infd, c, count);
data/libdsk-1.5.9+dfsg/tools/serslave.c:298:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = dsk_malloc(strlen(name) + 1);
data/libdsk-1.5.9+dfsg/tools/serslave.c:329:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!opte) opte = sep + strlen(sep);
data/libdsk-1.5.9+dfsg/tools/serslave.c:529:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = dsk_malloc(strlen(name) + 1);
data/libdsk-1.5.9+dfsg/tools/serslave.c:563:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!opte) opte = sep + strlen(sep);
data/libdsk-1.5.9+dfsg/tools/utilopts.c:157:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(st_cmt) + strlen(s) > st_cmt_size)
data/libdsk-1.5.9+dfsg/tools/utilopts.c:157:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(st_cmt) + strlen(s) > st_cmt_size)
ANALYSIS SUMMARY:
Hits = 947
Lines analyzed = 48581 in approximately 1.38 seconds (35315 lines/second)
Physical Source Lines of Code (SLOC) = 33433
Hits@level = [0] 598 [1] 138 [2] 716 [3] 17 [4] 75 [5] 1
Hits@level+ = [0+] 1545 [1+] 947 [2+] 809 [3+] 93 [4+] 76 [5+] 1
Hits/KSLOC@level+ = [0+] 46.2118 [1+] 28.3253 [2+] 24.1976 [3+] 2.78168 [4+] 2.2732 [5+] 0.0299106
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.