Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/lvm2-2.03.10/base/data-struct/hash.c
Examining data/lvm2-2.03.10/base/data-struct/hash.h
Examining data/lvm2-2.03.10/base/data-struct/list.c
Examining data/lvm2-2.03.10/base/data-struct/list.h
Examining data/lvm2-2.03.10/base/data-struct/radix-tree-adaptive.c
Examining data/lvm2-2.03.10/base/data-struct/radix-tree-simple.c
Examining data/lvm2-2.03.10/base/data-struct/radix-tree.c
Examining data/lvm2-2.03.10/base/data-struct/radix-tree.h
Examining data/lvm2-2.03.10/base/memory/container_of.h
Examining data/lvm2-2.03.10/base/memory/zalloc.h
Examining data/lvm2-2.03.10/coverity/coverity_model.c
Examining data/lvm2-2.03.10/daemons/cmirrord/clogd.c
Examining data/lvm2-2.03.10/daemons/cmirrord/cluster.c
Examining data/lvm2-2.03.10/daemons/cmirrord/cluster.h
Examining data/lvm2-2.03.10/daemons/cmirrord/common.h
Examining data/lvm2-2.03.10/daemons/cmirrord/compat.c
Examining data/lvm2-2.03.10/daemons/cmirrord/compat.h
Examining data/lvm2-2.03.10/daemons/cmirrord/functions.c
Examining data/lvm2-2.03.10/daemons/cmirrord/functions.h
Examining data/lvm2-2.03.10/daemons/cmirrord/link_mon.c
Examining data/lvm2-2.03.10/daemons/cmirrord/link_mon.h
Examining data/lvm2-2.03.10/daemons/cmirrord/local.c
Examining data/lvm2-2.03.10/daemons/cmirrord/local.h
Examining data/lvm2-2.03.10/daemons/cmirrord/logging.c
Examining data/lvm2-2.03.10/daemons/cmirrord/logging.h
Examining data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.h
Examining data/lvm2-2.03.10/daemons/dmeventd/plugins/lvm2/dmeventd_lvm.c
Examining data/lvm2-2.03.10/daemons/dmeventd/plugins/lvm2/dmeventd_lvm.h
Examining data/lvm2-2.03.10/daemons/dmeventd/plugins/mirror/dmeventd_mirror.c
Examining data/lvm2-2.03.10/daemons/dmeventd/plugins/raid/dmeventd_raid.c
Examining data/lvm2-2.03.10/daemons/dmeventd/plugins/snapshot/dmeventd_snapshot.c
Examining data/lvm2-2.03.10/daemons/dmeventd/plugins/thin/dmeventd_thin.c
Examining data/lvm2-2.03.10/daemons/dmeventd/plugins/vdo/dmeventd_vdo.c
Examining data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c
Examining data/lvm2-2.03.10/daemons/dmeventd/dmeventd.h
Examining data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c
Examining data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c
Examining data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-client.h
Examining data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c
Examining data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c
Examining data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h
Examining data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c
Examining data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-cmd-utils.c
Examining data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-cmd-utils.h
Examining data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-common.h
Examining data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-core.c
Examining data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-data-utils.c
Examining data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-data-utils.h
Examining data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-protocol.h
Examining data/lvm2-2.03.10/daemons/lvmpolld/polling_ops.h
Examining data/lvm2-2.03.10/device_mapper/all.h
Examining data/lvm2-2.03.10/device_mapper/datastruct/bitset.c
Examining data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c
Examining data/lvm2-2.03.10/device_mapper/ioctl/libdm-targets.h
Examining data/lvm2-2.03.10/device_mapper/libdm-common.c
Examining data/lvm2-2.03.10/device_mapper/libdm-common.h
Examining data/lvm2-2.03.10/device_mapper/libdm-config.c
Examining data/lvm2-2.03.10/device_mapper/libdm-deptree.c
Examining data/lvm2-2.03.10/device_mapper/libdm-file.c
Examining data/lvm2-2.03.10/device_mapper/libdm-report.c
Examining data/lvm2-2.03.10/device_mapper/libdm-string.c
Examining data/lvm2-2.03.10/device_mapper/libdm-targets.c
Examining data/lvm2-2.03.10/device_mapper/libdm-timestamp.c
Examining data/lvm2-2.03.10/device_mapper/misc/dm-ioctl.h
Examining data/lvm2-2.03.10/device_mapper/misc/dm-log-userspace.h
Examining data/lvm2-2.03.10/device_mapper/misc/dm-logging.h
Examining data/lvm2-2.03.10/device_mapper/misc/dmlib.h
Examining data/lvm2-2.03.10/device_mapper/misc/kdev_t.h
Examining data/lvm2-2.03.10/device_mapper/mm/pool-debug.c
Examining data/lvm2-2.03.10/device_mapper/mm/pool-fast.c
Examining data/lvm2-2.03.10/device_mapper/mm/pool.c
Examining data/lvm2-2.03.10/device_mapper/regex/matcher.c
Examining data/lvm2-2.03.10/device_mapper/regex/parse_rx.c
Examining data/lvm2-2.03.10/device_mapper/regex/parse_rx.h
Examining data/lvm2-2.03.10/device_mapper/regex/ttree.c
Examining data/lvm2-2.03.10/device_mapper/regex/ttree.h
Examining data/lvm2-2.03.10/device_mapper/vdo/status.c
Examining data/lvm2-2.03.10/device_mapper/vdo/target.h
Examining data/lvm2-2.03.10/device_mapper/vdo/vdo_limits.h
Examining data/lvm2-2.03.10/device_mapper/vdo/vdo_target.c
Examining data/lvm2-2.03.10/doc/example_cmdlib.c
Examining data/lvm2-2.03.10/lib/activate/activate.c
Examining data/lvm2-2.03.10/lib/activate/activate.h
Examining data/lvm2-2.03.10/lib/activate/dev_manager.c
Examining data/lvm2-2.03.10/lib/activate/dev_manager.h
Examining data/lvm2-2.03.10/lib/activate/fs.c
Examining data/lvm2-2.03.10/lib/activate/fs.h
Examining data/lvm2-2.03.10/lib/activate/targets.h
Examining data/lvm2-2.03.10/lib/cache/lvmcache.c
Examining data/lvm2-2.03.10/lib/cache/lvmcache.h
Examining data/lvm2-2.03.10/lib/cache_segtype/cache.c
Examining data/lvm2-2.03.10/lib/commands/toolcontext.c
Examining data/lvm2-2.03.10/lib/commands/toolcontext.h
Examining data/lvm2-2.03.10/lib/config/config.c
Examining data/lvm2-2.03.10/lib/config/config.h
Examining data/lvm2-2.03.10/lib/config/config_settings.h
Examining data/lvm2-2.03.10/lib/config/defaults.h
Examining data/lvm2-2.03.10/lib/datastruct/btree.c
Examining data/lvm2-2.03.10/lib/datastruct/btree.h
Examining data/lvm2-2.03.10/lib/datastruct/str_list.c
Examining data/lvm2-2.03.10/lib/datastruct/str_list.h
Examining data/lvm2-2.03.10/lib/device/bcache-utils.c
Examining data/lvm2-2.03.10/lib/device/bcache.c
Examining data/lvm2-2.03.10/lib/device/bcache.h
Examining data/lvm2-2.03.10/lib/device/dev-cache.c
Examining data/lvm2-2.03.10/lib/device/dev-cache.h
Examining data/lvm2-2.03.10/lib/device/dev-dasd.c
Examining data/lvm2-2.03.10/lib/device/dev-ext-udev-constants.h
Examining data/lvm2-2.03.10/lib/device/dev-ext.c
Examining data/lvm2-2.03.10/lib/device/dev-io.c
Examining data/lvm2-2.03.10/lib/device/dev-luks.c
Examining data/lvm2-2.03.10/lib/device/dev-lvm1-pool.c
Examining data/lvm2-2.03.10/lib/device/dev-md.c
Examining data/lvm2-2.03.10/lib/device/dev-swap.c
Examining data/lvm2-2.03.10/lib/device/dev-type.c
Examining data/lvm2-2.03.10/lib/device/dev-type.h
Examining data/lvm2-2.03.10/lib/device/device-types.h
Examining data/lvm2-2.03.10/lib/device/device.h
Examining data/lvm2-2.03.10/lib/display/display.c
Examining data/lvm2-2.03.10/lib/display/display.h
Examining data/lvm2-2.03.10/lib/error/errseg.c
Examining data/lvm2-2.03.10/lib/filters/filter-composite.c
Examining data/lvm2-2.03.10/lib/filters/filter-fwraid.c
Examining data/lvm2-2.03.10/lib/filters/filter-internal.c
Examining data/lvm2-2.03.10/lib/filters/filter-md.c
Examining data/lvm2-2.03.10/lib/filters/filter-mpath.c
Examining data/lvm2-2.03.10/lib/filters/filter-partitioned.c
Examining data/lvm2-2.03.10/lib/filters/filter-persistent.c
Examining data/lvm2-2.03.10/lib/filters/filter-regex.c
Examining data/lvm2-2.03.10/lib/filters/filter-signature.c
Examining data/lvm2-2.03.10/lib/filters/filter-sysfs.c
Examining data/lvm2-2.03.10/lib/filters/filter-type.c
Examining data/lvm2-2.03.10/lib/filters/filter-usable.c
Examining data/lvm2-2.03.10/lib/filters/filter.h
Examining data/lvm2-2.03.10/lib/format_text/archive.c
Examining data/lvm2-2.03.10/lib/format_text/archiver.c
Examining data/lvm2-2.03.10/lib/format_text/archiver.h
Examining data/lvm2-2.03.10/lib/format_text/export.c
Examining data/lvm2-2.03.10/lib/format_text/flags.c
Examining data/lvm2-2.03.10/lib/format_text/format-text.c
Examining data/lvm2-2.03.10/lib/format_text/format-text.h
Examining data/lvm2-2.03.10/lib/format_text/import-export.h
Examining data/lvm2-2.03.10/lib/format_text/import.c
Examining data/lvm2-2.03.10/lib/format_text/import_vsn1.c
Examining data/lvm2-2.03.10/lib/format_text/layout.h
Examining data/lvm2-2.03.10/lib/format_text/text_export.h
Examining data/lvm2-2.03.10/lib/format_text/text_import.h
Examining data/lvm2-2.03.10/lib/format_text/text_label.c
Examining data/lvm2-2.03.10/lib/freeseg/freeseg.c
Examining data/lvm2-2.03.10/lib/integrity/integrity.c
Examining data/lvm2-2.03.10/lib/label/hints.c
Examining data/lvm2-2.03.10/lib/label/hints.h
Examining data/lvm2-2.03.10/lib/label/label.c
Examining data/lvm2-2.03.10/lib/label/label.h
Examining data/lvm2-2.03.10/lib/locking/file_locking.c
Examining data/lvm2-2.03.10/lib/locking/locking.c
Examining data/lvm2-2.03.10/lib/locking/locking.h
Examining data/lvm2-2.03.10/lib/locking/locking_types.h
Examining data/lvm2-2.03.10/lib/locking/lvmlockd.c
Examining data/lvm2-2.03.10/lib/locking/lvmlockd.h
Examining data/lvm2-2.03.10/lib/log/log.c
Examining data/lvm2-2.03.10/lib/log/log.h
Examining data/lvm2-2.03.10/lib/log/lvm-logging.h
Examining data/lvm2-2.03.10/lib/lvmpolld/lvmpolld-client.c
Examining data/lvm2-2.03.10/lib/lvmpolld/lvmpolld-client.h
Examining data/lvm2-2.03.10/lib/lvmpolld/polldaemon.h
Examining data/lvm2-2.03.10/lib/metadata/cache_manip.c
Examining data/lvm2-2.03.10/lib/metadata/integrity_manip.c
Examining data/lvm2-2.03.10/lib/metadata/lv.c
Examining data/lvm2-2.03.10/lib/metadata/lv.h
Examining data/lvm2-2.03.10/lib/metadata/lv_alloc.h
Examining data/lvm2-2.03.10/lib/metadata/lv_manip.c
Examining data/lvm2-2.03.10/lib/metadata/merge.c
Examining data/lvm2-2.03.10/lib/metadata/metadata-exported.h
Examining data/lvm2-2.03.10/lib/metadata/metadata.c
Examining data/lvm2-2.03.10/lib/metadata/metadata.h
Examining data/lvm2-2.03.10/lib/metadata/mirror.c
Examining data/lvm2-2.03.10/lib/metadata/pool_manip.c
Examining data/lvm2-2.03.10/lib/metadata/pv.c
Examining data/lvm2-2.03.10/lib/metadata/pv.h
Examining data/lvm2-2.03.10/lib/metadata/pv_alloc.h
Examining data/lvm2-2.03.10/lib/metadata/pv_list.c
Examining data/lvm2-2.03.10/lib/metadata/pv_manip.c
Examining data/lvm2-2.03.10/lib/metadata/pv_map.c
Examining data/lvm2-2.03.10/lib/metadata/pv_map.h
Examining data/lvm2-2.03.10/lib/metadata/raid_manip.c
Examining data/lvm2-2.03.10/lib/metadata/segtype.c
Examining data/lvm2-2.03.10/lib/metadata/segtype.h
Examining data/lvm2-2.03.10/lib/metadata/snapshot_manip.c
Examining data/lvm2-2.03.10/lib/metadata/takeover_matrix.h
Examining data/lvm2-2.03.10/lib/metadata/thin_manip.c
Examining data/lvm2-2.03.10/lib/metadata/vdo_manip.c
Examining data/lvm2-2.03.10/lib/metadata/vg.c
Examining data/lvm2-2.03.10/lib/metadata/vg.h
Examining data/lvm2-2.03.10/lib/metadata/writecache_manip.c
Examining data/lvm2-2.03.10/lib/mirror/mirrored.c
Examining data/lvm2-2.03.10/lib/misc/crc.c
Examining data/lvm2-2.03.10/lib/misc/crc.h
Examining data/lvm2-2.03.10/lib/misc/crc_gen.c
Examining data/lvm2-2.03.10/lib/misc/intl.h
Examining data/lvm2-2.03.10/lib/misc/last-path-component.h
Examining data/lvm2-2.03.10/lib/misc/lib.h
Examining data/lvm2-2.03.10/lib/misc/lvm-exec.c
Examining data/lvm2-2.03.10/lib/misc/lvm-exec.h
Examining data/lvm2-2.03.10/lib/misc/lvm-file.c
Examining data/lvm2-2.03.10/lib/misc/lvm-file.h
Examining data/lvm2-2.03.10/lib/misc/lvm-flock.c
Examining data/lvm2-2.03.10/lib/misc/lvm-flock.h
Examining data/lvm2-2.03.10/lib/misc/lvm-globals.c
Examining data/lvm2-2.03.10/lib/misc/lvm-globals.h
Examining data/lvm2-2.03.10/lib/misc/lvm-maths.c
Examining data/lvm2-2.03.10/lib/misc/lvm-maths.h
Examining data/lvm2-2.03.10/lib/misc/lvm-percent.c
Examining data/lvm2-2.03.10/lib/misc/lvm-percent.h
Examining data/lvm2-2.03.10/lib/misc/lvm-signal.c
Examining data/lvm2-2.03.10/lib/misc/lvm-signal.h
Examining data/lvm2-2.03.10/lib/misc/lvm-string.c
Examining data/lvm2-2.03.10/lib/misc/lvm-string.h
Examining data/lvm2-2.03.10/lib/misc/lvm-wrappers.c
Examining data/lvm2-2.03.10/lib/misc/lvm-wrappers.h
Examining data/lvm2-2.03.10/lib/misc/sharedlib.c
Examining data/lvm2-2.03.10/lib/misc/sharedlib.h
Examining data/lvm2-2.03.10/lib/misc/util.h
Examining data/lvm2-2.03.10/lib/mm/memlock.c
Examining data/lvm2-2.03.10/lib/mm/memlock.h
Examining data/lvm2-2.03.10/lib/mm/xlate.h
Examining data/lvm2-2.03.10/lib/notify/lvmnotify.c
Examining data/lvm2-2.03.10/lib/notify/lvmnotify.h
Examining data/lvm2-2.03.10/lib/properties/prop_common.c
Examining data/lvm2-2.03.10/lib/properties/prop_common.h
Examining data/lvm2-2.03.10/lib/raid/raid.c
Examining data/lvm2-2.03.10/lib/report/columns-cmdlog.h
Examining data/lvm2-2.03.10/lib/report/columns-devtypes.h
Examining data/lvm2-2.03.10/lib/report/columns.h
Examining data/lvm2-2.03.10/lib/report/properties.c
Examining data/lvm2-2.03.10/lib/report/properties.h
Examining data/lvm2-2.03.10/lib/report/report.c
Examining data/lvm2-2.03.10/lib/report/report.h
Examining data/lvm2-2.03.10/lib/report/values.h
Examining data/lvm2-2.03.10/lib/snapshot/snapshot.c
Examining data/lvm2-2.03.10/lib/striped/striped.c
Examining data/lvm2-2.03.10/lib/thin/thin.c
Examining data/lvm2-2.03.10/lib/unknown/unknown.c
Examining data/lvm2-2.03.10/lib/uuid/uuid.c
Examining data/lvm2-2.03.10/lib/uuid/uuid.h
Examining data/lvm2-2.03.10/lib/vdo/vdo.c
Examining data/lvm2-2.03.10/lib/writecache/writecache.c
Examining data/lvm2-2.03.10/lib/zero/zero.c
Examining data/lvm2-2.03.10/libdaemon/client/config-util.c
Examining data/lvm2-2.03.10/libdaemon/client/config-util.h
Examining data/lvm2-2.03.10/libdaemon/client/daemon-client.c
Examining data/lvm2-2.03.10/libdaemon/client/daemon-client.h
Examining data/lvm2-2.03.10/libdaemon/client/daemon-io.c
Examining data/lvm2-2.03.10/libdaemon/client/daemon-io.h
Examining data/lvm2-2.03.10/libdaemon/server/daemon-log.c
Examining data/lvm2-2.03.10/libdaemon/server/daemon-log.h
Examining data/lvm2-2.03.10/libdaemon/server/daemon-server.c
Examining data/lvm2-2.03.10/libdaemon/server/daemon-server.h
Examining data/lvm2-2.03.10/libdm/datastruct/bitset.c
Examining data/lvm2-2.03.10/libdm/datastruct/hash.c
Examining data/lvm2-2.03.10/libdm/datastruct/list.c
Examining data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c
Examining data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c
Examining data/lvm2-2.03.10/libdm/dm-tools/util.h
Examining data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c
Examining data/lvm2-2.03.10/libdm/ioctl/libdm-targets.h
Examining data/lvm2-2.03.10/libdm/libdevmapper.h
Examining data/lvm2-2.03.10/libdm/libdm-common.c
Examining data/lvm2-2.03.10/libdm/libdm-common.h
Examining data/lvm2-2.03.10/libdm/libdm-config.c
Examining data/lvm2-2.03.10/libdm/libdm-deptree.c
Examining data/lvm2-2.03.10/libdm/libdm-file.c
Examining data/lvm2-2.03.10/libdm/libdm-report.c
Examining data/lvm2-2.03.10/libdm/libdm-stats.c
Examining data/lvm2-2.03.10/libdm/libdm-string.c
Examining data/lvm2-2.03.10/libdm/libdm-targets.c
Examining data/lvm2-2.03.10/libdm/libdm-timestamp.c
Examining data/lvm2-2.03.10/libdm/misc/dm-ioctl.h
Examining data/lvm2-2.03.10/libdm/misc/dm-log-userspace.h
Examining data/lvm2-2.03.10/libdm/misc/dm-logging.h
Examining data/lvm2-2.03.10/libdm/misc/dmlib.h
Examining data/lvm2-2.03.10/libdm/misc/kdev_t.h
Examining data/lvm2-2.03.10/libdm/mm/dbg_malloc.c
Examining data/lvm2-2.03.10/libdm/mm/pool-debug.c
Examining data/lvm2-2.03.10/libdm/mm/pool-fast.c
Examining data/lvm2-2.03.10/libdm/mm/pool.c
Examining data/lvm2-2.03.10/libdm/regex/matcher.c
Examining data/lvm2-2.03.10/libdm/regex/parse_rx.c
Examining data/lvm2-2.03.10/libdm/regex/parse_rx.h
Examining data/lvm2-2.03.10/libdm/regex/ttree.c
Examining data/lvm2-2.03.10/libdm/regex/ttree.h
Examining data/lvm2-2.03.10/po/pogen.h
Examining data/lvm2-2.03.10/scripts/generator-internals.c
Examining data/lvm2-2.03.10/scripts/lvm2_activation_generator_systemd_red_hat.c
Examining data/lvm2-2.03.10/test/lib/brick-shelltest.h
Examining data/lvm2-2.03.10/test/lib/dmsecuretest.c
Examining data/lvm2-2.03.10/test/lib/harness.c
Examining data/lvm2-2.03.10/test/lib/not.c
Examining data/lvm2-2.03.10/test/lib/runner.cpp
Examining data/lvm2-2.03.10/test/unit/activation-generator_t.c
Examining data/lvm2-2.03.10/test/unit/bcache_t.c
Examining data/lvm2-2.03.10/test/unit/bcache_utils_t.c
Examining data/lvm2-2.03.10/test/unit/bitset_t.c
Examining data/lvm2-2.03.10/test/unit/config_t.c
Examining data/lvm2-2.03.10/test/unit/dmlist_t.c
Examining data/lvm2-2.03.10/test/unit/dmstatus_t.c
Examining data/lvm2-2.03.10/test/unit/framework.c
Examining data/lvm2-2.03.10/test/unit/framework.h
Examining data/lvm2-2.03.10/test/unit/io_engine_t.c
Examining data/lvm2-2.03.10/test/unit/matcher_data.h
Examining data/lvm2-2.03.10/test/unit/matcher_t.c
Examining data/lvm2-2.03.10/test/unit/percent_t.c
Examining data/lvm2-2.03.10/test/unit/radix_tree_t.c
Examining data/lvm2-2.03.10/test/unit/rt_case1.c
Examining data/lvm2-2.03.10/test/unit/run.c
Examining data/lvm2-2.03.10/test/unit/string_t.c
Examining data/lvm2-2.03.10/test/unit/units.h
Examining data/lvm2-2.03.10/test/unit/vdo_t.c
Examining data/lvm2-2.03.10/tools/args.h
Examining data/lvm2-2.03.10/tools/cmdnames.h
Examining data/lvm2-2.03.10/tools/command.c
Examining data/lvm2-2.03.10/tools/command.h
Examining data/lvm2-2.03.10/tools/commands.h
Examining data/lvm2-2.03.10/tools/dumpconfig.c
Examining data/lvm2-2.03.10/tools/errors.h
Examining data/lvm2-2.03.10/tools/formats.c
Examining data/lvm2-2.03.10/tools/lv_props.h
Examining data/lvm2-2.03.10/tools/lv_types.h
Examining data/lvm2-2.03.10/tools/lvchange.c
Examining data/lvm2-2.03.10/tools/lvconvert.c
Examining data/lvm2-2.03.10/tools/lvconvert_poll.c
Examining data/lvm2-2.03.10/tools/lvconvert_poll.h
Examining data/lvm2-2.03.10/tools/lvcreate.c
Examining data/lvm2-2.03.10/tools/lvdisplay.c
Examining data/lvm2-2.03.10/tools/lvextend.c
Examining data/lvm2-2.03.10/tools/lvm-static.c
Examining data/lvm2-2.03.10/tools/lvm2cmd-static.c
Examining data/lvm2-2.03.10/tools/lvm2cmd.c
Examining data/lvm2-2.03.10/tools/lvm2cmd.h
Examining data/lvm2-2.03.10/tools/lvm2cmdline.h
Examining data/lvm2-2.03.10/tools/lvmcmdlib.c
Examining data/lvm2-2.03.10/tools/lvmcmdline.c
Examining data/lvm2-2.03.10/tools/lvmdiskscan.c
Examining data/lvm2-2.03.10/tools/lvpoll.c
Examining data/lvm2-2.03.10/tools/lvreduce.c
Examining data/lvm2-2.03.10/tools/lvremove.c
Examining data/lvm2-2.03.10/tools/lvrename.c
Examining data/lvm2-2.03.10/tools/lvresize.c
Examining data/lvm2-2.03.10/tools/lvscan.c
Examining data/lvm2-2.03.10/tools/polldaemon.c
Examining data/lvm2-2.03.10/tools/pvchange.c
Examining data/lvm2-2.03.10/tools/pvck.c
Examining data/lvm2-2.03.10/tools/pvcreate.c
Examining data/lvm2-2.03.10/tools/pvdisplay.c
Examining data/lvm2-2.03.10/tools/pvmove.c
Examining data/lvm2-2.03.10/tools/pvmove_poll.c
Examining data/lvm2-2.03.10/tools/pvmove_poll.h
Examining data/lvm2-2.03.10/tools/pvremove.c
Examining data/lvm2-2.03.10/tools/pvresize.c
Examining data/lvm2-2.03.10/tools/pvscan.c
Examining data/lvm2-2.03.10/tools/reporter.c
Examining data/lvm2-2.03.10/tools/segtypes.c
Examining data/lvm2-2.03.10/tools/stub.h
Examining data/lvm2-2.03.10/tools/tags.c
Examining data/lvm2-2.03.10/tools/tool.h
Examining data/lvm2-2.03.10/tools/toollib.c
Examining data/lvm2-2.03.10/tools/toollib.h
Examining data/lvm2-2.03.10/tools/tools.h
Examining data/lvm2-2.03.10/tools/vals.h
Examining data/lvm2-2.03.10/tools/vgcfgbackup.c
Examining data/lvm2-2.03.10/tools/vgcfgrestore.c
Examining data/lvm2-2.03.10/tools/vgchange.c
Examining data/lvm2-2.03.10/tools/vgck.c
Examining data/lvm2-2.03.10/tools/vgcreate.c
Examining data/lvm2-2.03.10/tools/vgdisplay.c
Examining data/lvm2-2.03.10/tools/vgexport.c
Examining data/lvm2-2.03.10/tools/vgextend.c
Examining data/lvm2-2.03.10/tools/vgimport.c
Examining data/lvm2-2.03.10/tools/vgimportclone.c
Examining data/lvm2-2.03.10/tools/vgmerge.c
Examining data/lvm2-2.03.10/tools/vgmknodes.c
Examining data/lvm2-2.03.10/tools/vgreduce.c
Examining data/lvm2-2.03.10/tools/vgremove.c
Examining data/lvm2-2.03.10/tools/vgrename.c
Examining data/lvm2-2.03.10/tools/vgscan.c
Examining data/lvm2-2.03.10/tools/vgsplit.c
Examining data/lvm2-2.03.10/tools/lvm.c
FINAL RESULTS:
data/lvm2-2.03.10/device_mapper/libdm-common.c:1084:6: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(path, uid, gid) < 0) {
data/lvm2-2.03.10/device_mapper/libdm-common.c:2010:14: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if ((size = readlink(sysfs_path, temp_buf, PATH_MAX - 1)) < 0) {
data/lvm2-2.03.10/lib/device/dev-type.c:608:14: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if ((size = readlink(dirname(path), temp_path, sizeof(temp_path) - 1)) < 0) {
data/lvm2-2.03.10/lib/filters/filter-mpath.c:69:14: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if ((size = readlink(path, buf, buf_size - 1)) < 0) {
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:599:13: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if ((len = readlink(path_buf, link_buf, sizeof(link_buf) - 1)) < 0) {
data/lvm2-2.03.10/libdm/libdm-common.c:1082:6: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(path, uid, gid) < 0) {
data/lvm2-2.03.10/libdm/libdm-common.c:2009:14: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if ((size = readlink(sysfs_path, temp_buf, PATH_MAX - 1)) < 0) {
data/lvm2-2.03.10/test/unit/activation-generator_t.c:189:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(path, 0770);
data/lvm2-2.03.10/tools/lvmcmdline.c:3336:14: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if ((size = readlink(buf, filename, sizeof(filename) - 1)) == -1)
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:115:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cc->debugging[cc->idx], DEBUGGING_BUFLEN, f, ## arg); \
data/lvm2-2.03.10/daemons/cmirrord/functions.c:43:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(lc->resync_history[lc->idx], RESYNC_BUFLEN, f, ## arg); \
data/lvm2-2.03.10/daemons/cmirrord/functions.c:309:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path_rtn, "%s", major_minor_str);
data/lvm2-2.03.10/daemons/cmirrord/functions.c:332:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path_rtn, "/dev/mapper/%s", dep->d_name);
data/lvm2-2.03.10/daemons/cmirrord/functions.c:616:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
rq->data_size = sprintf(rq->data, "%s", argv[1]) + 1;
data/lvm2-2.03.10/daemons/cmirrord/functions.c:1505:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
r = sprintf(data, "clustered-core %u %s%s ",
data/lvm2-2.03.10/daemons/cmirrord/functions.c:1528:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
r = sprintf(data, "clustered-disk %d:%d %u %s%s ",
data/lvm2-2.03.10/daemons/cmirrord/logging.h:54:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, f "\n", ## arg); \
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:106:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 5, 6)))
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:119:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 5, 6)))
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:2116:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access(DMEVENTD_PIDFILE, F_OK) == -1) && (errno == ENOENT))
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c:486:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(args[0], args);
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c:943:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stream, _(format), ap);
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.h:113:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 6, 0)))
data/lvm2-2.03.10/daemons/dmeventd/plugins/snapshot/dmeventd_snapshot.c:65:17: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(cmd, (char **)argv);
data/lvm2-2.03.10/daemons/dmeventd/plugins/thin/dmeventd_thin.c:98:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(state->argv[0], state->argv);
data/lvm2-2.03.10/daemons/dmeventd/plugins/vdo/dmeventd_vdo.c:88:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(state->argv[0], state->argv);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:47:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(fmt "\n", ##args); \
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:80:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
(void) sscanf(line, "info=client pid=%u fd=%d pi=%d id=%u name=%s",
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:85:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(clients[num_clients].name, name);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:96:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cl_name, clients[i].name);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:113:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
(void) sscanf(line, "info=ls ls_name=%s vg_name=%s vg_uuid=%s vg_sysid=%s vg_args=%s lm_type=%s",
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:134:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
(void) sscanf(line, "info=ls_action client_id=%u %s %s op=%s",
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:150:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
(void) sscanf(line, "info=r name=%s type=%s mode=%s %s version=%u",
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:153:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(r_name_out, r_name);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:154:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(r_type_out, r_type);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:188:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
(void) sscanf(line, "info=lk mode=%s version=%u %s client_id=%u",
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:224:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
(void) sscanf(line, "info=r_action client_id=%u %s %s op=%s rt=%s mode=%s %s %s %s",
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:377:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&dump_addr.sun_path[1], DUMP_SOCKET_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:363:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(line + pos, len - pos, fmt, ap);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:920:8: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(adopt_line, "LV: %64s %64s %s %8s %u",
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:4318:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&dump_addr.sun_path[1], DUMP_SOCKET_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5859:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gl_lsname_dlm, S_NAME_GL_DLM);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:105:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(clustername, "%s", "test");
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:350:72: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void log_level(int level, const char *fmt, ...) __attribute__((format(printf, 2, 3)));
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:301:10: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
(void) sscanf(key, "%s", key_str);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:302:10: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
(void) sscanf(val, "%s", val_str);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1751:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(opt.owner_name, "%s", "lvmlockd");
data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-core.c:110:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(ls->lvm_binary, X_OK)) {
data/lvm2-2.03.10/device_mapper/all.h:66:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 5, 6)));
data/lvm2-2.03.10/device_mapper/all.h:79:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 4, 5)));
data/lvm2-2.03.10/device_mapper/all.h:1403:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 3, 4)));
data/lvm2-2.03.10/device_mapper/all.h:1554:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 2, 3)));
data/lvm2-2.03.10/device_mapper/all.h:1556:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 2, 0)));
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1050:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out, t->params);
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1289:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(b, dmt->newname);
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1294:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmsg->message, dmt->message);
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1298:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(b, dmt->geometry);
data/lvm2-2.03.10/device_mapper/libdm-common.c:112:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 5, 0)))
data/lvm2-2.03.10/device_mapper/libdm-common.c:135:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(out, f, ap);
data/lvm2-2.03.10/device_mapper/libdm-common.c:149:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 5, 6)))
data/lvm2-2.03.10/device_mapper/libdm-common.c:161:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 4, 5)))
data/lvm2-2.03.10/device_mapper/libdm-common.c:182:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 5, 6)))
data/lvm2-2.03.10/device_mapper/libdm-common.c:192:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(buf, sizeof(buf), f, ap);
data/lvm2-2.03.10/device_mapper/libdm-common.c:207:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 4, 5)))
data/lvm2-2.03.10/device_mapper/libdm-common.c:216:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(buf, sizeof(buf), f, ap);
data/lvm2-2.03.10/device_mapper/libdm-common.c:539:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (!sscanf(&str[i+2], "%2x%s", &code, str_rest)) {
data/lvm2-2.03.10/device_mapper/libdm-common.c:1453:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*pos, str);
data/lvm2-2.03.10/device_mapper/libdm-common.c:1713:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(_default_uuid_prefix, uuid_prefix);
data/lvm2-2.03.10/device_mapper/libdm-common.c:1865:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, temp_buf);
data/lvm2-2.03.10/device_mapper/libdm-common.c:1886:7: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
r = (fscanf(fp, "%" PRIu32 ":%" PRIu32 , &ma, &mi) == 2) &&
data/lvm2-2.03.10/device_mapper/libdm-common.c:2034:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, name);
data/lvm2-2.03.10/device_mapper/libdm-config.c:235:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 2, 3)))
data/lvm2-2.03.10/device_mapper/libdm-config.c:249:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(buf, sizeof(buf), fmt, ap);
data/lvm2-2.03.10/device_mapper/libdm-string.c:129:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(buf, bufsize, format, ap);
data/lvm2-2.03.10/device_mapper/libdm-string.c:158:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(buf, size, format, ap);
data/lvm2-2.03.10/device_mapper/libdm-string.c:388:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dmuuid, "%s%s%s%s", uuid_prefix, lvid, (*layer) ? "-" : "", layer);
data/lvm2-2.03.10/device_mapper/libdm-string.c:555:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(size_buf, "0%s", include_suffix ? size_str[base + s][suffix_type] : "");
data/lvm2-2.03.10/device_mapper/libdm-targets.c:34:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
r = sscanf(params, FMTu64 "/" FMTu64 " " FMTu64,
data/lvm2-2.03.10/device_mapper/libdm-targets.c:123:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(params, "%s %u %s " FMTu64 "/" FMTu64,
data/lvm2-2.03.10/device_mapper/libdm-targets.c:150:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(p, "%s " FMTu64, s->sync_action, &s->mismatch_count) != 2)
data/lvm2-2.03.10/device_mapper/libdm-targets.c:166:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(p, FMTu64, &s->data_offset) != 1)
data/lvm2-2.03.10/device_mapper/libdm-targets.c:324:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(pp, "%s %d", s->policy_name, &s->policy_argc) != 2)
data/lvm2-2.03.10/device_mapper/libdm-targets.c:392:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(params, "%llu %llu %s",
data/lvm2-2.03.10/device_mapper/libdm-targets.c:433:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(params, FMTu64 " " FMTu64 "/" FMTu64 " " FMTu64 "/" FMTu64 "%n",
data/lvm2-2.03.10/device_mapper/libdm-targets.c:501:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
} else if (sscanf(params, FMTu64 " " FMTu64,
data/lvm2-2.03.10/device_mapper/libdm-targets.c:557:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(pos, FMTu64 "/" FMTu64 "%n",
data/lvm2-2.03.10/device_mapper/regex/matcher.c:358:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
ptr += sprintf(ptr, "(.*(%s)%c)", patterns[i], TARGET_TRANS);
data/lvm2-2.03.10/device_mapper/vdo/status.c:166:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 2, 3)));
data/lvm2-2.03.10/device_mapper/vdo/status.c:173:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void) vsnprintf(result->error, sizeof(result->error), fmt, ap);
data/lvm2-2.03.10/lib/activate/fs.c:321:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*pos, str);
data/lvm2-2.03.10/lib/commands/toolcontext.c:332:28: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
if (cmd->default_settings.syslog != 1)
data/lvm2-2.03.10/lib/commands/toolcontext.c:335:28: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
if (cmd->default_settings.syslog > 1)
data/lvm2-2.03.10/lib/commands/toolcontext.c:336:37: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
init_syslog(cmd->default_settings.syslog);
data/lvm2-2.03.10/lib/commands/toolcontext.c:1519:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd->system_dir, DEFAULT_SYS_DIR);
data/lvm2-2.03.10/lib/commands/toolcontext.c:1657:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd->system_dir, DEFAULT_SYS_DIR);
data/lvm2-2.03.10/lib/commands/toolcontext.h:33:6: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
int syslog;
data/lvm2-2.03.10/lib/config/config.c:1898:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(baton.fp, CFG_PREAMBLE_GENERAL);
data/lvm2-2.03.10/lib/config/config.c:1900:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(baton.fp, CFG_PREAMBLE_LOCAL);
data/lvm2-2.03.10/lib/device/dev-cache.c:1367:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dl->dir, path);
data/lvm2-2.03.10/lib/device/dev-md.c:398:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if ((ret = sscanf(buffer, attribute_fmt, attribute_value)) != 1) {
data/lvm2-2.03.10/lib/display/display.c:934:4: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, prompt, ap);
data/lvm2-2.03.10/lib/display/display.h:74:68: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
char yes_no_prompt(const char *prompt, ...) __attribute__ ((format(printf, 1, 2)));
data/lvm2-2.03.10/lib/format_text/archiver.c:130:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access(vg->cmd->archive_params->dir, R_OK | W_OK | X_OK) == -1) &&
data/lvm2-2.03.10/lib/format_text/archiver.c:252:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access(vg->cmd->backup_params->dir, R_OK | W_OK | X_OK) == -1) &&
data/lvm2-2.03.10/lib/format_text/export.c:33:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 3, 0)))
data/lvm2-2.03.10/lib/format_text/export.c:155:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 3, 0)))
data/lvm2-2.03.10/lib/format_text/export.c:169:6: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
i = vfprintf(f->data.fp, fmt, ap);
data/lvm2-2.03.10/lib/format_text/export.c:191:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 3, 0)))
data/lvm2-2.03.10/lib/format_text/export.c:200:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(f->data.buf.start + f->data.buf.used,
data/lvm2-2.03.10/lib/format_text/format-text.c:1474:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_name + len, vg->name);
data/lvm2-2.03.10/lib/format_text/format-text.c:2164:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "%s.tmp", path);
data/lvm2-2.03.10/lib/format_text/text_export.h:32:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 3, 4)));
data/lvm2-2.03.10/lib/format_text/text_export.h:35:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 2, 3)));
data/lvm2-2.03.10/lib/format_text/text_export.h:38:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 2, 3)));
data/lvm2-2.03.10/lib/format_text/text_export.h:46:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 3, 4)));
data/lvm2-2.03.10/lib/label/label.c:64:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(li->name, name);
data/lvm2-2.03.10/lib/locking/file_locking.c:93:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access(_lock_dir, R_OK | W_OK | X_OK) == -1) && (errno == EROFS))
data/lvm2-2.03.10/lib/locking/lvmlockd.c:66:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!!access(LVMLOCKD_PIDFILE, F_OK)) {
data/lvm2-2.03.10/lib/log/log.c:266:8: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(env, FMTu64, &_log_file_max_lines) != 1) {
data/lvm2-2.03.10/lib/log/log.c:485:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 5, 0)))
data/lvm2-2.03.10/lib/log/log.c:543:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(message, sizeof(message), trformat, ap);
data/lvm2-2.03.10/lib/log/log.c:667:4: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stream, trformat, ap);
data/lvm2-2.03.10/lib/log/log.c:700:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(_log_file, trformat, ap);
data/lvm2-2.03.10/lib/log/lvm-logging.h:21:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 5, 6)))
data/lvm2-2.03.10/lib/log/lvm-logging.h:25:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 5, 6)))
data/lvm2-2.03.10/lib/metadata/lv_manip.c:6046:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(lvl->lv->name, format, &i) != 1)
data/lvm2-2.03.10/lib/metadata/lv_manip.c:6054:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(glvl->glv->historical->name, format, &i) != 1)
data/lvm2-2.03.10/lib/misc/lvm-exec.c:84:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0], (char **) argv);
data/lvm2-2.03.10/lib/misc/lvm-exec.c:184:4: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0], (char **) argv);
data/lvm2-2.03.10/lib/misc/lvm-flock.c:164:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_aux, file);
data/lvm2-2.03.10/lib/misc/lvm-flock.c:165:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(file_aux, AUX_LOCK_SUFFIX);
data/lvm2-2.03.10/lib/misc/lvm-string.c:30:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(*buffer, *size, fmt, ap);
data/lvm2-2.03.10/lib/misc/lvm-string.h:38:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 3, 4)));
data/lvm2-2.03.10/lib/report/report.c:1077:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(data_in, "@" FMTd64 ":@" FMTd64, &t1, &t2) != 2) {
data/lvm2-2.03.10/libdaemon/client/config-util.c:386:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf->mem + buf->used, string);
data/lvm2-2.03.10/libdaemon/server/daemon-server.h:174:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 3, 4)));
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:71:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 5, 0)))
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:86:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(out, f, ap);
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:100:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 5, 6)))
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:116:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 1, 2)))
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:122:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:347:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(ptr, "%llu %llu %s %n",
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1543:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, argv[i]);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1836:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 1, 2)))
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1845:4: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(prompt, ap);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:2355:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(args[0], args);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:2532:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(FMTu64 " " FMTu64 " %s ", start, length, target_type);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:6099:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("Group ID changed from " FMTu64 " to " FMTu64,
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1058:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out, t->params);
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1301:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(b, dmt->newname);
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1306:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmsg->message, dmt->message);
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1310:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(b, dmt->geometry);
data/lvm2-2.03.10/libdm/libdevmapper.h:67:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 5, 6)));
data/lvm2-2.03.10/libdm/libdevmapper.h:80:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 4, 5)));
data/lvm2-2.03.10/libdm/libdevmapper.h:2621:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 3, 4)));
data/lvm2-2.03.10/libdm/libdevmapper.h:2772:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 2, 3)));
data/lvm2-2.03.10/libdm/libdevmapper.h:2774:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 2, 0)));
data/lvm2-2.03.10/libdm/libdm-common.c:110:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 5, 0)))
data/lvm2-2.03.10/libdm/libdm-common.c:133:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(out, f, ap);
data/lvm2-2.03.10/libdm/libdm-common.c:147:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 5, 6)))
data/lvm2-2.03.10/libdm/libdm-common.c:159:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 4, 5)))
data/lvm2-2.03.10/libdm/libdm-common.c:180:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 5, 6)))
data/lvm2-2.03.10/libdm/libdm-common.c:190:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(buf, sizeof(buf), f, ap);
data/lvm2-2.03.10/libdm/libdm-common.c:205:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 4, 5)))
data/lvm2-2.03.10/libdm/libdm-common.c:214:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(buf, sizeof(buf), f, ap);
data/lvm2-2.03.10/libdm/libdm-common.c:537:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (!sscanf(&str[i+2], "%2x%s", &code, str_rest)) {
data/lvm2-2.03.10/libdm/libdm-common.c:1451:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*pos, str);
data/lvm2-2.03.10/libdm/libdm-common.c:1711:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(_default_uuid_prefix, uuid_prefix);
data/lvm2-2.03.10/libdm/libdm-common.c:1863:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, temp_buf);
data/lvm2-2.03.10/libdm/libdm-common.c:1884:7: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
r = (fscanf(fp, "%" PRIu32 ":%" PRIu32 , &ma, &mi) == 2) &&
data/lvm2-2.03.10/libdm/libdm-common.c:2033:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, name);
data/lvm2-2.03.10/libdm/libdm-config.c:235:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 2, 3)))
data/lvm2-2.03.10/libdm/libdm-config.c:249:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(buf, sizeof(buf), fmt, ap);
data/lvm2-2.03.10/libdm/libdm-stats.c:921:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
r = sscanf(line, FMTu64 ": " FMTu64 "+" FMTu64 " " FMTu64 " %4095c",
data/lvm2-2.03.10/libdm/libdm-stats.c:1277:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
r = sscanf(row, FMTu64 "+" FMTu64 /* start+len */
data/lvm2-2.03.10/libdm/libdm-stats.c:5042:2: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(args[0], args);
data/lvm2-2.03.10/libdm/libdm-string.c:129:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(buf, bufsize, format, ap);
data/lvm2-2.03.10/libdm/libdm-string.c:158:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(buf, size, format, ap);
data/lvm2-2.03.10/libdm/libdm-string.c:388:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dmuuid, "%s%s%s%s", uuid_prefix, lvid, (*layer) ? "-" : "", layer);
data/lvm2-2.03.10/libdm/libdm-string.c:555:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(size_buf, "0%s", include_suffix ? size_str[base + s][suffix_type] : "");
data/lvm2-2.03.10/libdm/libdm-targets.c:34:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
r = sscanf(params, FMTu64 "/" FMTu64 " " FMTu64,
data/lvm2-2.03.10/libdm/libdm-targets.c:123:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(params, "%s %u %s " FMTu64 "/" FMTu64,
data/lvm2-2.03.10/libdm/libdm-targets.c:150:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(p, "%s " FMTu64, s->sync_action, &s->mismatch_count) != 2)
data/lvm2-2.03.10/libdm/libdm-targets.c:166:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(p, FMTu64, &s->data_offset) != 1)
data/lvm2-2.03.10/libdm/libdm-targets.c:324:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(pp, "%s %d", s->policy_name, &s->policy_argc) != 2)
data/lvm2-2.03.10/libdm/libdm-targets.c:374:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(params, FMTu64 " " FMTu64 "/" FMTu64 " " FMTu64 "/" FMTu64 "%n",
data/lvm2-2.03.10/libdm/libdm-targets.c:442:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
} else if (sscanf(params, FMTu64 " " FMTu64,
data/lvm2-2.03.10/libdm/libdm-targets.c:498:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(pos, FMTu64 "/" FMTu64 "%n",
data/lvm2-2.03.10/libdm/mm/dbg_malloc.c:52:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret, str);
data/lvm2-2.03.10/libdm/regex/matcher.c:358:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
ptr += sprintf(ptr, "(.*(%s)%c)", patterns[i], TARGET_TRANS);
data/lvm2-2.03.10/scripts/generator-internals.c:37:68: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static void _error(const char *format, ...) __attribute__ ((format(printf, 1, 2)));
data/lvm2-2.03.10/scripts/generator-internals.c:78:7: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (execv(cmd, (char *const *) argv) < 0)
data/lvm2-2.03.10/scripts/lvm2_activation_generator_systemd_red_hat.c:35:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 1, 2)))
data/lvm2-2.03.10/scripts/lvm2_activation_generator_systemd_red_hat.c:45:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = vsnprintf(message + 30, PATH_MAX, format, ap);
data/lvm2-2.03.10/test/lib/brick-shelltest.h:721:9: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp( "bash", "bash", "-noprofile", "-norc", filename.c_str(), NULL );
data/lvm2-2.03.10/test/lib/brick-shelltest.h:800:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system( "echo t > /proc/sysrq-trigger 2> /dev/null" );
data/lvm2-2.03.10/test/lib/brick-shelltest.h:851:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
<< timefmt( system ) << " sys " << std::setw( 3 ) << rss << "M RSS | "
data/lvm2-2.03.10/test/lib/harness.c:383:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(flavour, f);
data/lvm2-2.03.10/test/lib/harness.c:386:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(script, strchr(f, ':') + 1);
data/lvm2-2.03.10/test/lib/harness.c:388:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(script, f);
data/lvm2-2.03.10/test/lib/harness.c:391:3: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp("bash", "bash", "-noprofile", "-norc", script, NULL);
data/lvm2-2.03.10/test/lib/harness.c:450:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("echo t > /proc/sysrq-trigger");
data/lvm2-2.03.10/test/lib/not.c:32:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = system("ls debug.log*${LVM_LOG_FILE_EPOCH}* 2>/dev/null");
data/lvm2-2.03.10/test/lib/not.c:36:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("sed -e 's,^,## DEBUG: ,' debug.log*${LVM_LOG_FILE_EPOCH}* 2>/dev/null")) {
data/lvm2-2.03.10/test/lib/not.c:40:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("rm -f debug.log*${LVM_LOG_FILE_EPOCH}*")) {
data/lvm2-2.03.10/test/lib/not.c:85:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[1], &argv[1]);
data/lvm2-2.03.10/test/unit/activation-generator_t.c:25:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/lvm2-2.03.10/test/unit/framework.c:15:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/lvm2-2.03.10/test/unit/framework.h:38:35: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((noreturn, format (printf, 1, 2)));
data/lvm2-2.03.10/tools/command.c:51:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(fmt "\n", ##args); \
data/lvm2-2.03.10/tools/command.c:54:21: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define dm_snprintf snprintf
data/lvm2-2.03.10/tools/lvchange.c:889:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pv_names[i], "%s:y", tmp_str);
data/lvm2-2.03.10/tools/lvchange.c:891:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pv_names[i], "%s", tmp_str);
data/lvm2-2.03.10/tools/lvconvert.c:398:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
sscanf(layer_name, format, &i) != 1) {
data/lvm2-2.03.10/tools/lvconvert.c:2440:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
(sscanf(trans_id_str + 13, FMTu64, &trans_id) == 1) &&
data/lvm2-2.03.10/tools/lvmcmdline.c:3313:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), DEFAULT_PROC_DIR "/%u/cmdline", pid);
data/lvm2-2.03.10/tools/lvmcmdline.c:3334:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), DEFAULT_PROC_DIR "/self/fd/%u", fd);
data/lvm2-2.03.10/tools/lvmcmdline.c:3579:7: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (execvp(LVM_PATH, argv) == -1)
data/lvm2-2.03.10/daemons/cmirrord/clogd.c:53:16: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long (argc, argv, "fh", longopts, NULL)) != -1) {
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:1845:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(e = getenv(SD_ACTIVATION_ENV_VAR_NAME)) || strcmp(e, "1"))
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:1849:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(e = getenv(SD_LISTEN_PID_ENV_VAR_NAME)))
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:1859:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(e = getenv(SD_LISTEN_FDS_ENV_VAR_NAME)))
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:2112:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
((e = getenv(SD_ACTIVATION_ENV_VAR_NAME)) && strcmp(e, "1")))
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:2171:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "?fhVdlR")) != EOF) {
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c:953:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strcmp(getenv("DM_ABORT_ON_INTERNAL_ERRORS") ? : "0", "0");
data/lvm2-2.03.10/daemons/dmeventd/plugins/lvm2/dmeventd_lvm.c:161:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
!(env = getenv(cmd))) {
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:640:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "hqidE:D:w:k:r:S", long_options, &option_index);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:6044:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
.pidfile = getenv("LVM_LVMLOCKD_PIDFILE"),
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:6045:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
.socket_path = getenv("LVM_LVMLOCKD_SOCKET"),
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:6074:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "hVTfDp:s:l:g:S:I:A:o:",
data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-core.c:926:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
.pidfile = getenv("LVM_LVMPOLLD_PIDFILE") ?: LVMPOLLD_PIDFILE,
data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-core.c:930:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
.socket_path = getenv("LVM_LVMPOLLD_SOCKET") ?: LVMPOLLD_SOCKET,
data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-core.c:933:16: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "fhVl:p:s:B:t:", long_options, &option_index)) != -1) {
data/lvm2-2.03.10/device_mapper/libdm-common.c:93:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("DM_DISABLE_UDEV"))
data/lvm2-2.03.10/device_mapper/libdm-common.c:97:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env = getenv(DM_DEFAULT_NAME_MANGLING_MODE_ENV_VAR_NAME))) {
data/lvm2-2.03.10/device_mapper/libdm-common.c:130:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strcmp(getenv("DM_DEBUG_WITH_LINE_NUMBERS") ? : "0", "0");
data/lvm2-2.03.10/device_mapper/libdm-common.c:142:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strcmp(getenv("DM_ABORT_ON_INTERNAL_ERRORS") ? : "0", "0");
data/lvm2-2.03.10/lib/commands/toolcontext.c:176:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((e = getenv("LVM_SYSTEM_DIR"))) {
data/lvm2-2.03.10/lib/commands/toolcontext.c:185:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (strcmp((getenv("LVM_RUN_BY_DMEVENTD") ? : "0"), "1") == 0)
data/lvm2-2.03.10/lib/commands/toolcontext.c:405:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("DM_DISABLE_UDEV")) {
data/lvm2-2.03.10/lib/commands/toolcontext.c:1460:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
lvmpolld_socket = getenv("LVM_LVMPOLLD_SOCKET");
data/lvm2-2.03.10/lib/locking/locking.c:133:30: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (file_locking_sysinit || getenv("LVM_SUPPRESS_LOCKING_FAILURE_MESSAGES"))
data/lvm2-2.03.10/lib/log/log.c:234:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env = getenv("LVM_LOG_FILE_EPOCH"))) {
data/lvm2-2.03.10/lib/log/log.c:265:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env = getenv("LVM_LOG_FILE_MAX_LINES"))) {
data/lvm2-2.03.10/lib/log/log.c:299:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
(env = getenv("LVM_EXPECTED_EXIT_STATUS")) &&
data/lvm2-2.03.10/lib/log/log.c:315:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("LVM_SUPPRESS_SYSLOG"))
data/lvm2-2.03.10/lib/log/log.c:512:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env_str = getenv("DM_ABORT_ON_INTERNAL_ERRORS"))) {
data/lvm2-2.03.10/lib/lvmpolld/lvmpolld-client.c:140:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *e = getenv("LVM_SYSTEM_DIR");
data/lvm2-2.03.10/lib/lvmpolld/lvmpolld-client.c:207:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *e = getenv("LVM_SYSTEM_DIR");
data/lvm2-2.03.10/libdaemon/server/daemon-server.c:194:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(e = getenv(SD_ACTIVATION_ENV_VAR_NAME)) || strcmp(e, "1"))
data/lvm2-2.03.10/libdaemon/server/daemon-server.c:198:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(e = getenv(SD_LISTEN_PID_ENV_VAR_NAME)))
data/lvm2-2.03.10/libdaemon/server/daemon-server.c:208:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(e = getenv(SD_LISTEN_FDS_ENV_VAR_NAME)))
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:93:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strcmp(getenv("DM_ABORT_ON_INTERNAL_ERRORS") ? : "0", "0");
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:64:40: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
# define GETOPTLONG_FN(a, b, c, d, e) getopt_long((a), (b), (c), (d), (e))
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:69:40: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
# define GETOPTLONG_FN(a, b, c, d, e) getopt((a), (b), (c))
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1760:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv(DM_UDEV_COOKIE_ENV_VAR_NAME);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:7315:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
dev_dir = getenv(DM_DEV_DIR_ENV_VAR_NAME);
data/lvm2-2.03.10/libdm/libdm-common.c:91:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("DM_DISABLE_UDEV"))
data/lvm2-2.03.10/libdm/libdm-common.c:95:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env = getenv(DM_DEFAULT_NAME_MANGLING_MODE_ENV_VAR_NAME))) {
data/lvm2-2.03.10/libdm/libdm-common.c:128:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strcmp(getenv("DM_DEBUG_WITH_LINE_NUMBERS") ? : "0", "0");
data/lvm2-2.03.10/libdm/libdm-common.c:140:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strcmp(getenv("DM_ABORT_ON_INTERNAL_ERRORS") ? : "0", "0");
data/lvm2-2.03.10/test/lib/brick-shelltest.h:547:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
KMsg() : can_clear( strcmp(getenv("LVM_TEST_CAN_CLOBBER_DMESG") ? : "0", "0") ),
data/lvm2-2.03.10/test/lib/brick-shelltest.h:1140:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *v = getenv( name );
data/lvm2-2.03.10/test/lib/brick-shelltest.h:1165:11: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
if ( !realpath( p, temp ) )
data/lvm2-2.03.10/test/lib/brick-shelltest.h:1248:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
split( getenv( "T" ), opt.filter );
data/lvm2-2.03.10/test/lib/brick-shelltest.h:1253:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
split( getenv( "S" ), opt.skip );
data/lvm2-2.03.10/test/lib/harness.c:430:31: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
(clobber_dmesg = strcmp(getenv("LVM_TEST_CAN_CLOBBER_DMESG") ? : "0", "0")))
data/lvm2-2.03.10/test/lib/harness.c:485:33: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((clobber_dmesg = strcmp(getenv("LVM_TEST_CAN_CLOBBER_DMESG") ? : "0", "0")))
data/lvm2-2.03.10/test/lib/harness.c:535:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *be_verbose = getenv("VERBOSE"),
data/lvm2-2.03.10/test/lib/harness.c:536:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
*be_interactive = getenv("INTERACTIVE"),
data/lvm2-2.03.10/test/lib/harness.c:537:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
*be_quiet = getenv("QUIET"),
data/lvm2-2.03.10/test/lib/harness.c:538:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
*be_write_timeout = getenv("WRITE_TIMEOUT");
data/lvm2-2.03.10/test/lib/harness.c:560:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
results = getenv("LVM_TEST_RESULTS") ? : "results";
data/lvm2-2.03.10/test/lib/harness.c:561:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
unlimited = getenv("LVM_TEST_UNLIMITED") ? 1 : 0;
data/lvm2-2.03.10/test/unit/bcache_utils_t.c:231:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return random();
data/lvm2-2.03.10/test/unit/bcache_utils_t.c:330:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
uint8_t val = random();
data/lvm2-2.03.10/test/unit/radix_tree_t.c:517:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/lvm2-2.03.10/test/unit/radix_tree_t.c:572:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/lvm2-2.03.10/tools/command.c:3592:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "ps", long_options, &option_index);
data/lvm2-2.03.10/tools/lvconvert.c:4139:66: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (strchr(lvname1_orig, '/') && !strchr(lvname2_orig, '/') && !getenv("LVM_VG_NAME")) {
data/lvm2-2.03.10/tools/lvm.c:146:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *e = getenv("HOME");
data/lvm2-2.03.10/tools/lvmcmdline.c:41:40: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
# define GETOPTLONG_FN(a, b, c, d, e) getopt_long((a), (b), (c), (d), (e))
data/lvm2-2.03.10/tools/lvmcmdline.c:48:40: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
# define GETOPTLONG_FN(a, b, c, d, e) getopt((a), (b), (c))
data/lvm2-2.03.10/tools/lvmcmdline.c:1530:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
getenv("LVM_VG_NAME"))) {
data/lvm2-2.03.10/tools/lvmcmdline.c:1532:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("LVM_VG_NAME"))
data/lvm2-2.03.10/tools/lvmcmdline.c:2667:30: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((env_cmd_profile_name = getenv(COMMAND_PROFILE_ENV_VAR_NAME))) {
data/lvm2-2.03.10/tools/lvmcmdline.c:2853:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
lvmlockd_socket = getenv("LVM_LVMLOCKD_SOCKET");
data/lvm2-2.03.10/tools/lvmcmdline.c:3286:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!(str = getenv(env_var_name)))
data/lvm2-2.03.10/tools/lvmcmdline.c:3393:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("LVM_SUPPRESS_FD_WARNINGS"))
data/lvm2-2.03.10/tools/lvmcmdline.c:3576:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
!getenv("LVM_DID_EXEC")) {
data/lvm2-2.03.10/tools/toollib.c:420:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
vg_path = getenv("LVM_VG_NAME");
data/lvm2-2.03.10/base/data-struct/hash.c:25:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[0];
data/lvm2-2.03.10/base/data-struct/hash.c:67:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n->key, str, len);
data/lvm2-2.03.10/base/data-struct/radix-tree-adaptive.c:201:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pc->prefix, kb, len);
data/lvm2-2.03.10/base/data-struct/radix-tree-adaptive.c:325:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n16->keys, n4->keys, sizeof(n4->keys));
data/lvm2-2.03.10/base/data-struct/radix-tree-adaptive.c:326:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n16->values, n4->values, sizeof(n4->values));
data/lvm2-2.03.10/base/data-struct/radix-tree-adaptive.c:572:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n4->keys, n16->keys, n16->nr_entries * sizeof(*n4->keys));
data/lvm2-2.03.10/base/data-struct/radix-tree-adaptive.c:573:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n4->values, n16->values, n16->nr_entries * sizeof(*n4->values));
data/lvm2-2.03.10/base/data-struct/radix-tree-adaptive.c:662:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(root, &vc->child, sizeof(*root));
data/lvm2-2.03.10/daemons/cmirrord/clogd.c:175:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((devnull = open("/dev/null", O_RDWR)) == -1) {
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[CPG_MAX_NAME_LENGTH];
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debugging[DEBUGGING_HISTORY][DEBUGGING_BUFLEN];
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:263:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char rq_buffer[DM_ULOG_REQUEST_SIZE];
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:276:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, rq, sizeof(struct clog_request) + rq->u_rq.data_size);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:360:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(orig_rq, rq, sizeof(*rq) + rq->u_rq.data_size);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:479:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:661:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rq->u_rq.data, cp->sync_bits, cp->bitmap_size);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:664:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rq->u_rq.data + cp->bitmap_size, cp->clean_bits, cp->bitmap_size);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:667:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rq->u_rq.data + (cp->bitmap_size * 2), cp->recovering_region,
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:1105:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_rq, rq, sizeof(*rq) + rq->u_rq.data_size);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:1211:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_rq2, rq, sizeof(*rq) + rq->u_rq.data_size);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:1301:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbuf[64] = { 0 };
data/lvm2-2.03.10/daemons/cmirrord/functions.c:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[DM_UUID_LEN];
data/lvm2-2.03.10/daemons/cmirrord/functions.c:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resync_history[RESYNC_HISTORY][RESYNC_BUFLEN];
data/lvm2-2.03.10/daemons/cmirrord/functions.c:187:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(disk, mem, sizeof(struct log_header));
data/lvm2-2.03.10/daemons/cmirrord/functions.c:192:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mem, disk, sizeof(struct log_header));
data/lvm2-2.03.10/daemons/cmirrord/functions.c:258:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lc->clean_bits + 1, (char *)lc->disk_buffer + 1024, bitset_size);
data/lvm2-2.03.10/daemons/cmirrord/functions.c:285:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)lc->disk_buffer + 1024, lc->clean_bits + 1, bitset_size);
data/lvm2-2.03.10/daemons/cmirrord/functions.c:381:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char disk_path[PATH_MAX];
data/lvm2-2.03.10/daemons/cmirrord/functions.c:501:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
r = open(disk_path, O_RDWR | O_DIRECT);
data/lvm2-2.03.10/daemons/cmirrord/functions.c:1445:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
r = sprintf(data, "1 clustered-core");
data/lvm2-2.03.10/daemons/cmirrord/functions.c:1465:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
r = sprintf(data, "3 clustered-disk %d:%d %c",
data/lvm2-2.03.10/daemons/cmirrord/functions.c:1738:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[128] = { 0 };
data/lvm2-2.03.10/daemons/cmirrord/functions.c:1753:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf, "[%3d - %3d]", i, i+15);
data/lvm2-2.03.10/daemons/cmirrord/functions.c:1755:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf + strlen(outbuf), " %.2X", (unsigned char)buf[i]);
data/lvm2-2.03.10/daemons/cmirrord/functions.c:1785:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*buf, "%llu %u", (unsigned long long)lc->recovering_region,
data/lvm2-2.03.10/daemons/cmirrord/functions.c:1811:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf, lc->sync_bits + 1, bitset_size);
data/lvm2-2.03.10/daemons/cmirrord/functions.c:1819:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf, lc->clean_bits + 1, bitset_size);
data/lvm2-2.03.10/daemons/cmirrord/functions.c:1874:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lc->sync_bits + 1, buf, bitset_size);
data/lvm2-2.03.10/daemons/cmirrord/functions.c:1883:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lc->clean_bits + 1, buf, bitset_size);
data/lvm2-2.03.10/daemons/cmirrord/local.c:31:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char recv_buf[2048];
data/lvm2-2.03.10/daemons/cmirrord/local.c:32:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char send_buf[2048];
data/lvm2-2.03.10/daemons/cmirrord/local.c:193:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->data, data, out_size);
data/lvm2-2.03.10/daemons/cmirrord/logging.h:44:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char __buffer[16]; \
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:569:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(message_data->events_str);
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:572:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(message_data->timeout_str)
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:703:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->data, message_data->id, len);
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:708:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(message, buffers[j], len);
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:1420:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDWR)) < 0) {
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:1552:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 2 * sizeof(uint32_t), msg->data, msg->size);
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:1775:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(oom_adj_path, "w"))) {
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:1967:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((open("/dev/null", O_RDONLY) < 0) ||
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:1968:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
(open("/dev/null", O_WRONLY) < 0) ||
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:1969:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
(open("/dev/null", O_WRONLY) < 0))
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c:296:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drainbuf[128];
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c:300:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 2 * sizeof(uint32_t), msg->data, msg->size);
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c:449:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fifos->client = open(fifos->client_path, O_WRONLY | O_NONBLOCK);
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c:508:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fifos->server = open(fifos->server_path, O_RDWR)) < 0) {
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c:520:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fifos->client = open(fifos->client_path, O_RDWR | O_NONBLOCK)) < 0) {
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c:735:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*evmask = atoi(p);
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c:862:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*version = atoi(p);
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c:998:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*timeout = atoi(p);
data/lvm2-2.03.10/daemons/dmeventd/plugins/mirror/dmeventd_mirror.c:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_lvconvert[512];
data/lvm2-2.03.10/daemons/dmeventd/plugins/raid/dmeventd_raid.c:25:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_lvconvert[512];
data/lvm2-2.03.10/daemons/dmeventd/plugins/snapshot/dmeventd_snapshot.c:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_lvextend[512];
data/lvm2-2.03.10/daemons/dmeventd/plugins/snapshot/dmeventd_snapshot.c:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/lvm2-2.03.10/daemons/dmeventd/plugins/snapshot/dmeventd_snapshot.c:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *words[3];
data/lvm2-2.03.10/daemons/dmeventd/plugins/snapshot/dmeventd_snapshot.c:132:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(mounts = fopen(procmounts, "r"))) {
data/lvm2-2.03.10/daemons/dmeventd/plugins/thin/dmeventd_thin.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[3];
data/lvm2-2.03.10/daemons/dmeventd/plugins/thin/dmeventd_thin.c:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[16];
data/lvm2-2.03.10/daemons/dmeventd/plugins/thin/dmeventd_thin.c:350:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_str[PATH_MAX + 128 + 2]; /* cmd ' ' vg/lv \0 */
data/lvm2-2.03.10/daemons/dmeventd/plugins/vdo/dmeventd_vdo.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[3];
data/lvm2-2.03.10/daemons/dmeventd/plugins/vdo/dmeventd_vdo.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[16];
data/lvm2-2.03.10/daemons/dmeventd/plugins/vdo/dmeventd_vdo.c:317:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_str[PATH_MAX + 128 + 2]; /* cmd ' ' vg/lv \0 */
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dump_buf[DUMP_BUF_SIZE+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ls_name[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_name[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_uuid[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_sysid[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock_args[MAX_ARGS+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock_type[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flags[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char op[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cl_name[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char r_name[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char r_type[4] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[4] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sh_count[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[4] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flags[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cl_name[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flags[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char op[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rt[4] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[4] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lm[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lm_rv[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cl_name[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:283:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAX_LINE] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:284:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char r_name[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char r_type[MAX_NAME+1] = { 0 };
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:477:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opts[32];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:484:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(opts, "wait ");
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:486:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(opts, "force ");
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:662:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wait_opt = atoi(optarg);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:159:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dump_buf[DUMP_BUF_SIZE];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:223:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char log_dump[LOG_DUMP_SIZE];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:327:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(log_buf + p, line, len);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LOG_LINE_SIZE];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:395:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dump_buf, log_dump+log_point, tail_len);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:397:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dump_buf+tail_len, log_dump, log_point);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:400:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dump_buf, log_dump, log_point-1);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:781:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:809:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*major = atoi(major_str);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:811:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*minor = atoi(minor_str);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:813:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*patch = atoi(patch_str);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:837:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(adopt_file, "w")))
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:871:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adopt_line[512];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:872:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_uuid[72];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:873:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lm_type_str[16];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:874:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[8];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:882:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(adopt_file, "r")))
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:905:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ls->vg_uuid, vg_uuid, 64);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:1177:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r->lv_args, act->lv_args, MAX_ARGS);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2375:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_name[MAX_NAME+5];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2770:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_name, "REM:", 4);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2849:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ls_name, gl_lsname_dlm, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2851:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ls_name, gl_lsname_sanlock, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3040:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ls_name[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3088:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ls_name[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ls_name[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3356:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ls_name[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3405:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ls_name[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_args[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3407:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lv_args[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3424:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vg_args, ls->vg_args, MAX_ARGS);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3433:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vg_args, act->vg_args, MAX_ARGS);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3446:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(act->lv_args, lv_args, MAX_ARGS);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3768:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result_flags[128];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3806:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(result_flags, "NO_LOCKSPACES,");
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3811:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(result_flags, "NO_GL_LS,");
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3814:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(result_flags, "NO_GL_LS,");
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3824:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(result_flags, "NO_GL_LS,NO_LM");
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3826:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(result_flags, "NO_GL_LS");
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3831:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(result_flags, "DUP_GL_LS,");
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3834:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(result_flags, "WARN_GL_REMOVED,");
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3837:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(result_flags, "SH_EXISTS,");
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3984:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ls_name[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:4878:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(act_un, act, sizeof(struct action));
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5002:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _dm_uuid[DM_UUID_LEN];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5062:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[64];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5063:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[64];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5329:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ls1->vg_uuid, ls2->vg_uuid, 64);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5330:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ls1->vg_args, ls2->vg_args, MAX_ARGS);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5407:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(act->vg_uuid, ls->vg_uuid, 64);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5408:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(act->vg_args, ls->vg_args, MAX_ARGS);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5831:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wake[1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:6119:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
daemon_host_id = atoi(optarg);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:6125:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sanlock_io_timeout = atoi(optarg);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:6128:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
adopt_opt = atoi(optarg);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:109:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(DLM_CLUSTER_NAME_PATH, O_RDONLY);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clustername[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock_args_version[MAX_VERSION+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sys_clustername[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg_clustername[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:538:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&vb, lksb->sb_lvbptr, sizeof(struct val_blk));
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:539:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdd->vb, &vb, sizeof(vb));
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:571:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lksb->sb_lvbptr, rdd->vb, sizeof(struct val_blk));
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:621:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&vb_prev, rdd->vb, sizeof(struct val_blk));
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:622:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&vb_next, rdd->vb, sizeof(struct val_blk));
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:640:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdd->vb, &vb_next, sizeof(struct val_blk));
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:641:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lksb->sb_lvbptr, &vb_next, sizeof(struct val_blk));
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:703:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ls_nodes_path[PATH_MAX];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:776:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sys_clustername[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:794:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:795:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[DLMC_RUN_COMMAND_LEN];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:796:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char run_uuid[DLMC_RUN_UUID_LEN];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:93:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_uuid[64];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_name[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lv_name[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lv_uuid[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_args[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:141:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lv_args[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_sysid[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME+1]; /* vg name or lv name */
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lv_args[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lm_data[0]; /* lock manager specific data */
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_name[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:178:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_uuid[64];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_args[MAX_ARGS+1]; /* lock manager specific args */
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_sysid[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:329:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EXTERN char gl_lsname_dlm[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-internal.h:330:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EXTERN char gl_lsname_sanlock[MAX_NAME+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:169:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(struct sanlk_resource) + sizeof(struct sanlk_disk)];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:177:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(struct sanlk_resource) + sizeof(struct sanlk_disk)];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char offset_str[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAX_LINE];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_str[MAX_LINE];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val_str[MAX_LINE];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:283:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(daemon_host_id_file, "r");
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:305:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
host_id = atoi(val_str);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:349:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:350:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:357:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(path, "r")))
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:367:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*val = atoi(buf);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:474:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ss.host_id_disk.path, path, SANLK_PATH_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:510:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock_lv_name[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:511:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock_args_version[MAX_VERSION+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:578:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ss.host_id_disk.path, disk.path, SANLK_PATH_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:609:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rd.rs.lockspace_name, ss.name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:611:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rd.rs.disks[0].path, disk.path, SANLK_PATH_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:624:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rd.rs.lockspace_name, ss.name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:626:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rd.rs.disks[0].path, disk.path, SANLK_PATH_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:658:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rd.rs.disks[0].path, disk.path, SANLK_PATH_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:660:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rd.rs.name, "#unused");
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:700:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock_lv_name[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:701:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock_args_version[MAX_VERSION+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:834:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock_lv_name[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:872:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ss.host_id_disk.path, disk.path, SANLK_PATH_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:916:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rd.rs.disks[0].path, disk.path, SANLK_PATH_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:941:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rd.rs.disks[0].path, disk.path, SANLK_PATH_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:969:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rd.rs.disks[0].path, disk.path, SANLK_PATH_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1012:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rs->name, "#unused");
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strname[SANLK_NAME_LEN + 1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1174:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(strname, rd.rs.name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock_lv_name[MAX_ARGS+1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1327:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lsname[SANLK_NAME_LEN + 1];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char disk_path[SANLK_PATH_LEN];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char killpath[SANLK_PATH_LEN];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1330:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char killargs[SANLK_PATH_LEN];
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1411:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lms->ss.name, lsname, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1612:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rds->rs.disks[0].path, lms->ss.host_id_disk.path, SANLK_PATH_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1928:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rds->vb, &vb, sizeof(vb));
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:2034:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rd1, rds, sizeof(struct rd_sanlock));
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:2035:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rd2, rds, sizeof(struct rd_sanlock));
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:2040:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(res2->name, "invalid_removed");
data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-data-utils.c:119:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdlv, &tmp, sizeof(*pdlv));
data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-data-utils.c:247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[1024];
data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-data-utils.h:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/lvm2-2.03.10/device_mapper/all.h:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[0];
data/lvm2-2.03.10/device_mapper/all.h:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[0];
data/lvm2-2.03.10/device_mapper/all.h:988:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[8];
data/lvm2-2.03.10/device_mapper/all.h:1338:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((bs1) + 1, (bs2) + 1, ((*(bs2) / DM_BITS_PER_INT) + 1) * sizeof(int))
data/lvm2-2.03.10/device_mapper/all.h:1731:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char id[DM_REPORT_FIELD_TYPE_ID_LEN];
data/lvm2-2.03.10/device_mapper/all.h:1733:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char heading[DM_REPORT_FIELD_TYPE_HEADING_LEN];
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nm[256];
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:202:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fl = fopen(file, "r"))) {
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:408:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((_control_fd = open(control, O_RDWR)) < 0) {
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:420:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control[PATH_MAX];
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:575:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char libversion[64] = "", dmversion[64] = "";
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:829:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mangled_uuid[DM_UUID_LEN];
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1058:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_sp, &sp, sp_size);
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1760:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, buf, strlen(buf) + 1);
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1767:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_NAME_LEN];
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1794:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_UUID_LEN];
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:2218:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info, &new_info, offsetof(struct dm_info, deferred_remove));
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:2231:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info, &new_info, offsetof(struct dm_info, internal_suspend));
data/lvm2-2.03.10/device_mapper/libdm-common.c:64:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _dm_dir[PATH_MAX] = DEV_DIR DM_DIR;
data/lvm2-2.03.10/device_mapper/libdm-common.c:65:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _sysfs_dir[PATH_MAX] = "/sys/";
data/lvm2-2.03.10/device_mapper/libdm-common.c:66:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _path0[PATH_MAX]; /* path buffer, safe 4kB on stack */
data/lvm2-2.03.10/device_mapper/libdm-common.c:70:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _default_uuid_prefix[DM_MAX_UUID_PREFIX_LEN + 1] = "LVM-";
data/lvm2-2.03.10/device_mapper/libdm-common.c:189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2 * PATH_MAX + 256]; /* big enough for most messages */
data/lvm2-2.03.10/device_mapper/libdm-common.c:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2 * PATH_MAX + 256]; /* big enough for most messages */
data/lvm2-2.03.10/device_mapper/libdm-common.c:351:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/device_mapper/libdm-common.c:454:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[j], &str[i], 4);
data/lvm2-2.03.10/device_mapper/libdm-common.c:479:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[j], "\\x%02x", (unsigned char) str[i]);
data/lvm2-2.03.10/device_mapper/libdm-common.c:513:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_rest[DM_NAME_LEN];
data/lvm2-2.03.10/device_mapper/libdm-common.c:563:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mangled_name[DM_NAME_LEN];
data/lvm2-2.03.10/device_mapper/libdm-common.c:608:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/lvm2-2.03.10/device_mapper/libdm-common.c:723:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_NAME_LEN];
data/lvm2-2.03.10/device_mapper/libdm-common.c:735:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_NAME_LEN];
data/lvm2-2.03.10/device_mapper/libdm-common.c:752:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_UUID_LEN];
data/lvm2-2.03.10/device_mapper/libdm-common.c:764:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_UUID_LEN];
data/lvm2-2.03.10/device_mapper/libdm-common.c:776:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mangled_name[DM_NAME_LEN];
data/lvm2-2.03.10/device_mapper/libdm-common.c:824:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mangled_uuid[DM_UUID_LEN];
data/lvm2-2.03.10/device_mapper/libdm-common.c:1043:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/device_mapper/libdm-common.c:1096:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/device_mapper/libdm-common.c:1121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldpath[PATH_MAX];
data/lvm2-2.03.10/device_mapper/libdm-common.c:1122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newpath[PATH_MAX];
data/lvm2-2.03.10/device_mapper/libdm-common.c:1209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/device_mapper/libdm-common.c:1214:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDONLY, 0)) < 0)
data/lvm2-2.03.10/device_mapper/libdm-common.c:1223:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[24];
data/lvm2-2.03.10/device_mapper/libdm-common.c:1241:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(_path0, O_RDONLY, 0)) != -1) {
data/lvm2-2.03.10/device_mapper/libdm-common.c:1248:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*read_ahead = atoi(buf) * 2;
data/lvm2-2.03.10/device_mapper/libdm-common.c:1293:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[24];
data/lvm2-2.03.10/device_mapper/libdm-common.c:1321:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(_path0, O_WRONLY, 0)) != -1) {
data/lvm2-2.03.10/device_mapper/libdm-common.c:1448:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char names[0];
data/lvm2-2.03.10/device_mapper/libdm-common.c:1745:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char root[PATH_MAX + 1]; /* sscanf needs extra '\0' */
data/lvm2-2.03.10/device_mapper/libdm-common.c:1746:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[PATH_MAX + 1];
data/lvm2-2.03.10/device_mapper/libdm-common.c:1798:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2 * PATH_MAX];
data/lvm2-2.03.10/device_mapper/libdm-common.c:1799:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[PATH_MAX];
data/lvm2-2.03.10/device_mapper/libdm-common.c:1803:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(minfo = fopen(_mountinfo, "r"))) {
data/lvm2-2.03.10/device_mapper/libdm-common.c:1844:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(sysfs_path, "r"))) {
data/lvm2-2.03.10/device_mapper/libdm-common.c:1883:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(path, "r")))
data/lvm2-2.03.10/device_mapper/libdm-common.c:1899:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/device_mapper/libdm-common.c:2071:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysfs_path[PATH_MAX];
data/lvm2-2.03.10/device_mapper/libdm-common.c:2094:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysfs_path[PATH_MAX];
data/lvm2-2.03.10/device_mapper/libdm-common.c:2148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kernel_dev_name[PATH_MAX];
data/lvm2-2.03.10/device_mapper/libdm-common.c:2166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kernel_dev_name[PATH_MAX];
data/lvm2-2.03.10/device_mapper/libdm-common.c:2509:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/dev/urandom", O_RDONLY)) < 0) {
data/lvm2-2.03.10/device_mapper/libdm-config.c:238:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/lvm2-2.03.10/device_mapper/libdm-config.c:349:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char space[MAX_INDENT + 1];
data/lvm2-2.03.10/device_mapper/libdm-config.c:926:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, b, len);
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:69:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char target[16];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:354:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_NAME_LEN + 32]; /* print buffer for device_name (major:minor) */
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:606:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_without_suffix[DM_UUID_LEN];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:1553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devbuf[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logbuf[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2584:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2585:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char metadata[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2586:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origin[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2650:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origin_dev[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2651:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cache_dev[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2744:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origin_dev[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2745:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char meta_dev[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2820:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pool[DM_FORMAT_DEV_BUFSIZE], metadata[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2850:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2851:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_dev[128]; // for /dev/dm-XXXX
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2889:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pool[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2890:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char external[DM_FORMAT_DEV_BUFSIZE + 1];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:2917:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char originbuf[DM_FORMAT_DEV_BUFSIZE], cowbuf[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:3849:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&seg->writecache_settings, settings, sizeof(struct writecache_settings));
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:3892:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&seg->integrity_settings, settings, sizeof(struct integrity_settings));
data/lvm2-2.03.10/device_mapper/libdm-file.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/lvm2-2.03.10/device_mapper/libdm-file.c:150:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(lockfile, O_CREAT | O_WRONLY,
data/lvm2-2.03.10/device_mapper/libdm-file.c:244:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd = open(lockfile, O_RDONLY)) < 0)
data/lvm2-2.03.10/device_mapper/libdm-report.c:917:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_canon[DM_REPORT_FIELD_TYPE_ID_LEN];
data/lvm2-2.03.10/device_mapper/libdm-report.c:975:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_canon[DM_REPORT_FIELD_TYPE_ID_LEN];
data/lvm2-2.03.10/device_mapper/libdm-report.c:1074:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_canon[DM_REPORT_FIELD_TYPE_ID_LEN];
data/lvm2-2.03.10/device_mapper/libdm-report.c:1216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char canonical_field[DM_REPORT_FIELD_TYPE_ID_LEN];
data/lvm2-2.03.10/device_mapper/libdm-report.c:3523:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, v, len);
data/lvm2-2.03.10/device_mapper/libdm-targets.c:387:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recalc_str[16] = "\0";
data/lvm2-2.03.10/device_mapper/misc/dm-ioctl.h:144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[DM_NAME_LEN]; /* device name */
data/lvm2-2.03.10/device_mapper/misc/dm-ioctl.h:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[DM_UUID_LEN]; /* unique identifier for
data/lvm2-2.03.10/device_mapper/misc/dm-ioctl.h:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[7]; /* padding or data */
data/lvm2-2.03.10/device_mapper/misc/dm-ioctl.h:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target_type[DM_MAX_TYPE_NAME];
data/lvm2-2.03.10/device_mapper/misc/dm-ioctl.h:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[0];
data/lvm2-2.03.10/device_mapper/misc/dm-ioctl.h:206:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[0];
data/lvm2-2.03.10/device_mapper/misc/dm-ioctl.h:215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[0];
data/lvm2-2.03.10/device_mapper/misc/dm-log-userspace.h:405:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[DM_UUID_LEN];
data/lvm2-2.03.10/device_mapper/misc/dm-log-userspace.h:406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padding[3]; /* Padding because DM_UUID_LEN = 129 */
data/lvm2-2.03.10/device_mapper/mm/pool-debug.c:249:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->data, p->object->data, p->object->size);
data/lvm2-2.03.10/device_mapper/mm/pool-debug.c:255:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)new->data + new_size - delta, extra, delta);
data/lvm2-2.03.10/device_mapper/mm/pool-fast.c:220:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->chunk->begin, c->begin, p->object_len);
data/lvm2-2.03.10/device_mapper/mm/pool-fast.c:233:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c->begin + p->object_len, extra, delta);
data/lvm2-2.03.10/device_mapper/mm/pool.c:55:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, str, len);
data/lvm2-2.03.10/device_mapper/mm/pool.c:68:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, str, len);
data/lvm2-2.03.10/device_mapper/regex/parse_rx.c:543:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(left_cat, RIGHT(left_cat), sizeof(*left_cat));
data/lvm2-2.03.10/device_mapper/regex/parse_rx.c:544:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(right_cat, RIGHT(right_cat), sizeof(*right_cat));
data/lvm2-2.03.10/device_mapper/vdo/status.c:46:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char str[12];
data/lvm2-2.03.10/device_mapper/vdo/status.c:69:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char str[8];
data/lvm2-2.03.10/device_mapper/vdo/status.c:107:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char str[8];
data/lvm2-2.03.10/device_mapper/vdo/target.h:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[VDO_MAX_ERROR];
data/lvm2-2.03.10/lib/activate/activate.c:104:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char config_path[PATH_MAX];
data/lvm2-2.03.10/lib/activate/activate.c:549:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char module[128];
data/lvm2-2.03.10/lib/activate/activate.c:553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/activate/activate.c:1605:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/activate/activate.c:2702:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[257];
data/lvm2-2.03.10/lib/activate/dev_manager.c:371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/lvm2-2.03.10/lib/activate/dev_manager.c:812:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char old_style_dlid[sizeof(UUID_PREFIX) + 2 * ID_LEN];
data/lvm2-2.03.10/lib/activate/dev_manager.c:1870:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vsn[80];
data/lvm2-2.03.10/lib/activate/dev_manager.c:2073:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysfs_path[PATH_MAX];
data/lvm2-2.03.10/lib/activate/dev_manager.c:2198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128] = { 0 };
data/lvm2-2.03.10/lib/activate/dev_manager.c:2240:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[19] = { /* Max supported 15 args */
data/lvm2-2.03.10/lib/activate/dev_manager.c:2254:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(mpath, O_RDONLY)) < 0) {
data/lvm2-2.03.10/lib/activate/dev_manager.c:2403:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lvid.id[0], &lv->vg->id, sizeof(struct id));
data/lvm2-2.03.10/lib/activate/dev_manager.c:2405:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lvid.id[1],
data/lvm2-2.03.10/lib/activate/dev_manager.c:2687:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errid[32];
data/lvm2-2.03.10/lib/activate/dev_manager.c:2707:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errid, "missing_%d_%d", segno, s);
data/lvm2-2.03.10/lib/activate/dev_manager.c:3198:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lvid_meta.id[0], &vg->id, sizeof(struct id));
data/lvm2-2.03.10/lib/activate/dev_manager.c:3199:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lvid_meta.id[1], lvseg->metadata_id ? : &pool_lv->lvid.id[1], sizeof(struct id));
data/lvm2-2.03.10/lib/activate/dev_manager.c:3200:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lvid_data.id[0], &vg->id, sizeof(struct id));
data/lvm2-2.03.10/lib/activate/dev_manager.c:3201:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lvid_data.id[1], lvseg->data_id ? : &pool_lv->lvid.id[1], sizeof(struct id));
data/lvm2-2.03.10/lib/activate/dev_manager.c:3802:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dlid[sizeof(UUID_PREFIX) + sizeof(struct id) - 1] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/activate/dev_manager.c:3818:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dlid, UUID_PREFIX, sizeof(UUID_PREFIX) - 1);
data/lvm2-2.03.10/lib/activate/dev_manager.c:3819:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dlid + sizeof(UUID_PREFIX) - 1, &vg->id.uuid[0], sizeof(vg->id));
data/lvm2-2.03.10/lib/activate/fs.c:39:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vg_path[PATH_MAX];
data/lvm2-2.03.10/lib/activate/fs.c:70:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vg_path[PATH_MAX];
data/lvm2-2.03.10/lib/activate/fs.c:90:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[PATH_MAX];
data/lvm2-2.03.10/lib/activate/fs.c:127:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lv_path[PATH_MAX], link_path[PATH_MAX], lvm1_group_path[PATH_MAX];
data/lvm2-2.03.10/lib/activate/fs.c:128:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vg_path[PATH_MAX];
data/lvm2-2.03.10/lib/activate/fs.c:229:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lv_path[PATH_MAX];
data/lvm2-2.03.10/lib/activate/fs.c:316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char names[0];
data/lvm2-2.03.10/lib/cache/lvmcache.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vgid[ID_LEN + 1];
data/lvm2-2.03.10/lib/cache/lvmcache.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _padding[7];
data/lvm2-2.03.10/lib/cache/lvmcache.c:304:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[ID_LEN + 1] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/cache/lvmcache.c:426:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[ID_LEN + 1] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/cache/lvmcache.c:462:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pvid_s[ID_LEN + 1] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/cache/lvmcache.c:479:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pvid_s[ID_LEN + 1] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/cache/lvmcache.c:520:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/cache/lvmcache.c:1282:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vgid_str[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/cache/lvmcache.c:1283:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char other_str[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/cache/lvmcache.c:1708:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pvid_s[ID_LEN + 1] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/cache/lvmcache.c:1745:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pvid_s[ID_LEN + 1] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/cache/lvmcache.c:1921:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pvid_s[ID_LEN + 1] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/cache/lvmcache.c:1922:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/cache_segtype/cache.c:317:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(s = fopen(_syms, "r")))
data/lvm2-2.03.10/lib/cache_segtype/cache.c:346:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char feature[12];
data/lvm2-2.03.10/lib/cache_segtype/cache.c:347:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char module[12]; /* check dm-%s */
data/lvm2-2.03.10/lib/cache_segtype/cache.c:348:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ksymbol[12]; /* check for kernel symbol */
data/lvm2-2.03.10/lib/cache_segtype/cache.c:571:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/lvm2-2.03.10/lib/cache_segtype/cache.c:710:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&metadata_lvid.id[0], &seg->lv->vg->id, sizeof(struct id));
data/lvm2-2.03.10/lib/cache_segtype/cache.c:711:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&metadata_lvid.id[1], (seg->metadata_id) ? : &seg->pool_lv->lvid.id[1], sizeof(struct id));
data/lvm2-2.03.10/lib/cache_segtype/cache.c:712:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data_lvid.id[0], &seg->lv->vg->id, sizeof(struct id));
data/lvm2-2.03.10/lib/cache_segtype/cache.c:713:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data_lvid.id[1], (seg->data_id) ? : &seg->pool_lv->lvid.id[1], sizeof(struct id));
data/lvm2-2.03.10/lib/commands/toolcontext.c:92:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(file, "r"))) {
data/lvm2-2.03.10/lib/commands/toolcontext.c:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filebuf[PATH_MAX];
data/lvm2-2.03.10/lib/commands/toolcontext.c:193:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char proc_mounts[PATH_MAX];
data/lvm2-2.03.10/lib/commands/toolcontext.c:194:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *split[4], buffer[PATH_MAX + 16];
data/lvm2-2.03.10/lib/commands/toolcontext.c:211:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(proc_mounts, "r"))) {
data/lvm2-2.03.10/lib/commands/toolcontext.c:328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[26];
data/lvm2-2.03.10/lib/commands/toolcontext.c:572:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysfs_dir[PATH_MAX];
data/lvm2-2.03.10/lib/commands/toolcontext.c:815:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char config_file[PATH_MAX] = "";
data/lvm2-2.03.10/lib/commands/toolcontext.h:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _padding[1];
data/lvm2-2.03.10/lib/commands/toolcontext.h:220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char system_dir[PATH_MAX];
data/lvm2-2.03.10/lib/commands/toolcontext.h:221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev_dir[PATH_MAX];
data/lvm2-2.03.10/lib/commands/toolcontext.h:222:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_dir[PATH_MAX];
data/lvm2-2.03.10/lib/commands/toolcontext.h:232:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char display_buffer[NAME_LEN * 10]; /* ring buffer for upto 10 longest vg/lv names */
data/lvm2-2.03.10/lib/config/config.c:687:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char actual_type_name[128];
data/lvm2-2.03.10/lib/config/config.c:688:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char expected_type_name[128];
data/lvm2-2.03.10/lib/config/config.c:1117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vp[CFG_PATH_MAX_LEN], rp[CFG_PATH_MAX_LEN];
data/lvm2-2.03.10/lib/config/config.c:1241:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CFG_PATH_MAX_LEN];
data/lvm2-2.03.10/lib/config/config.c:1254:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CFG_PATH_MAX_LEN];
data/lvm2-2.03.10/lib/config/config.c:1272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CFG_PATH_MAX_LEN];
data/lvm2-2.03.10/lib/config/config.c:1294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CFG_PATH_MAX_LEN];
data/lvm2-2.03.10/lib/config/config.c:1318:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CFG_PATH_MAX_LEN];
data/lvm2-2.03.10/lib/config/config.c:1340:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CFG_PATH_MAX_LEN];
data/lvm2-2.03.10/lib/config/config.c:1362:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CFG_PATH_MAX_LEN];
data/lvm2-2.03.10/lib/config/config.c:1384:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CFG_PATH_MAX_LEN];
data/lvm2-2.03.10/lib/config/config.c:1401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CFG_PATH_MAX_LEN];
data/lvm2-2.03.10/lib/config/config.c:1494:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CFG_PATH_MAX_LEN];
data/lvm2-2.03.10/lib/config/config.c:1713:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[9]; /* 8+1 chars for max version of 7.15.511 */
data/lvm2-2.03.10/lib/config/config.c:1715:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CFG_PATH_MAX_LEN];
data/lvm2-2.03.10/lib/config/config.c:1716:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char commentline[MAX_COMMENT_LINE+1];
data/lvm2-2.03.10/lib/config/config.c:1806:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_path[CFG_PATH_MAX_LEN];
data/lvm2-2.03.10/lib/config/config.c:1807:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char summary[MAX_COMMENT_LINE+1];
data/lvm2-2.03.10/lib/config/config.c:1808:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[9];
data/lvm2-2.03.10/lib/config/config.c:1890:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
} else if (!(baton.fp = fopen(file, "w"))) {
data/lvm2-2.03.10/lib/config/config.c:2283:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char profile_path[PATH_MAX];
data/lvm2-2.03.10/lib/config/config.c:2344:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_MAX];
data/lvm2-2.03.10/lib/config/config.c:2362:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_MAX];
data/lvm2-2.03.10/lib/config/config.c:2396:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_MAX];
data/lvm2-2.03.10/lib/config/config.c:2413:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_MAX];
data/lvm2-2.03.10/lib/config/config.c:2431:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_MAX];
data/lvm2-2.03.10/lib/config/config.c:2449:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[PATH_MAX];
data/lvm2-2.03.10/lib/config/config.h:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[PATH_MAX]; /* subdir in LVM_SYSTEM_DIR where LVM looks for profiles */
data/lvm2-2.03.10/lib/datastruct/str_list.c:195:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, sl->str, len);
data/lvm2-2.03.10/lib/datastruct/str_list.c:199:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, delim, delim_len);
data/lvm2-2.03.10/lib/datastruct/str_list.c:234:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str_item, p1, len);
data/lvm2-2.03.10/lib/device/bcache-utils.c:71:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, ((unsigned char *) b->data) + block_offset, blen);
data/lvm2-2.03.10/lib/device/bcache-utils.c:167:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((unsigned char *) b->data) + offset, u->data, len);
data/lvm2-2.03.10/lib/device/bcache-utils.c:184:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b->data, u->data, block_size);
data/lvm2-2.03.10/lib/device/dev-cache.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[0];
data/lvm2-2.03.10/lib/device/dev-cache.c:236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p0[PATH_MAX], p1[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-cache.c:360:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(path, "r"))) {
data/lvm2-2.03.10/lib/device/dev-cache.c:388:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-cache.c:424:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-cache.c:465:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-cache.c:466:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-cache.c:511:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[DM_UUID_LEN];
data/lvm2-2.03.10/lib/device/dev-cache.c:540:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devpath[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-cache.c:541:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-cache.c:926:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devname[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-cache.c:977:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-cache.c:1513:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-dasd.c:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4]; /* from discipline.name, 'none' for unknown */
data/lvm2-2.03.10/lib/device/dev-dasd.c:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char characteristics[64]; /* from read_device_characteristics */
data/lvm2-2.03.10/lib/device/dev-dasd.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char configuration_data[256]; /* from read_configuration_data */
data/lvm2-2.03.10/lib/device/dev-io.c:351:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dev->fd = open(name, flags, 0777)) < 0) {
data/lvm2-2.03.10/lib/device/dev-io.c:356:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dev->fd = open(name, flags, 0777)) >= 0) {
data/lvm2-2.03.10/lib/device/dev-io.c:366:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dev->fd = open(name, flags, 0777)) >= 0) {
data/lvm2-2.03.10/lib/device/dev-luks.c:23:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LUKS_SIGNATURE_SIZE];
data/lvm2-2.03.10/lib/device/dev-lvm1-pool.c:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pl_pool_name[POOL_NAME_SIZE]; /* Name of pool */
data/lvm2-2.03.10/lib/device/dev-lvm1-pool.c:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pl_reserve[184]; /* bump the structure size out to 512 bytes */
data/lvm2-2.03.10/lib/device/dev-lvm1-pool.c:130:26: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define CPIN_8(x, y, z) {memcpy((x), (y), (z));}
data/lvm2-2.03.10/lib/device/dev-md.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsm_signature[IMSM_SIG_LEN];
data/lvm2-2.03.10/lib/device/dev-md.c:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid[24];
data/lvm2-2.03.10/lib/device/dev-md.c:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char revision[8];
data/lvm2-2.03.10/lib/device/dev-md.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padding[472];
data/lvm2-2.03.10/lib/device/dev-md.c:380:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX+1], buffer[MD_MAX_SYSFS_SIZE];
data/lvm2-2.03.10/lib/device/dev-md.c:388:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(path, "r"))) {
data/lvm2-2.03.10/lib/device/dev-md.c:434:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char level_string[MD_MAX_SYSFS_SIZE];
data/lvm2-2.03.10/lib/device/dev-md.c:528:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version_string[MD_MAX_SYSFS_SIZE];
data/lvm2-2.03.10/lib/device/dev-swap.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/lvm2-2.03.10/lib/device/dev-type.c:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-type.c:55:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(path, "r")))
data/lvm2-2.03.10/lib/device/dev-type.c:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-type.c:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64];
data/lvm2-2.03.10/lib/device/dev-type.c:85:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(path, "r")))
data/lvm2-2.03.10/lib/device/dev-type.c:103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[80];
data/lvm2-2.03.10/lib/device/dev-type.c:104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_devices[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-type.c:132:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(pd = fopen(proc_devices, "r"))) {
data/lvm2-2.03.10/lib/device/dev-type.c:143:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
line_maj = atoi(line + i);
data/lvm2-2.03.10/lib/device/dev-type.c:356:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-type.c:357:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64];
data/lvm2-2.03.10/lib/device/dev-type.c:367:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(path, "r")))
data/lvm2-2.03.10/lib/device/dev-type.c:557:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-type.c:558:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_path[PATH_MAX];
data/lvm2-2.03.10/lib/device/dev-type.c:559:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64];
data/lvm2-2.03.10/lib/device/dev-type.c:622:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(path, "r"))) {
data/lvm2-2.03.10/lib/device/dev-type.c:655:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*fs_block_size = (uint32_t)atoi(block_size_str);
data/lvm2-2.03.10/lib/device/dev-type.c:935:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX], buffer[64];
data/lvm2-2.03.10/lib/device/dev-type.c:975:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(path, "r"))) {
data/lvm2-2.03.10/lib/device/device-types.h:17:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char name[15];
data/lvm2-2.03.10/lib/device/device.h:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pvid[ID_LEN + 1]; /* if device is a PV */
data/lvm2-2.03.10/lib/device/device.h:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _padding[7];
data/lvm2-2.03.10/lib/display/display.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char str[14]; /* must be changed when size extends 13 chars */
data/lvm2-2.03.10/lib/display/display.c:117:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *_percent_types[7] = { "NONE", "VG", "FREE", "LV", "PVS", "ORIGIN" };
data/lvm2-2.03.10/lib/display/display.c:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/display/display.c:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/display/display.c:328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/display/display.c:372:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/display/display.c:403:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/display/display.c:724:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/display/display.c:795:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/display/display.c:925:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/lvm2-2.03.10/lib/filters/filter-composite.c:84:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(filters_copy, filters, sizeof(*filters) * n);
data/lvm2-2.03.10/lib/filters/filter-mpath.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/filters/filter-mpath.c:89:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(path, "r"))) {
data/lvm2-2.03.10/lib/filters/filter-mpath.c:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX], buffer[64];
data/lvm2-2.03.10/lib/filters/filter-mpath.c:189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX], parent_name[PATH_MAX];
data/lvm2-2.03.10/lib/filters/filter-signature.c:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/lvm2-2.03.10/lib/filters/filter-sysfs.c:29:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char path[32];
data/lvm2-2.03.10/lib/filters/filter-sysfs.c:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64];
data/lvm2-2.03.10/lib/filters/filter-sysfs.c:184:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(file, "r"))) {
data/lvm2-2.03.10/lib/filters/filter-sysfs.c:205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/filters/filter-sysfs.c:206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[PATH_MAX];
data/lvm2-2.03.10/lib/filters/filter-sysfs.c:295:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sys_block[PATH_MAX];
data/lvm2-2.03.10/lib/format_text/archive.c:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vgname_found[64], *path;
data/lvm2-2.03.10/lib/format_text/archive.c:231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_file[PATH_MAX], archive_name[PATH_MAX];
data/lvm2-2.03.10/lib/format_text/archiver.c:219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PATH_MAX];
data/lvm2-2.03.10/lib/format_text/archiver.c:282:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/format_text/archiver.c:550:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/format_text/archiver.c:613:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/format_text/export.c:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char white_space[MAX_INDENT + 1];
data/lvm2-2.03.10/lib/format_text/export.c:272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64];
data/lvm2-2.03.10/lib/format_text/export.c:362:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/lvm2-2.03.10/lib/format_text/export.c:437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/lvm2-2.03.10/lib/format_text/export.c:516:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/format_text/export.c:528:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PATH_MAX * 2];
data/lvm2-2.03.10/lib/format_text/export.c:587:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2048];
data/lvm2-2.03.10/lib/format_text/export.c:706:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/lvm2-2.03.10/lib/format_text/export.c:876:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[40];
data/lvm2-2.03.10/lib/format_text/export.c:949:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32], *uuid, *name;
data/lvm2-2.03.10/lib/format_text/format-text.c:300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vgnamebuf[NAME_LEN + 2] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/format_text/format-text.c:310:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&vgsummary_orphan.vgid, FMT_TEXT_ORPHAN_VG_NAME, sizeof(FMT_TEXT_ORPHAN_VG_NAME));
data/lvm2-2.03.10/lib/format_text/format-text.c:582:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[2048];
data/lvm2-2.03.10/lib/format_text/format-text.c:1364:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_file[PATH_MAX], temp_dir[PATH_MAX];
data/lvm2-2.03.10/lib/format_text/format-text.c:1454:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_name[PATH_MAX];
data/lvm2-2.03.10/lib/format_text/format-text.c:1521:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[NAME_LEN + 1] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/format_text/format-text.c:1690:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MDA_HEADER_SIZE] __attribute__((aligned(8))) = { 0 };
data/lvm2-2.03.10/lib/format_text/format-text.c:1863:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mdac_new, mdac, sizeof(*mdac));
data/lvm2-2.03.10/lib/format_text/import_vsn1.c:222:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pv->vgid, &vg->id, sizeof(vg->id));
data/lvm2-2.03.10/lib/format_text/text_label.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/format_text/text_label.c:105:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pvhdr->pv_uuid, &lvmcache_device(info)->pvid, sizeof(struct id));
data/lvm2-2.03.10/lib/label/hints.c:175:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _hint_line[HINT_LINE_LEN];
data/lvm2-2.03.10/lib/label/hints.c:224:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(_newhints_file, "w")))
data/lvm2-2.03.10/lib/label/hints.c:235:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(_nohints_file, "w")))
data/lvm2-2.03.10/lib/label/hints.c:246:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(_hints_file, "w")))
data/lvm2-2.03.10/lib/label/hints.c:276:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(_hints_file, "w"))) {
data/lvm2-2.03.10/lib/label/hints.c:313:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(_hints_file, O_RDWR);
data/lvm2-2.03.10/lib/label/hints.c:651:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devpath[PATH_MAX];
data/lvm2-2.03.10/lib/label/hints.c:657:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *split[HINT_LINE_WORDS];
data/lvm2-2.03.10/lib/label/hints.c:670:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(_hints_file, "r")))
data/lvm2-2.03.10/lib/label/hints.c:794:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(alloc_hint, &hint, sizeof(hint));
data/lvm2-2.03.10/lib/label/hints.c:873:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devpath[PATH_MAX];
data/lvm2-2.03.10/lib/label/hints.c:909:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(_hints_file, "w"))) {
data/lvm2-2.03.10/lib/label/hints.c:1164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[NAME_LEN];
data/lvm2-2.03.10/lib/label/hints.h:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PATH_MAX];
data/lvm2-2.03.10/lib/label/hints.h:21:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pvid[ID_LEN + 1];
data/lvm2-2.03.10/lib/label/hints.h:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vgname[NAME_LEN];
data/lvm2-2.03.10/lib/label/label.c:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[0];
data/lvm2-2.03.10/lib/label/label.c:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readbuf[LABEL_SIZE] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/label/label.c:179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LABEL_SIZE] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/label/label.c:334:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(label_buf, lh, LABEL_SIZE);
data/lvm2-2.03.10/lib/label/label.c:360:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label_buf[LABEL_SIZE] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/label/label.c:525:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(name, flags, 0777);
data/lvm2-2.03.10/lib/label/label.c:915:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LABEL_SIZE] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/label/label.h:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[8];
data/lvm2-2.03.10/lib/locking/file_locking.c:30:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _lock_dir[PATH_MAX];
data/lvm2-2.03.10/lib/locking/file_locking.c:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockfile[PATH_MAX];
data/lvm2-2.03.10/lib/locking/locking.c:195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resource[258] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/locking/lvmlockd.c:384:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/locking/lvmlockd.c:1084:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/locking/lvmlockd.c:2120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lv_uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/locking/lvmlockd.c:2418:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lv_uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/locking/lvmlockd.c:2419:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/locking/lvmlockd.c:2493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lv_uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/locking/lvmlockd.c:2562:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lv_uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/log/log.c:30:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _log_file_path[PATH_MAX];
data/lvm2-2.03.10/lib/log/log.c:39:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _msg_prefix[30] = " ";
data/lvm2-2.03.10/lib/log/log.c:243:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(st = fopen(statfile, "r")))
data/lvm2-2.03.10/lib/log/log.c:275:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(_log_file = fopen(log_file, append ? "a" : "w"))) {
data/lvm2-2.03.10/lib/log/log.c:300:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((env[0] == '>' && ret > atoi(env + 1)) ||
data/lvm2-2.03.10/lib/log/log.c:301:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(env) == ret))) {
data/lvm2-2.03.10/lib/log/log.c:429:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *log_context_names[LOG_REPORT_CONTEXT_COUNT] = {[LOG_REPORT_CONTEXT_NULL] = "",
data/lvm2-2.03.10/lib/log/log.c:438:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *log_object_type_names[LOG_REPORT_OBJECT_TYPE_COUNT] = {[LOG_REPORT_OBJECT_TYPE_NULL] = "",
data/lvm2-2.03.10/lib/log/log.c:490:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], message[4096];
data/lvm2-2.03.10/lib/log/log.c:491:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_prefix[32] = "";
data/lvm2-2.03.10/lib/log/log.c:572:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_lvm_errmsg + _lvm_errmsg_len, message, msglen + 1);
data/lvm2-2.03.10/lib/metadata/cache_manip.c:432:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpool_name[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/integrity_manip.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char metaname[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/integrity_manip.c:310:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[PATH_MAX];
data/lvm2-2.03.10/lib/metadata/integrity_manip.c:466:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imeta_name[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/integrity_manip.c:689:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&seg_image->integrity_settings, settings, sizeof(struct integrity_settings));
data/lvm2-2.03.10/lib/metadata/lv.c:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extent_str[32];
data/lvm2-2.03.10/lib/metadata/lv.c:644:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lvfullname[NAME_LEN * 2 + 2];
data/lvm2-2.03.10/lib/metadata/lv.c:1488:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/lvm2-2.03.10/lib/metadata/lv_manip.c:1357:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newareas, seg->areas, seg->area_count * sizeof(*seg->areas));
data/lvm2-2.03.10/lib/metadata/lv_manip.c:4063:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char img_name[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/lv_manip.c:4762:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uniq_name[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/lv_manip.c:4886:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lv_path[PATH_MAX];
data/lvm2-2.03.10/lib/metadata/lv_manip.c:4887:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size_buf[SIZE_BUF];
data/lvm2-2.03.10/lib/metadata/lv_manip.c:4888:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[FSADM_CMD_MAX_ARGS + 4];
data/lvm2-2.03.10/lib/metadata/lv_manip.c:5793:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PATH_MAX];
data/lvm2-2.03.10/lib/metadata/lv_manip.c:6190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dname[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/lv_manip.c:7247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/lv_manip.c:7577:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PATH_MAX];
data/lvm2-2.03.10/lib/metadata/lv_manip.c:7775:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vorigin_name[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/metadata-exported.h:580:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pvid[ID_LEN + 1];
data/lvm2-2.03.10/lib/metadata/metadata.c:307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/metadata/metadata.c:352:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pv->vgid, &vg->id, sizeof(vg->id));
data/lvm2-2.03.10/lib/metadata/metadata.c:505:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vg_path[PATH_MAX];
data/lvm2-2.03.10/lib/metadata/metadata.c:1171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/lvm2-2.03.10/lib/metadata/metadata.c:1497:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pv->id, pva->idp, sizeof(*pva->idp));
data/lvm2-2.03.10/lib/metadata/metadata.c:2257:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/metadata/metadata.c:2258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid2[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/metadata/metadata.c:3448:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vgid[ID_LEN + 1];
data/lvm2-2.03.10/lib/metadata/metadata.c:3557:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/metadata/metadata.c:4083:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, key, key_len);
data/lvm2-2.03.10/lib/metadata/metadata.c:4095:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char full_key[PATH_MAX];
data/lvm2-2.03.10/lib/metadata/metadata.c:4143:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char full_key[PATH_MAX];
data/lvm2-2.03.10/lib/metadata/metadata.c:4162:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char full_key[PATH_MAX];
data/lvm2-2.03.10/lib/metadata/metadata.c:4205:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mda_new, mda, sizeof(*mda));
data/lvm2-2.03.10/lib/metadata/metadata.c:4974:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuidstr[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/metadata/mirror.c:236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PATH_MAX];
data/lvm2-2.03.10/lib/metadata/mirror.c:597:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char layer_name[NAME_LEN], format[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/mirror.c:1136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char img_name[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/mirror.c:1494:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_name[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/pool_manip.c:491:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/pool_manip.c:746:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_name[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/pool_manip.c:775:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_name[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/pv_list.c:184:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_pvl, pvl, sizeof(*new_pvl));
data/lvm2-2.03.10/lib/metadata/pv_list.c:285:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_pvl, pvl, sizeof(*new_pvl));
data/lvm2-2.03.10/lib/metadata/pv_manip.c:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/lib/metadata/raid_manip.c:956:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NAME_LEN], *lvname;
data/lvm2-2.03.10/lib/metadata/raid_manip.c:996:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char img_name[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/raid_manip.c:2721:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_areas, seg->areas, seg->area_count * sizeof(*seg->areas));
data/lvm2-2.03.10/lib/metadata/raid_manip.c:2731:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_areas, seg->meta_areas,
data/lvm2-2.03.10/lib/metadata/raid_manip.c:5017:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sfx[SLV_COUNT] = { NULL, NULL };
data/lvm2-2.03.10/lib/metadata/raid_manip.c:5183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res_str[30];
data/lvm2-2.03.10/lib/metadata/raid_manip.c:6751:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tmp_names[raid_seg->area_count * 2];
data/lvm2-2.03.10/lib/metadata/raid_manip.c:6752:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_name_buf[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/vdo_manip.c:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/lib/metadata/vdo_manip.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[64];
data/lvm2-2.03.10/lib/metadata/vdo_manip.c:138:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDONLY)) < 0) {
data/lvm2-2.03.10/lib/metadata/vdo_manip.c:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_args[5][128];
data/lvm2-2.03.10/lib/metadata/vdo_manip.c:231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256]; /* buffer for short disk header (64B) */
data/lvm2-2.03.10/lib/metadata/vdo_manip.c:232:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[19] = { /* Max supported args */
data/lvm2-2.03.10/lib/metadata/writecache_manip.c:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvol_name[NAME_LEN];
data/lvm2-2.03.10/lib/metadata/writecache_manip.c:399:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/lvm2-2.03.10/lib/metadata/writecache_manip.c:416:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(list_item, buf, len);
data/lvm2-2.03.10/lib/mirror/mirrored.c:400:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vsn[80];
data/lvm2-2.03.10/lib/misc/lvm-exec.c:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX * 2];
data/lvm2-2.03.10/lib/misc/lvm-exec.c:121:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((null_fd = open("/dev/null", O_RDWR)) == -1) {
data/lvm2-2.03.10/lib/misc/lvm-exec.c:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX * 2];
data/lvm2-2.03.10/lib/misc/lvm-file.c:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[255];
data/lvm2-2.03.10/lib/misc/lvm-file.c:44:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(hostname, "nohostname");
data/lvm2-2.03.10/lib/misc/lvm-file.c:61:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*fd = open(buffer, O_CREAT | O_EXCL | O_WRONLY | O_APPEND,
data/lvm2-2.03.10/lib/misc/lvm-file.c:185:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(dir, O_RDONLY)) == -1) {
data/lvm2-2.03.10/lib/misc/lvm-file.c:231:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((lockfd = open(file, O_RDWR | O_CREAT, 0777)) < 0) {
data/lvm2-2.03.10/lib/misc/lvm-flock.c:119:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((*fd = open(file, O_CREAT | O_APPEND | O_RDWR, 0777)) < 0) {
data/lvm2-2.03.10/lib/misc/lvm-globals.c:37:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _log_command_info[40] = "";
data/lvm2-2.03.10/lib/misc/lvm-globals.c:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _log_command_file[40] = "";
data/lvm2-2.03.10/lib/misc/lvm-globals.c:39:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _cmd_name[30] = "none";
data/lvm2-2.03.10/lib/misc/lvm-globals.c:53:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _sysfs_dir_path[PATH_MAX] = "";
data/lvm2-2.03.10/lib/misc/lvm-wrappers.c:108:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/dev/urandom", O_RDONLY)) < 0) {
data/lvm2-2.03.10/lib/mm/memlock.c:143:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _procselfmaps[PATH_MAX] = "";
data/lvm2-2.03.10/lib/mm/memlock.c:166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *areas[max_areas];
data/lvm2-2.03.10/lib/mm/memlock.c:535:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(_maps_fd = open(_procselfmaps, O_RDONLY))) {
data/lvm2-2.03.10/lib/raid/raid.c:589:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char name[12];
data/lvm2-2.03.10/lib/report/report.c:889:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/lvm2-2.03.10/lib/report/report.c:2011:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NAME_LEN + strlen(HISTORICAL_LV_PREFIX) + 1];
data/lvm2-2.03.10/lib/report/report.c:2104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/lib/report/report.c:4361:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dummy_device.pvid, &pv->id, ID_LEN);
data/lvm2-2.03.10/lib/thin/thin.c:794:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char name[16];
data/lvm2-2.03.10/lib/uuid/uuid.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _inverse_c[256];
data/lvm2-2.03.10/lib/uuid/uuid.c:33:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lvid->id, vgid, sizeof(*lvid->id));
data/lvm2-2.03.10/lib/uuid/uuid.c:51:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lvid->id, vgid, sizeof(*lvid->id));
data/lvm2-2.03.10/lib/uuid/uuid.c:180:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, id->uuid + tot, group_size[i]);
data/lvm2-2.03.10/lib/uuid/uuid.h:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[2 * sizeof(struct id) + 1 + 7];
data/lvm2-2.03.10/libdaemon/server/daemon-server.c:110:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(oom_adj_path, "w"))) {
data/lvm2-2.03.10/libdaemon/server/daemon-server.c:335:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/dev/null", O_RDWR)) == -1) {
data/lvm2-2.03.10/libdm/datastruct/hash.c:23:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[0];
data/lvm2-2.03.10/libdm/datastruct/hash.c:65:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n->key, str, len);
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char deleted_path[PATH_MAX + sizeof(PROC_FD_DELETED_STR)];
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path_buf[PATH_MAX];
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char link_buf[PATH_MAX];
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:446:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (((fm->fd = open(fm->path, O_RDONLY)) < 0) && tries)
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:460:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(struct inotify_event) + NAME_MAX + 1]
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:566:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path_buf[PATH_MAX];
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:567:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char link_buf[PATH_MAX];
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:574:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(fm->path, O_RDONLY)) < 0)
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:609:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(link_buf, O_RDONLY)) < 0)
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:662:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((open("/dev/null", O_RDONLY) < 0) ||
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:663:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
(open("/dev/null", O_WRONLY) < 0) ||
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:664:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
(open("/dev/null", O_WRONLY) < 0)) {
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:781:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
} else if (fm->deleted && open)
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:138:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char name[14];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:256:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *_string_args[NUM_SWITCHES];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ttype[LINE_SIZE], *ptr, *comment;
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:393:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(file, "r"))) {
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:519:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uuid_prefix, uuid, len);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[5] = { NULL }; /* name,uuid,minor,flags,table */
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1350:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_int_args[MINOR_ARG] = atoi(fields[2]);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1936:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char otime_str[26], ctime_str[26];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1976:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[80];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:2100:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(argc) ? (uint32_t) atoi(argv[argc - 1]) : 0, 1);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:2310:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[PATH_MAX];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:2311:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *args[ARGS_MAX + 1];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:2669:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev_name[PATH_MAX];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:2742:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev_name[PATH_MAX];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:2985:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev_name[PATH_MAX];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:3260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev_name[PATH_MAX];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:3278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[5];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:3352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX], *repstr;
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:3460:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_MAX_TYPE_NAME], *repstr;
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:3518:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX], *repstr;
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4072:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4286:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4350:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4384:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4418:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4448:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4508:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4744:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
options = (char *) ((_switches[VERBOSE_ARG])
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4748:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
options = (char *) ((_switches[VERBOSE_ARG])
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4753:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
options = (char *) ((_switches[RELATIVE_ARG])
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:5441:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(abspath, O_RDONLY);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:6054:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(abspath, O_RDONLY);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:6614:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file, O_RDWR);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:6618:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file, O_RDONLY);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:6692:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
offset = atoi(optarg);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:6943:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_int_args[MAJOR_ARG] = atoi((*argvp)[1]);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:6944:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_int_args[MINOR_ARG] = atoi((*argvp)[2]);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:6988:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_int_args[AREAS_ARG] = atoi(optarg);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:7032:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_int_args[MAJOR_ARG] = atoi(optarg);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:7040:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_int_args[MINOR_ARG] = atoi(optarg);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:7064:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_int_args[REGION_ID_ARG] = atoi(optarg);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:7104:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_int_args[COUNT_ARG] = atoi(optarg);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:7124:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_int_args[GID_ARG] = atoi(optarg);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:7130:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_int_args[GROUP_ID_ARG] = atoi(optarg);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:7134:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_int_args[UID_ARG] = atoi(optarg);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:7163:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_int_args[INTERVAL_ARG] = atoi(optarg);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:7206:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_int_args[READAHEAD_ARG] = atoi(optarg);
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nm[256];
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:201:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fl = fopen(file, "r"))) {
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:407:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((_control_fd = open(control, O_RDWR)) < 0) {
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:419:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control[PATH_MAX];
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:574:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char libversion[64] = "", dmversion[64] = "";
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:837:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mangled_uuid[DM_UUID_LEN];
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1066:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_sp, &sp, sp_size);
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1760:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, buf, strlen(buf) + 1);
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1767:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_NAME_LEN];
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1794:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_UUID_LEN];
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:2222:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info, &new_info, offsetof(struct dm_info, deferred_remove));
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:2235:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info, &new_info, offsetof(struct dm_info, internal_suspend));
data/lvm2-2.03.10/libdm/libdevmapper.h:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[0];
data/lvm2-2.03.10/libdm/libdevmapper.h:181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[0];
data/lvm2-2.03.10/libdm/libdevmapper.h:2263:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((bs1) + 1, (bs2) + 1, ((*(bs2) / DM_BITS_PER_INT) + 1) * sizeof(int))
data/lvm2-2.03.10/libdm/libdevmapper.h:2949:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char id[DM_REPORT_FIELD_TYPE_ID_LEN];
data/lvm2-2.03.10/libdm/libdevmapper.h:2951:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char heading[DM_REPORT_FIELD_TYPE_HEADING_LEN];
data/lvm2-2.03.10/libdm/libdm-common.c:62:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _dm_dir[PATH_MAX] = DEV_DIR DM_DIR;
data/lvm2-2.03.10/libdm/libdm-common.c:63:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _sysfs_dir[PATH_MAX] = "/sys/";
data/lvm2-2.03.10/libdm/libdm-common.c:64:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _path0[PATH_MAX]; /* path buffer, safe 4kB on stack */
data/lvm2-2.03.10/libdm/libdm-common.c:68:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _default_uuid_prefix[DM_MAX_UUID_PREFIX_LEN + 1] = "LVM-";
data/lvm2-2.03.10/libdm/libdm-common.c:187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2 * PATH_MAX + 256]; /* big enough for most messages */
data/lvm2-2.03.10/libdm/libdm-common.c:211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2 * PATH_MAX + 256]; /* big enough for most messages */
data/lvm2-2.03.10/libdm/libdm-common.c:349:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/libdm/libdm-common.c:452:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[j], &str[i], 4);
data/lvm2-2.03.10/libdm/libdm-common.c:477:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&buf[j], "\\x%02x", (unsigned char) str[i]);
data/lvm2-2.03.10/libdm/libdm-common.c:511:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_rest[DM_NAME_LEN];
data/lvm2-2.03.10/libdm/libdm-common.c:561:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mangled_name[DM_NAME_LEN];
data/lvm2-2.03.10/libdm/libdm-common.c:606:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/lvm2-2.03.10/libdm/libdm-common.c:721:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_NAME_LEN];
data/lvm2-2.03.10/libdm/libdm-common.c:733:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_NAME_LEN];
data/lvm2-2.03.10/libdm/libdm-common.c:750:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_UUID_LEN];
data/lvm2-2.03.10/libdm/libdm-common.c:762:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_UUID_LEN];
data/lvm2-2.03.10/libdm/libdm-common.c:774:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mangled_name[DM_NAME_LEN];
data/lvm2-2.03.10/libdm/libdm-common.c:822:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mangled_uuid[DM_UUID_LEN];
data/lvm2-2.03.10/libdm/libdm-common.c:1041:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/libdm/libdm-common.c:1094:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/libdm/libdm-common.c:1119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldpath[PATH_MAX];
data/lvm2-2.03.10/libdm/libdm-common.c:1120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newpath[PATH_MAX];
data/lvm2-2.03.10/libdm/libdm-common.c:1207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/libdm/libdm-common.c:1212:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDONLY, 0)) < 0)
data/lvm2-2.03.10/libdm/libdm-common.c:1221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[24];
data/lvm2-2.03.10/libdm/libdm-common.c:1239:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(_path0, O_RDONLY, 0)) != -1) {
data/lvm2-2.03.10/libdm/libdm-common.c:1246:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*read_ahead = atoi(buf) * 2;
data/lvm2-2.03.10/libdm/libdm-common.c:1291:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[24];
data/lvm2-2.03.10/libdm/libdm-common.c:1319:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(_path0, O_WRONLY, 0)) != -1) {
data/lvm2-2.03.10/libdm/libdm-common.c:1446:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char names[0];
data/lvm2-2.03.10/libdm/libdm-common.c:1743:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char root[PATH_MAX + 1]; /* sscanf needs extra '\0' */
data/lvm2-2.03.10/libdm/libdm-common.c:1744:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[PATH_MAX + 1];
data/lvm2-2.03.10/libdm/libdm-common.c:1796:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2 * PATH_MAX];
data/lvm2-2.03.10/libdm/libdm-common.c:1797:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[PATH_MAX];
data/lvm2-2.03.10/libdm/libdm-common.c:1801:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(minfo = fopen(_mountinfo, "r"))) {
data/lvm2-2.03.10/libdm/libdm-common.c:1842:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(sysfs_path, "r"))) {
data/lvm2-2.03.10/libdm/libdm-common.c:1881:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(path, "r")))
data/lvm2-2.03.10/libdm/libdm-common.c:1898:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/libdm/libdm-common.c:2070:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysfs_path[PATH_MAX];
data/lvm2-2.03.10/libdm/libdm-common.c:2093:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysfs_path[PATH_MAX];
data/lvm2-2.03.10/libdm/libdm-common.c:2147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kernel_dev_name[PATH_MAX];
data/lvm2-2.03.10/libdm/libdm-common.c:2165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kernel_dev_name[PATH_MAX];
data/lvm2-2.03.10/libdm/libdm-common.c:2508:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/dev/urandom", O_RDONLY)) < 0) {
data/lvm2-2.03.10/libdm/libdm-config.c:238:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/lvm2-2.03.10/libdm/libdm-config.c:349:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char space[MAX_INDENT + 1];
data/lvm2-2.03.10/libdm/libdm-config.c:926:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, b, len);
data/lvm2-2.03.10/libdm/libdm-deptree.c:65:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char target[16];
data/lvm2-2.03.10/libdm/libdm-deptree.c:316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DM_NAME_LEN + 32]; /* print buffer for device_name (major:minor) */
data/lvm2-2.03.10/libdm/libdm-deptree.c:568:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_without_suffix[DM_UUID_LEN];
data/lvm2-2.03.10/libdm/libdm-deptree.c:1435:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/libdm/libdm-deptree.c:2054:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devbuf[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/libdm/libdm-deptree.c:2111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logbuf[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/libdm/libdm-deptree.c:2423:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/libdm/libdm-deptree.c:2424:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char metadata[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/libdm/libdm-deptree.c:2425:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origin[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/libdm/libdm-deptree.c:2483:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pool[DM_FORMAT_DEV_BUFSIZE], metadata[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/libdm/libdm-deptree.c:2513:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pool[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/libdm/libdm-deptree.c:2514:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char external[DM_FORMAT_DEV_BUFSIZE + 1];
data/lvm2-2.03.10/libdm/libdm-deptree.c:2541:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char originbuf[DM_FORMAT_DEV_BUFSIZE], cowbuf[DM_FORMAT_DEV_BUFSIZE];
data/lvm2-2.03.10/libdm/libdm-file.c:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/lvm2-2.03.10/libdm/libdm-file.c:149:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(lockfile, O_CREAT | O_WRONLY,
data/lvm2-2.03.10/libdm/libdm-file.c:243:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fd = open(lockfile, O_RDONLY)) < 0)
data/lvm2-2.03.10/libdm/libdm-report.c:917:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_canon[DM_REPORT_FIELD_TYPE_ID_LEN];
data/lvm2-2.03.10/libdm/libdm-report.c:975:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field_canon[DM_REPORT_FIELD_TYPE_ID_LEN];
data/lvm2-2.03.10/libdm/libdm-report.c:1074:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_canon[DM_REPORT_FIELD_TYPE_ID_LEN];
data/lvm2-2.03.10/libdm/libdm-report.c:1216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char canonical_field[DM_REPORT_FIELD_TYPE_ID_LEN];
data/lvm2-2.03.10/libdm/libdm-report.c:3523:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, v, len);
data/lvm2-2.03.10/libdm/libdm-stats.c:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[STATS_ROW_BUF_LEN];
data/lvm2-2.03.10/libdm/libdm-stats.c:145:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(comm = fopen(PROC_SELF_COMM, "r")))
data/lvm2-2.03.10/libdm/libdm-stats.c:990:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[STATS_ROW_BUF_LEN];
data/lvm2-2.03.10/libdm/libdm-stats.c:1096:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[STATS_MSG_BUF_LEN];
data/lvm2-2.03.10/libdm/libdm-stats.c:1227:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char row[STATS_ROW_BUF_LEN];
data/lvm2-2.03.10/libdm/libdm-stats.c:1887:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[STATS_MSG_BUF_LEN];
data/lvm2-2.03.10/libdm/libdm-stats.c:1931:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[STATS_MSG_BUF_LEN], range[RANGE_LEN], *endptr = NULL;
data/lvm2-2.03.10/libdm/libdm-stats.c:2073:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[STATS_MSG_BUF_LEN];
data/lvm2-2.03.10/libdm/libdm-stats.c:2162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[STATS_MSG_BUF_LEN];
data/lvm2-2.03.10/libdm/libdm-stats.c:2189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[STATS_MSG_BUF_LEN], lines[RANGE_LEN];
data/lvm2-2.03.10/libdm/libdm-stats.c:3679:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bound_buf[BOUNDS_LEN];
data/lvm2-2.03.10/libdm/libdm-stats.c:3739:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BOUNDS_LEN], bounds_buf[BOUNDS_LEN];
data/lvm2-2.03.10/libdm/libdm-stats.c:4952:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fd_str[8], group_str[8], fg_str[2], verb_str[2];
data/lvm2-2.03.10/libdm/libdm-stats.c:4954:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[NR_FILEMAPD_ARGS + 1];
data/lvm2-2.03.10/libdm/misc/dm-ioctl.h:144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[DM_NAME_LEN]; /* device name */
data/lvm2-2.03.10/libdm/misc/dm-ioctl.h:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[DM_UUID_LEN]; /* unique identifier for
data/lvm2-2.03.10/libdm/misc/dm-ioctl.h:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[7]; /* padding or data */
data/lvm2-2.03.10/libdm/misc/dm-ioctl.h:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target_type[DM_MAX_TYPE_NAME];
data/lvm2-2.03.10/libdm/misc/dm-ioctl.h:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[0];
data/lvm2-2.03.10/libdm/misc/dm-ioctl.h:206:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[0];
data/lvm2-2.03.10/libdm/misc/dm-ioctl.h:215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[0];
data/lvm2-2.03.10/libdm/misc/dm-log-userspace.h:405:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[DM_UUID_LEN];
data/lvm2-2.03.10/libdm/misc/dm-log-userspace.h:406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padding[3]; /* Padding because DM_UUID_LEN = 129 */
data/lvm2-2.03.10/libdm/mm/dbg_malloc.c:213:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r, p, mb->length);
data/lvm2-2.03.10/libdm/mm/dbg_malloc.c:224:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[32];
data/lvm2-2.03.10/libdm/mm/pool-debug.c:249:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->data, p->object->data, p->object->size);
data/lvm2-2.03.10/libdm/mm/pool-debug.c:255:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)new->data + new_size - delta, extra, delta);
data/lvm2-2.03.10/libdm/mm/pool-fast.c:219:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->chunk->begin, c->begin, p->object_len);
data/lvm2-2.03.10/libdm/mm/pool-fast.c:232:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c->begin + p->object_len, extra, delta);
data/lvm2-2.03.10/libdm/mm/pool.c:55:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, str, len);
data/lvm2-2.03.10/libdm/mm/pool.c:68:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, str, len);
data/lvm2-2.03.10/libdm/regex/parse_rx.c:543:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(left_cat, RIGHT(left_cat), sizeof(*left_cat));
data/lvm2-2.03.10/libdm/regex/parse_rx.c:544:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(right_cat, RIGHT(right_cat), sizeof(*right_cat));
data/lvm2-2.03.10/scripts/generator-internals.c:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/lvm2-2.03.10/scripts/lvm2_activation_generator_systemd_red_hat.c:26:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_kmsg_fd = open(KMSG_DEV_PATH, O_WRONLY | O_NOCTTY);
data/lvm2-2.03.10/scripts/lvm2_activation_generator_systemd_red_hat.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[PATH_MAX + 30]; /* +3 for '<n>' where n is the log level and +27 for lvm2-activation-generator: " prefix */
data/lvm2-2.03.10/scripts/lvm2_activation_generator_systemd_red_hat.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit_path[PATH_MAX];
data/lvm2-2.03.10/scripts/lvm2_activation_generator_systemd_red_hat.c:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target_path[PATH_MAX];
data/lvm2-2.03.10/scripts/lvm2_activation_generator_systemd_red_hat.c:127:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen(gen->unit_path, "wxe"))) {
data/lvm2-2.03.10/test/lib/brick-shelltest.h:112:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open( n.c_str(), O_WRONLY );
data/lvm2-2.03.10/test/lib/brick-shelltest.h:452:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open( file.c_str(), O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC, 0644 );
data/lvm2-2.03.10/test/lib/brick-shelltest.h:454:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open( file.c_str(), O_WRONLY | O_CREAT | O_TRUNC, 0644 );
data/lvm2-2.03.10/test/lib/brick-shelltest.h:484:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 128 * 1024 ];
data/lvm2-2.03.10/test/lib/brick-shelltest.h:529:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open( file.c_str(), O_RDONLY | O_CLOEXEC | O_NONBLOCK );
data/lvm2-2.03.10/test/lib/brick-shelltest.h:531:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open( file.c_str(), O_RDONLY | O_NONBLOCK );
data/lvm2-2.03.10/test/lib/brick-shelltest.h:561:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( fd = open(read_msg, O_RDONLY | O_NONBLOCK)) < 0 ) {
data/lvm2-2.03.10/test/lib/brick-shelltest.h:581:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ buffer_size ];
data/lvm2-2.03.10/test/lib/brick-shelltest.h:708:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int devnull = ::open( "/dev/null", O_RDONLY );
data/lvm2-2.03.10/test/lib/brick-shelltest.h:1162:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[PATH_MAX];
data/lvm2-2.03.10/test/lib/brick-shelltest.h:1304:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opt.timeout = atoi( args.opt( "--timeout" ).c_str() );
data/lvm2-2.03.10/test/lib/dmsecuretest.c:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char table[300];
data/lvm2-2.03.10/test/lib/harness.c:67:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char testdirdebug[PATH_MAX];
data/lvm2-2.03.10/test/lib/harness.c:193:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(readbuf + readbuf_used, buf, len);
data/lvm2-2.03.10/test/lib/harness.c:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stamp_buf[32]; /* Bigger to always fit both numbers */
data/lvm2-2.03.10/test/lib/harness.c:234:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2 * 1024 * 1024 + 1]; /* try to capture large sysrq trace */
data/lvm2-2.03.10/test/lib/harness.c:277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024 * 1024 + 1];
data/lvm2-2.03.10/test/lib/harness.c:287:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[100];
data/lvm2-2.03.10/test/lib/harness.c:290:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int p = sprintf(buf, "%2d:%02d", t / 60, t % 60);
data/lvm2-2.03.10/test/lib/harness.c:293:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf + p, " %2ld:%02ld.%03ld/%ld:%02ld.%03ld%5ld%8ld/%ld",
data/lvm2-2.03.10/test/lib/harness.c:368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flavour[512], script[512];
data/lvm2-2.03.10/test/lib/harness.c:398:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/lvm2-2.03.10/test/lib/harness.c:399:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outpath[PATH_MAX];
data/lvm2-2.03.10/test/lib/harness.c:419:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(outfile = fopen(outpath, "w")))
data/lvm2-2.03.10/test/lib/harness.c:423:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd_kmsg = open("/dev/kmsg", O_RDONLY | O_NONBLOCK)) < 0) {
data/lvm2-2.03.10/test/lib/harness.c:501:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
(fd_debuglog = open(testdirdebug, O_RDONLY)) != -1) {
data/lvm2-2.03.10/test/lib/harness.c:533:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char results_list[PATH_MAX];
data/lvm2-2.03.10/test/lib/harness.c:549:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
verbose = atoi(be_verbose);
data/lvm2-2.03.10/test/lib/harness.c:552:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
interactive = atoi(be_interactive);
data/lvm2-2.03.10/test/lib/harness.c:555:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
quiet = atoi(be_quiet);
data/lvm2-2.03.10/test/lib/harness.c:558:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
write_timeout = atoi(be_write_timeout) * 2;
data/lvm2-2.03.10/test/lib/harness.c:605:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((list = fopen(results_list, "w"))) {
data/lvm2-2.03.10/test/unit/activation-generator_t.c:179:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(path, "w");
data/lvm2-2.03.10/test/unit/bcache_utils_t.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[32];
data/lvm2-2.03.10/test/unit/bcache_utils_t.c:68:10: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
f->fd = mkstemp(f->fname);
data/lvm2-2.03.10/test/unit/bcache_utils_t.c:80:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f->fd = open(f->fname, O_RDWR | O_DIRECT);
data/lvm2-2.03.10/test/unit/io_engine_t.c:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[64];
data/lvm2-2.03.10/test/unit/io_engine_t.c:89:10: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
f->fd = mkstemp(f->fname);
data/lvm2-2.03.10/test/unit/io_engine_t.c:168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_out[32];
data/lvm2-2.03.10/test/unit/io_engine_t.c:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_in[32];
data/lvm2-2.03.10/test/unit/percent_t.c:23:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/lvm2-2.03.10/test/unit/percent_t.c:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/lvm2-2.03.10/test/unit/string_t.c:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(st)];
data/lvm2-2.03.10/tools/command.c:337:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_LINE_ARGC];
data/lvm2-2.03.10/tools/command.c:365:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char long_name[MAX_LONG_OPT_NAME_LEN];
data/lvm2-2.03.10/tools/command.c:488:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LVTYPE_LEN];
data/lvm2-2.03.10/tools/command.c:489:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAX_LINE_ARGC];
data/lvm2-2.03.10/tools/command.c:631:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAX_LINE_ARGC];
data/lvm2-2.03.10/tools/command.c:671:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAX_LINE_ARGC];
data/lvm2-2.03.10/tools/command.c:704:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
def->num = (uint64_t)atoi(name);
data/lvm2-2.03.10/tools/command.c:802:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[OO_NAME_LEN];
data/lvm2-2.03.10/tools/command.c:828:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *line_argv[MAX_LINE_ARGC];
data/lvm2-2.03.10/tools/command.c:1084:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *line_argv[MAX_LINE_ARGC];
data/lvm2-2.03.10/tools/command.c:1174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *line_argv[MAX_LINE_ARGC];
data/lvm2-2.03.10/tools/command.c:1398:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAX_LINE];
data/lvm2-2.03.10/tools/command.c:1399:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line_orig[MAX_LINE];
data/lvm2-2.03.10/tools/command.c:1400:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *line_argv[MAX_LINE_ARGC];
data/lvm2-2.03.10/tools/command.c:1429:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line_orig, line, sizeof(line));
data/lvm2-2.03.10/tools/command.c:1692:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_LINE] = {0};
data/lvm2-2.03.10/tools/command.c:2219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *line_argv[MAX_LINE_ARGC];
data/lvm2-2.03.10/tools/command.c:2391:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char long_opt_name[LONG_OPT_NAME_LEN];
data/lvm2-2.03.10/tools/command.c:2986:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DESC_LINE];
data/lvm2-2.03.10/tools/command.c:3308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DESC_LINE] = {0};
data/lvm2-2.03.10/tools/command.c:3346:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str_upper[32];
data/lvm2-2.03.10/tools/command.c:3366:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(des_file, O_RDONLY)) < 0) {
data/lvm2-2.03.10/tools/command.h:231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _padding[7];
data/lvm2-2.03.10/tools/lvchange.c:1439:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char snaps_msg[128];
data/lvm2-2.03.10/tools/lvconvert.c:303:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lv_full_name[NAME_LEN];
data/lvm2-2.03.10/tools/lvconvert.c:379:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[NAME_LEN], layer_name[NAME_LEN];
data/lvm2-2.03.10/tools/lvconvert.c:1174:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char raidlv_name[len + 1];
data/lvm2-2.03.10/tools/lvconvert.c:1877:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvol_name[NAME_LEN];
data/lvm2-2.03.10/tools/lvconvert.c:1950:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NAME_LEN];
data/lvm2-2.03.10/tools/lvconvert.c:2334:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[MAX_PDATA_ARGS + 7]; /* Max supported args */
data/lvm2-2.03.10/tools/lvconvert.c:2336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char meta_path[PATH_MAX];
data/lvm2-2.03.10/tools/lvconvert.c:2337:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pms_path[PATH_MAX];
data/lvm2-2.03.10/tools/lvconvert.c:2532:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[MAX_PDATA_ARGS + 7]; /* Max supported args */
data/lvm2-2.03.10/tools/lvconvert.c:2534:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char meta_path[PATH_MAX];
data/lvm2-2.03.10/tools/lvconvert.c:2535:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pms_path[PATH_MAX];
data/lvm2-2.03.10/tools/lvconvert.c:2858:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char meta_name[NAME_LEN];
data/lvm2-2.03.10/tools/lvconvert.c:3013:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char meta_name[NAME_LEN]; /* generated sub lv name */
data/lvm2-2.03.10/tools/lvconvert.c:3014:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_name[NAME_LEN]; /* generated sub lv name */
data/lvm2-2.03.10/tools/lvconvert.c:3015:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char converted_names[3*NAME_LEN]; /* preserve names of converted lv */
data/lvm2-2.03.10/tools/lvconvert.c:3070:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lockd_data_id, &lv->lvid.id[1], sizeof(struct id));
data/lvm2-2.03.10/tools/lvconvert.c:3109:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lockd_meta_id, &metadata_lv->lvid.id[1], sizeof(struct id));
data/lvm2-2.03.10/tools/lvconvert.c:3494:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvol_name[NAME_LEN];
data/lvm2-2.03.10/tools/lvconvert.c:3526:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lockd_fast_id, &lv_fast->lvid.id[1], sizeof(struct id));
data/lvm2-2.03.10/tools/lvconvert.c:4269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvname[NAME_LEN];
data/lvm2-2.03.10/tools/lvconvert.c:4270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[NAME_LEN];
data/lvm2-2.03.10/tools/lvconvert.c:4275:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dev_argv[MAX_CACHEDEVS];
data/lvm2-2.03.10/tools/lvconvert.c:5595:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&seg->writecache_settings, settings, sizeof(struct writecache_settings));
data/lvm2-2.03.10/tools/lvconvert.c:5611:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[PATH_MAX];
data/lvm2-2.03.10/tools/lvconvert.c:5786:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvol_name[NAME_LEN];
data/lvm2-2.03.10/tools/lvconvert.c:5880:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lockd_fast_id, &lv_fast->lvid.id[1], sizeof(struct id));
data/lvm2-2.03.10/tools/lvcreate.c:1596:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NAME_LEN + 128];
data/lvm2-2.03.10/tools/lvm.c:94:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[3];
data/lvm2-2.03.10/tools/lvm.c:100:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "-%c", c);
data/lvm2-2.03.10/tools/lvm.c:158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hist_file[PATH_MAX];
data/lvm2-2.03.10/tools/lvm.c:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hist_file[PATH_MAX];
data/lvm2-2.03.10/tools/lvmcmdlib.c:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[MAX_ARGS], **argv, *cmdcopy = NULL;
data/lvm2-2.03.10/tools/lvmcmdline.c:1644:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opts_msg[MAX_OPTS_MSG];
data/lvm2-2.03.10/tools/lvmcmdline.c:1645:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char check_opts_msg[MAX_OPTS_MSG];
data/lvm2-2.03.10/tools/lvmcmdline.c:2190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[((ARG_COUNT + 1) * 2) + 1], *ptr = str;
data/lvm2-2.03.10/tools/lvmcmdline.c:2352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vsn[80];
data/lvm2-2.03.10/tools/lvmcmdline.c:3247:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
!(stdin = fopen(_PATH_DEVNULL, "r"))) {
data/lvm2-2.03.10/tools/lvmcmdline.c:3257:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
!(stdout = fopen(_PATH_DEVNULL, "w"))) {
data/lvm2-2.03.10/tools/lvmcmdline.c:3265:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
!(stderr = fopen(_PATH_DEVNULL, "w"))) {
data/lvm2-2.03.10/tools/lvmcmdline.c:3309:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _proc_cmdline[32];
data/lvm2-2.03.10/tools/lvmcmdline.c:3310:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/lvm2-2.03.10/tools/lvmcmdline.c:3315:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(buf, O_RDONLY)) >= 0) {
data/lvm2-2.03.10/tools/lvmcmdline.c:3330:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char filename[PATH_MAX];
data/lvm2-2.03.10/tools/lvmcmdline.c:3331:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32]; /* Assumes short DEFAULT_PROC_DIR */
data/lvm2-2.03.10/tools/lvmcmdline.c:3420:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fd = atoi(dirent->d_name);
data/lvm2-2.03.10/tools/lvmcmdline.c:3479:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CMD_LEN];
data/lvm2-2.03.10/tools/lvmcmdline.c:3484:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((script = fopen(script_file, "r")) == NULL)
data/lvm2-2.03.10/tools/pvchange.c:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/pvchange.c:150:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pv->old_id, &pv->id, sizeof(pv->id));
data/lvm2-2.03.10/tools/pvck.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vgid_str[ID_STR_SIZE];
data/lvm2-2.03.10/tools/pvck.c:120:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
ret = sprintf(tmp+off, "%x", *i & 0xFF);
data/lvm2-2.03.10/tools/pvck.c:125:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, tmp, 256);
data/lvm2-2.03.10/tools/pvck.c:235:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_buf, buf+start, len_a);
data/lvm2-2.03.10/tools/pvck.c:236:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_buf+len_a, buf+512, len_b);
data/lvm2-2.03.10/tools/pvck.c:238:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_buf, buf+start, new_len);
data/lvm2-2.03.10/tools/pvck.c:286:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc_line[MAX_DESC];
data/lvm2-2.03.10/tools/pvck.c:345:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/tools/pvck.c:368:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((def->fd = open(path, O_RDONLY)) < 0) {
data/lvm2-2.03.10/tools/pvck.c:403:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAX_LINE_CHECK];
data/lvm2-2.03.10/tools/pvck.c:404:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vgname[NAME_LEN+1];
data/lvm2-2.03.10/tools/pvck.c:405:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id_str[ID_STR_SIZE];
data/lvm2-2.03.10/tools/pvck.c:406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id_first[ID_STR_SIZE];
data/lvm2-2.03.10/tools/pvck.c:424:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(tofile, "wx"))) {
data/lvm2-2.03.10/tools/pvck.c:508:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vgname, line, vgnamelen);
data/lvm2-2.03.10/tools/pvck.c:522:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id_str, line + 6, 38);
data/lvm2-2.03.10/tools/pvck.c:721:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/lvm2-2.03.10/tools/pvck.c:863:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(tofile, "wx"))) {
data/lvm2-2.03.10/tools/pvck.c:983:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(tofile, "wx"))) {
data/lvm2-2.03.10/tools/pvck.c:1014:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/lvm2-2.03.10/tools/pvck.c:1015:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/lvm2-2.03.10/tools/pvck.c:1263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/lvm2-2.03.10/tools/pvck.c:1264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/lvm2-2.03.10/tools/pvck.c:1822:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&set->pvid, val, 32);
data/lvm2-2.03.10/tools/pvck.c:1848:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[64];
data/lvm2-2.03.10/tools/pvck.c:1849:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[64];
data/lvm2-2.03.10/tools/pvck.c:1900:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/lvm2-2.03.10/tools/pvck.c:1992:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pvid_use, &pvid_cur, ID_LEN);
data/lvm2-2.03.10/tools/pvck.c:1998:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pvid_set, &set->pvid, ID_LEN);
data/lvm2-2.03.10/tools/pvck.c:1999:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pvid_use, &pvid_set, ID_LEN);
data/lvm2-2.03.10/tools/pvck.c:2007:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pvid_use, &pvid_set, ID_LEN);
data/lvm2-2.03.10/tools/pvck.c:2069:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pvid, &pvl->pv->id, ID_LEN);
data/lvm2-2.03.10/tools/pvck.c:2085:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/lvm2-2.03.10/tools/pvck.c:2111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[256];
data/lvm2-2.03.10/tools/pvck.c:2217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char head_buf[512];
data/lvm2-2.03.10/tools/pvck.c:2348:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pvid, &set->pvid, ID_LEN);
data/lvm2-2.03.10/tools/pvck.c:2415:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pvh->pv_uuid, &pvid, ID_LEN);
data/lvm2-2.03.10/tools/pvck.c:2501:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buf[512];
data/lvm2-2.03.10/tools/pvck.c:2690:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAX_META_LINE];
data/lvm2-2.03.10/tools/pvck.c:2691:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line2[MAX_META_LINE];
data/lvm2-2.03.10/tools/pvck.c:2721:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(text_buf, line, len);
data/lvm2-2.03.10/tools/pvck.c:2759:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(text_buf + text_pos, line2, len2);
data/lvm2-2.03.10/tools/pvck.c:2771:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(text_buf + text_pos, back_buf, pre_len);
data/lvm2-2.03.10/tools/pvck.c:2811:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(input, O_RDONLY)) < 0) {
data/lvm2-2.03.10/tools/pvck.c:2856:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(tofile, "wx"))) {
data/lvm2-2.03.10/tools/pvck.c:2923:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mf->vgid_str, vgid + 6, 38);
data/lvm2-2.03.10/tools/pvck.c:2948:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(mf->filename, O_RDONLY)) < 0) {
data/lvm2-2.03.10/tools/pvmove.c:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sublv_name[NAME_LEN];
data/lvm2-2.03.10/tools/pvscan.c:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[40] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/pvscan.c:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_PVID_FILE_SIZE];
data/lvm2-2.03.10/tools/pvscan.c:207:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, O_RDONLY);
data/lvm2-2.03.10/tools/pvscan.c:246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/tools/pvscan.c:269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/tools/pvscan.c:270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_vgname[NAME_LEN];
data/lvm2-2.03.10/tools/pvscan.c:308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/tools/pvscan.c:330:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/tools/pvscan.c:331:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_PVID_FILE_SIZE];
data/lvm2-2.03.10/tools/pvscan.c:332:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_vgname[NAME_LEN];
data/lvm2-2.03.10/tools/pvscan.c:368:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, O_CREAT | O_EXCL | O_RDWR, S_IRUSR | S_IWUSR);
data/lvm2-2.03.10/tools/pvscan.c:431:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/tools/pvscan.c:877:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/tools/pvscan.c:887:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, O_CREAT | O_EXCL | O_TRUNC | O_RDWR, S_IRUSR | S_IWUSR);
data/lvm2-2.03.10/tools/pvscan.c:935:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/lvm2-2.03.10/tools/pvscan.c:936:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_vgname[NAME_LEN];
data/lvm2-2.03.10/tools/pvscan.c:937:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuidstr[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/reporter.c:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char report_prefix[32];
data/lvm2-2.03.10/tools/toollib.c:84:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((null_fd = open(devnull, O_RDWR)) == -1) {
data/lvm2-2.03.10/tools/toollib.c:1306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[64];
data/lvm2-2.03.10/tools/toollib.c:1307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[64];
data/lvm2-2.03.10/tools/toollib.c:1867:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/toollib.c:1988:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/toollib.c:2053:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/toollib.c:2717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/lvm2-2.03.10/tools/toollib.c:2950:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lv_uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/toollib.c:2951:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/toollib.c:3538:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/toollib.c:4079:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dummy_vg.id, vgid, ID_LEN);
data/lvm2-2.03.10/tools/toollib.c:4108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pv_uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/toollib.c:4109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/toollib.c:4272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/toollib.c:4537:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pv_uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/toollib.c:4538:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vg_uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/toollib.c:4726:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pvid[ID_LEN + 1];
data/lvm2-2.03.10/tools/vgcfgrestore.c:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vgname_buf[DM_NAME_LEN * 2];
data/lvm2-2.03.10/tools/vgchange.c:399:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lvl->lv->lvid, &vg->id, sizeof(vg->id));
data/lvm2-2.03.10/tools/vgimportclone.c:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/vgimportclone.c:173:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&new_pvl->pv->old_id, &new_pvl->pv->id, sizeof(new_pvl->pv->id));
data/lvm2-2.03.10/tools/vgimportclone.c:182:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lvl->lv->lvid, &vg->id, sizeof(vg->id));
data/lvm2-2.03.10/tools/vgimportclone.c:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base_vgname[NAME_LEN] = { 0 };
data/lvm2-2.03.10/tools/vgimportclone.c:204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_vgname[NAME_LEN] = { 0 };
data/lvm2-2.03.10/tools/vgmerge.c:119:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/vgreduce.c:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[64] __attribute__((aligned(8)));
data/lvm2-2.03.10/tools/vgrename.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char old_path[PATH_MAX];
data/lvm2-2.03.10/tools/vgrename.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_path[PATH_MAX];
data/lvm2-2.03.10/base/data-struct/hash.c:199:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return dm_hash_lookup_binary(t, key, strlen(key) + 1);
data/lvm2-2.03.10/base/data-struct/hash.c:204:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return dm_hash_insert_binary(t, key, strlen(key) + 1, data);
data/lvm2-2.03.10/base/data-struct/hash.c:209:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dm_hash_remove_binary(t, key, strlen(key) + 1);
data/lvm2-2.03.10/base/data-struct/hash.c:240:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(key) + 1;
data/lvm2-2.03.10/base/data-struct/hash.c:273:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = _find_str_with_val(t, key, val, strlen(key) + 1, val_len);
data/lvm2-2.03.10/base/data-struct/hash.c:287:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = _find_str_with_val(t, key, val, strlen(key) + 1, val_len);
data/lvm2-2.03.10/base/data-struct/hash.c:313:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t len = strlen(key) + 1;
data/lvm2-2.03.10/daemons/cmirrord/clogd.c:229:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:234:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:413:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new->uuid, entry->name.value, entry->name.length);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:487:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(cp->recovering_region) + 1;
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:506:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:535:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:564:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:591:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(cp->recovering_region) + 1);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:594:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:624:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rq->u_rq.uuid, cp->uuid, CPG_MAX_NAME_LENGTH);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:656:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rq->u_rq.uuid, cp->uuid, CPG_MAX_NAME_LENGTH);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:668:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(cp->recovering_region));
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:707:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:722:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:736:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:763:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:776:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:802:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:1579:17: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:1591:17: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:1633:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = ((strlen(uuid) + 1) > CPG_MAX_NAME_LENGTH) ?
data/lvm2-2.03.10/daemons/cmirrord/cluster.c:1634:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CPG_MAX_NAME_LENGTH : (strlen(uuid) + 1);
data/lvm2-2.03.10/daemons/cmirrord/functions.c:219:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(lc->disk_fd, lc->disk_buffer, lc->disk_size);
data/lvm2-2.03.10/daemons/cmirrord/functions.c:568:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rq->data) > rq->data_size) {
data/lvm2-2.03.10/daemons/cmirrord/functions.c:571:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(rq->data),
data/lvm2-2.03.10/daemons/cmirrord/functions.c:574:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rq->data, (int)strlen(rq->data));
data/lvm2-2.03.10/daemons/cmirrord/functions.c:593:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p) + 1;
data/lvm2-2.03.10/daemons/cmirrord/functions.c:594:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < argc; i++, p = p + strlen(p) + 1)
data/lvm2-2.03.10/daemons/cmirrord/functions.c:1755:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(outbuf + strlen(outbuf), " %.2X", (unsigned char)buf[i]);
data/lvm2-2.03.10/daemons/cmirrord/logging.h:21:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define SHORT_UUID(x) (strlen(x) > 8) ? ((x) + (strlen(x) - 8)) : (x)
data/lvm2-2.03.10/daemons/cmirrord/logging.h:21:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define SHORT_UUID(x) (strlen(x) > 8) ? ((x) + (strlen(x) - 8)) : (x)
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:526:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ((len = strlen(*src))) {
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:697:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(message_data->id);
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:707:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffers[j]);
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:1062:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100); /* Avoid busy loop, wait without mutex */
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:1503:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(fifos->client, buf + bytes, size - bytes);
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:1690:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((msg.size = strlen(reg))) {
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:2081:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
message += strlen(message) + 1;
data/lvm2-2.03.10/daemons/dmeventd/dmeventd.c:2118:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10);
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c:252:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(fifos->server, buf + bytes, size);
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c:316:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(fifos->server, drainbuf, sizeof(drainbuf));
data/lvm2-2.03.10/daemons/dmeventd/libdevmapper-event.c:717:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*src += strlen(ret) + 1;
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:247:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(line, "info=structs ", strlen("info=structs "))) {
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:250:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp(line, "info=client ", strlen("info=client "))) {
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:253:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp(line, "info=ls ", strlen("info=ls "))) {
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:256:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp(line, "info=ls_action ", strlen("info=ls_action "))) {
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:259:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp(line, "info=r ", strlen("info=r "))) {
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:269:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp(line, "info=lk ", strlen("info=lk "))) {
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:273:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp(line, "info=r_action ", strlen("info=r_action "))) {
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockctl.c:378:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dump_addrlen = sizeof(sa_family_t) + strlen(dump_addr.sun_path+1) + 1;
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:786:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(version, args, MAX_ARGS);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:900:8: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(adopt_line, "VG: %63s %64s %16s %64s",
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2286:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(r->name, R_NAME_GL, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2289:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(r->name, R_NAME_VG, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2292:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(r->name, act->lv_uuid, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2653:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(LOCK_RETRY_MS * 1000);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2771:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp_name+4, ls->name, sizeof(tmp_name)-4);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2835:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(vg_name) + 4 > MAX_NAME) {
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2877:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ls->name, ls_name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2884:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ls->vg_uuid, vg_uuid, 64);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2887:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ls->vg_name, vg_name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2890:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ls->vg_args, vg_args, MAX_ARGS);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:2903:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(r->name, R_NAME_VG, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:3388:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(gl_lsname_sanlock, ls->name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:4319:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dump_addrlen = sizeof(sa_family_t) + strlen(dump_addr.sun_path+1) + 1;
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:4347:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(RESEND_DELAY_US);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:4696:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cl->name, cl_name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:4726:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(act->vg_name, vg_name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:4729:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(act->vg_uuid, vg_uuid, 64);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:4732:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(act->vg_sysid, vg_sysid, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:4736:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(act->lv_name, str, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:4740:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(act->lv_uuid, str, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:4748:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(act->vg_args, str, MAX_ARGS);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:4752:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(act->lv_args, str, MAX_ARGS);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5037:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(_dm_uuid, uuid, sizeof(_dm_uuid)-1);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5069:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0, j = 0; i < strlen(lv_lock_uuid); i++) {
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5140:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(namebuf, names->name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5406:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(act->vg_name, ls->vg_name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5497:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(act->vg_name, ls->vg_name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5498:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(act->lv_uuid, r->name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5499:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(act->lv_args, r->lv_args, MAX_ARGS);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5525:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(act->vg_name, ls->vg_name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-core.c:5836:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(restart_fds[0], wake, 1);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:115:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, clustername, MAX_ARGS);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:149:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(clustername) + strlen(lock_args_version) + 2 > MAX_ARGS) {
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:149:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(clustername) + strlen(lock_args_version) + 2 > MAX_ARGS) {
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:300:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r->name, strlen(r->name),
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:397:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r->name, strlen(r->name), 0,
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:500:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r->name, strlen(r->name),
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:512:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r->name, strlen(r->name),
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:585:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r->name, strlen(r->name),
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:664:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r->name, strlen(r->name),
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:754:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(de->d_name, LVM_LS_PREFIX, strlen(LVM_LS_PREFIX)))
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:764:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ls->name, de->d_name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:765:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ls->vg_name, ls->name + strlen(LVM_LS_PREFIX), MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:765:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(ls->vg_name, ls->name + strlen(LVM_LS_PREFIX), MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:801:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, act->path, strlen(act->path));
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:801:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(path, act->path, strlen(act->path));
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:836:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rv = dlmc_run_start(command, strlen(command), 0,
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-dlm.c:862:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rv = dlmc_run_check(act->path, strlen(act->path), 0,
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:363:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len = strlen(buf)) && buf[len - 1] == '\n')
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:366:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf))
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:537:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(lock_lv_name) + strlen(lock_args_version) + 2 > MAX_ARGS)
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:537:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(lock_lv_name) + strlen(lock_args_version) + 2 > MAX_ARGS)
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:547:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(gl_lsname_sanlock, ls_name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:577:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ss.name, ls_name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:610:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.name, gl_name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:625:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.name, R_NAME_VG, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:640:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(gl_lsname_sanlock, ls_name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:659:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.lockspace_name, ls_name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:728:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.lockspace_name, ls_name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:803:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.name, lv_name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:902:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ss.name, ls_name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:927:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.lockspace_name, ss.name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:952:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.lockspace_name, ss.name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:986:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.lockspace_name, ss.name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1046:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd1.rs.lockspace_name, ls->name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1047:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd1.rs.name, R_NAME_GL, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1049:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd2.rs.lockspace_name, ls->name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1050:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd2.rs.name, R_NAME_GL_DISABLED, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1053:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd1.rs.disks[0].path, lms->ss.host_id_disk.path, SANLK_PATH_LEN-1);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1115:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.lockspace_name, ls->name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1116:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.name, gl_name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1119:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.disks[0].path, lms->ss.host_id_disk.path, SANLK_PATH_LEN-1);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1136:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(gl_lsname_sanlock, ls->name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1156:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.lockspace_name, ls->name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1161:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.disks[0].path, lms->ss.host_id_disk.path, SANLK_PATH_LEN-1);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1227:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.lockspace_name, ls->name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1229:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rd.rs.disks[0].path, lms->ss.host_id_disk.path, SANLK_PATH_LEN-1);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1409:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lsname, ls->name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1414:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lms->ss.host_id_disk.path, disk_path, SANLK_PATH_LEN-1);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1418:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(gl_lsname_sanlock, lsname, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1492:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(gl_lsname_sanlock, lsname, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1581:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(lms->ss.name, "#unused", SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1609:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rds->rs.lockspace_name, ls->name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:1610:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rds->rs.name, r->name, SANLK_NAME_LEN);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:2225:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(ss->name, LVM_LS_PREFIX, strlen(LVM_LS_PREFIX)))
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:2233:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ls->name, ss->name, MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:2234:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ls->vg_name, ss->name + strlen(LVM_LS_PREFIX), MAX_NAME);
data/lvm2-2.03.10/daemons/lvmlockd/lvmlockd-sanlock.c:2234:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(ls->vg_name, ss->name + strlen(LVM_LS_PREFIX), MAX_NAME);
data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-cmd-utils.c:114:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(*tmp, exclude, strlen(exclude)) && !add_to_cmd_arr(cmd_envp, *tmp, i))
data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-data-utils.c:29:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(vgname) + strlen(lvname) + 2; /* vg/lv and \0 */
data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-data-utils.c:29:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(vgname) + strlen(lvname) + 2; /* vg/lv and \0 */
data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-data-utils.c:49:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = sysdir ? strlen(sysdir) + 16 : 1;
data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-data-utils.c:67:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return lvmpolld_id ? (lvmpolld_id + (sysdir ? strlen(sysdir) : 0)) : NULL;
data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-data-utils.c:76:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(uuid) + (sysdir ? strlen(sysdir) : 0) + 1;
data/lvm2-2.03.10/daemons/lvmpolld/lvmpolld-data-utils.c:76:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(uuid) + (sysdir ? strlen(sysdir) : 0) + 1;
data/lvm2-2.03.10/device_mapper/datastruct/bitset.c:160:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:208:7: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(line, "%d %255s\n", &num, &nm[0]) == 2) {
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:299:14: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
old_umask = umask(DM_DEV_DIR_UMASK);
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:301:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_umask);
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:310:14: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
old_umask = umask(DM_CONTROL_NODE_UMASK);
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:316:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_umask);
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:475:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(string, 0, strlen(string));
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:832:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(newuuid) >= DM_UUID_LEN) {
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:841:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(r = mangle_string(newuuid, "new UUID", strlen(newuuid), mangled_uuid,
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:974:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(type) >= DM_MAX_TYPE_NAME) {
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1015:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(t->type) >= sizeof(sp.target_type)) {
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1023:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sp.target_type, t->type, sizeof(sp.target_type) - 1);
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1032:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(t->params) + backslash_count;
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1085:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, names->name, len);
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1128:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(t->params) + 1 + ALIGNMENT;
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1171:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(dmt->newname) + 1;
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1174:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += sizeof(struct dm_target_msg) + strlen(dmt->message) + 1;
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1177:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(dmt->geometry) + 1;
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1235:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dmi->name, DEV_NAME(dmt), sizeof(dmi->name));
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1238:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dmi->uuid, DEV_UUID(dmt), sizeof(dmi->uuid));
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1580:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(t2->params);
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1753:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((r = unmangle_string(str, str_name, strlen(str), buf, buf_size, mode)) < 0) {
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:1760:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(str, buf, strlen(buf) + 1);
data/lvm2-2.03.10/device_mapper/ioctl/libdm-iface.c:2053:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(DM_RETRY_USLEEP_DELAY);
data/lvm2-2.03.10/device_mapper/libdm-common.c:378:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, name, buf_len);
data/lvm2-2.03.10/device_mapper/libdm-common.c:571:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) >= DM_NAME_LEN) {
data/lvm2-2.03.10/device_mapper/libdm-common.c:580:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(r = mangle_string(name, "name", strlen(name), mangled_name,
data/lvm2-2.03.10/device_mapper/libdm-common.c:634:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len = strlen(path)) < 3 || path[0] == '/' ||
data/lvm2-2.03.10/device_mapper/libdm-common.c:690:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((r = mangle_string(str, str_name, strlen(str), buf, buf_size, mode)) < 0)
data/lvm2-2.03.10/device_mapper/libdm-common.c:711:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(r = unmangle_string(str, str_name, strlen(str), buf, buf_size, mode)) < 0)
data/lvm2-2.03.10/device_mapper/libdm-common.c:784:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(newname) >= DM_NAME_LEN) {
data/lvm2-2.03.10/device_mapper/libdm-common.c:798:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(r = mangle_string(newname, "new name", strlen(newname), mangled_name,
data/lvm2-2.03.10/device_mapper/libdm-common.c:837:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(r = mangle_string(uuid, "UUID", strlen(uuid), mangled_uuid,
data/lvm2-2.03.10/device_mapper/libdm-common.c:1072:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
old_mask = umask(0);
data/lvm2-2.03.10/device_mapper/libdm-common.c:1077:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_mask);
data/lvm2-2.03.10/device_mapper/libdm-common.c:1081:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_mask);
data/lvm2-2.03.10/device_mapper/libdm-common.c:1243:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((len = read(fd, buf, sizeof(buf) - 1)) < 1) {
data/lvm2-2.03.10/device_mapper/libdm-common.c:1455:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*pos += strlen(*ptr) + 1;
data/lvm2-2.03.10/device_mapper/libdm-common.c:1511:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dev_name) + strlen(old_name) + 2;
data/lvm2-2.03.10/device_mapper/libdm-common.c:1511:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dev_name) + strlen(old_name) + 2;
data/lvm2-2.03.10/device_mapper/libdm-common.c:1664:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(src);
data/lvm2-2.03.10/device_mapper/libdm-common.c:1708:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(uuid_prefix) > DM_MAX_UUID_PREFIX_LEN) {
data/lvm2-2.03.10/device_mapper/libdm-common.c:1857:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(temp_buf);
data/lvm2-2.03.10/device_mapper/libdm-common.c:2519:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &base_cookie, sizeof(base_cookie)) != sizeof(base_cookie)) {
data/lvm2-2.03.10/device_mapper/libdm-config.c:217:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dm_config_parse(cft, config_settings, config_settings + strlen(config_settings))) {
data/lvm2-2.03.10/device_mapper/libdm-config.c:374:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(escaped_key, "\"");
data/lvm2-2.03.10/device_mapper/libdm-config.c:602:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(str)) {
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:616:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
default_uuid_prefix_len = strlen(default_uuid_prefix);
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:623:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(uuid_without_suffix, uuid, sizeof(uuid_without_suffix));
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:730:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t default_uuid_prefix_len = strlen(default_uuid_prefix);
data/lvm2-2.03.10/device_mapper/libdm-deptree.c:1124:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
default_uuid_prefix_len = strlen(default_uuid_prefix);
data/lvm2-2.03.10/device_mapper/libdm-file.c:174:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/device_mapper/libdm-file.c:193:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufferlen = strlen(buffer);
data/lvm2-2.03.10/device_mapper/libdm-report.c:475:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sort_value->items[1].len = strlen(sl->str);
data/lvm2-2.03.10/device_mapper/libdm-report.c:493:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
delimiter_len = strlen(delimiter);
data/lvm2-2.03.10/device_mapper/libdm-report.c:500:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sl->str);
data/lvm2-2.03.10/device_mapper/libdm-report.c:518:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(arr[i].str);
data/lvm2-2.03.10/device_mapper/libdm-report.c:728:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fields[f].id) > id_len)
data/lvm2-2.03.10/device_mapper/libdm-report.c:729:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id_len = strlen(fields[f].id);
data/lvm2-2.03.10/device_mapper/libdm-report.c:744:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fields[f].id) > id_len)
data/lvm2-2.03.10/device_mapper/libdm-report.c:745:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id_len = strlen(fields[f].id);
data/lvm2-2.03.10/device_mapper/libdm-report.c:748:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(type->prefix) + 3 > id_len)
data/lvm2-2.03.10/device_mapper/libdm-report.c:749:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id_len = strlen(type->prefix) + 3;
data/lvm2-2.03.10/device_mapper/libdm-report.c:760:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_warn("%*.*s", (int) strlen(desc) + 7,
data/lvm2-2.03.10/device_mapper/libdm-report.c:761:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(desc) + 7,
data/lvm2-2.03.10/device_mapper/libdm-report.c:765:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (id_len - 3 - strlen(type->prefix)), "",
data/lvm2-2.03.10/device_mapper/libdm-report.c:901:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix_len = strlen(prefix) - 1;
data/lvm2-2.03.10/device_mapper/libdm-report.c:923:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = strlen(field_canon);
data/lvm2-2.03.10/device_mapper/libdm-report.c:926:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix_len = strlen(t->prefix) - 1;
data/lvm2-2.03.10/device_mapper/libdm-report.c:943:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(flen = strlen(rh->field_prefix)))
data/lvm2-2.03.10/device_mapper/libdm-report.c:1229:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!_get_canonical_field_name(rh->fields[i].id, strlen(rh->fields[i].id),
data/lvm2-2.03.10/device_mapper/libdm-report.c:1705:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(sel_item->str) != val->items[i].len) ||
data/lvm2-2.03.10/device_mapper/libdm-report.c:1736:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(sel_item->str) == val->items[i].len) &&
data/lvm2-2.03.10/device_mapper/libdm-report.c:1771:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(sel_item->str) == val->items[i].len) &&
data/lvm2-2.03.10/device_mapper/libdm-report.c:2203:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(t->string);
data/lvm2-2.03.10/device_mapper/libdm-report.c:2342:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(*name) == len) && !strncmp(*name, s, len))
data/lvm2-2.03.10/device_mapper/libdm-report.c:3703:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_all += strlen(*rvs) + 2;
data/lvm2-2.03.10/device_mapper/libdm-report.c:3715:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!dm_pool_grow_object(rh->mem, *rvs, strlen(*rvs))) {
data/lvm2-2.03.10/device_mapper/libdm-report.c:4252:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen(field->report_string);
data/lvm2-2.03.10/device_mapper/libdm-report.c:4683:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_print("%*s", rh->group_item ? rh->group_item->group->indent + (int) strlen(line) : 0, line);
data/lvm2-2.03.10/device_mapper/libdm-report.c:4750:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_print("%*s", item->group->indent + (int) strlen(output), output);
data/lvm2-2.03.10/device_mapper/libdm-report.c:4792:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(report_name);
data/lvm2-2.03.10/device_mapper/libdm-string.c:380:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(uuid_prefix) + strlen(lvid) + strlen(layer) + 2;
data/lvm2-2.03.10/device_mapper/libdm-string.c:380:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(uuid_prefix) + strlen(lvid) + strlen(layer) + 2;
data/lvm2-2.03.10/device_mapper/libdm-string.c:380:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(uuid_prefix) + strlen(lvid) + strlen(layer) + 2;
data/lvm2-2.03.10/device_mapper/mm/pool-debug.c:234:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
delta = strlen(extra);
data/lvm2-2.03.10/device_mapper/mm/pool-fast.c:202:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
delta = strlen(extra);
data/lvm2-2.03.10/device_mapper/mm/pool.c:51:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str) + 1;
data/lvm2-2.03.10/device_mapper/mm/pool.c:62:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t slen = strlen(str);
data/lvm2-2.03.10/device_mapper/regex/matcher.c:350:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(patterns[i]) + 8;
data/lvm2-2.03.10/device_mapper/regex/parse_rx.c:666:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return rx_parse_tok(mem, str, str + strlen(str));
data/lvm2-2.03.10/device_mapper/vdo/status.c:204:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char *e = input + strlen(input);
data/lvm2-2.03.10/lib/activate/activate.c:105:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(lv->vg->name);
data/lvm2-2.03.10/lib/activate/activate.c:869:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(OPEN_COUNT_CHECK_USLEEP_DELAY);
data/lvm2-2.03.10/lib/activate/activate.c:1999:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000 * i);
data/lvm2-2.03.10/lib/activate/dev_manager.c:656:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(uuid) > (sizeof(UUID_PREFIX) + 2 * ID_LEN)) { /* 68 */
data/lvm2-2.03.10/lib/activate/dev_manager.c:833:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(old_style_dlid, dlid, sizeof(old_style_dlid));
data/lvm2-2.03.10/lib/activate/dev_manager.c:892:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(uuid = dm_task_get_uuid(dmt)) || strncasecmp(uuid, prefix, strlen(prefix)))
data/lvm2-2.03.10/lib/activate/dev_manager.c:989:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (type && !strncmp(type, target_type, strlen(target_type))) {
data/lvm2-2.03.10/lib/activate/dev_manager.c:1998:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t default_uuid_prefix_len = strlen(default_uuid_prefix);
data/lvm2-2.03.10/lib/activate/dev_manager.c:2259:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buf, sizeof(buf)) < (int)sizeof(buf)) {
data/lvm2-2.03.10/lib/activate/dev_manager.c:3615:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dm_tree_deactivate_children(root, dl->str, strlen(dl->str)))
data/lvm2-2.03.10/lib/activate/fs.c:55:14: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
old_umask = umask(DM_DEV_DIR_UMASK);
data/lvm2-2.03.10/lib/activate/fs.c:58:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_umask);
data/lvm2-2.03.10/lib/activate/fs.c:62:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_umask);
data/lvm2-2.03.10/lib/activate/fs.c:323:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*pos += strlen(*ptr) + 1;
data/lvm2-2.03.10/lib/activate/fs.c:357:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dev_dir) + strlen(vg_name) + strlen(lv_name) +
data/lvm2-2.03.10/lib/activate/fs.c:357:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dev_dir) + strlen(vg_name) + strlen(lv_name) +
data/lvm2-2.03.10/lib/activate/fs.c:357:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dev_dir) + strlen(vg_name) + strlen(lv_name) +
data/lvm2-2.03.10/lib/activate/fs.c:358:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(dev) + strlen(old_lv_name) + 5;
data/lvm2-2.03.10/lib/activate/fs.c:358:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(dev) + strlen(old_lv_name) + 5;
data/lvm2-2.03.10/lib/cache/lvmcache.c:1962:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dev->pvid, pvid_s, sizeof(dev->pvid));
data/lvm2-2.03.10/lib/cache/lvmcache.c:2018:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->dev->pvid, pvid_s, sizeof(info->dev->pvid));
data/lvm2-2.03.10/lib/cache/lvmcache.c:2029:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)&vgsummary.vgid, vgid, sizeof(vgsummary.vgid));
data/lvm2-2.03.10/lib/cache/lvmcache.c:2034:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(info->dev->pvid, "");
data/lvm2-2.03.10/lib/cache/lvmcache.c:2460:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(vginfo->vgname);
data/lvm2-2.03.10/lib/cache/lvmcache.c:2465:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(dev_name(info->dev));
data/lvm2-2.03.10/lib/cache/lvmcache.h:61:11: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
unsigned mismatch:1; /* lvmcache sets if this summary differs from previous values */
data/lvm2-2.03.10/lib/commands/toolcontext.c:61:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(system_id = dm_pool_zalloc(cmd->libmem, strlen(str) + 1))) {
data/lvm2-2.03.10/lib/commands/toolcontext.c:89:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!file || !strlen(file) || !file[0])
data/lvm2-2.03.10/lib/commands/toolcontext.c:232:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, sys_mnt, buf_size);
data/lvm2-2.03.10/lib/commands/toolcontext.c:580:19: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
if ((old_umask = umask((mode_t) cmd->default_settings.umask)) !=
data/lvm2-2.03.10/lib/commands/toolcontext.c:580:56: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
if ((old_umask = umask((mode_t) cmd->default_settings.umask)) !=
data/lvm2-2.03.10/lib/commands/toolcontext.c:581:37: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
(mode_t) cmd->default_settings.umask)
data/lvm2-2.03.10/lib/commands/toolcontext.c:583:62: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
old_umask, cmd->default_settings.umask);
data/lvm2-2.03.10/lib/commands/toolcontext.c:1006:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len, udev_dir_len = strlen(DM_UDEV_DEV_DIR);
data/lvm2-2.03.10/lib/commands/toolcontext.c:1039:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(cv->v.str);
data/lvm2-2.03.10/lib/commands/toolcontext.c:1655:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cmd->system_dir, system_dir, sizeof(cmd->system_dir) - 1);
data/lvm2-2.03.10/lib/commands/toolcontext.h:47:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mode_t umask;
data/lvm2-2.03.10/lib/config/config.c:736:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p + 1, strlen(p));
data/lvm2-2.03.10/lib/config/config.c:1102:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(rp);
data/lvm2-2.03.10/lib/config/config.c:1103:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
valid = _config_def_check_tree(handle, vp, pvp + strlen(pvp),
data/lvm2-2.03.10/lib/config/config.c:1189:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rplen = strlen(rp);
data/lvm2-2.03.10/lib/config/config.c:1191:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vp, vp + strlen(vp),
data/lvm2-2.03.10/lib/config/config.c:1741:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (_copy_one_line(cfg_def->comment, commentline, &pos, strlen(cfg_def->comment))) {
data/lvm2-2.03.10/lib/config/config.c:1742:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((commentline[0] == '#') && (strlen(commentline) == 1)) {
data/lvm2-2.03.10/lib/config/config.c:1830:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_copy_one_line(cfg_def->comment, summary, &pos, strlen(cfg_def->comment));
data/lvm2-2.03.10/lib/datastruct/str_list.c:173:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t delim_len = strlen(delim);
data/lvm2-2.03.10/lib/datastruct/str_list.c:181:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(sl->str);
data/lvm2-2.03.10/lib/datastruct/str_list.c:194:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sl->str);
data/lvm2-2.03.10/lib/datastruct/str_list.c:210:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t delim_len = strlen(delim);
data/lvm2-2.03.10/lib/datastruct/str_list.c:224:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
next = p2 = str + strlen(str);
data/lvm2-2.03.10/lib/device/bcache.c:529:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, (char *)data + pos, len - pos);
data/lvm2-2.03.10/lib/device/dev-cache.c:177:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subpath_len = strlen(subpath);
data/lvm2-2.03.10/lib/device/dev-cache.c:201:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
devdir_len = strlen(_cache.dev_dir);
data/lvm2-2.03.10/lib/device/dev-cache.c:372:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len = strlen(buf)) && buf[len - 1] == '\n')
data/lvm2-2.03.10/lib/device/dev-cache.c:517:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uuid_len = strlen(uuid);
data/lvm2-2.03.10/lib/device/dev-cache.c:847:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dir) + strlen(name) + 2;
data/lvm2-2.03.10/lib/device/dev-cache.c:847:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dir) + strlen(name) + 2;
data/lvm2-2.03.10/lib/device/dev-cache.c:1362:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(dl = _zalloc(sizeof(*dl) + strlen(path) + 1))) {
data/lvm2-2.03.10/lib/device/dev-md.c:53:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define IMSM_SIG_LEN (strlen(IMSM_SIGNATURE))
data/lvm2-2.03.10/lib/device/dev-type.c:214:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dev_len = strlen(_dev_known_types[j].name);
data/lvm2-2.03.10/lib/device/dev-type.c:215:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dev_len <= strlen(line + i) &&
data/lvm2-2.03.10/lib/device/dev-type.c:236:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dev_len = strlen(cv->v.str);
data/lvm2-2.03.10/lib/device/dev-type.c:255:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dev_len <= strlen(line + i) &&
data/lvm2-2.03.10/lib/device/dev-type.c:1136:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(UDEV_DEV_IS_COMPONENT_USLEEP);
data/lvm2-2.03.10/lib/display/display.c:949:12: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getchar()) == EOF) {
data/lvm2-2.03.10/lib/filters/filter-mpath.c:147:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, d->d_name, max_size);
data/lvm2-2.03.10/lib/filters/filter-regex.c:78:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = r + strlen(r) - 1;
data/lvm2-2.03.10/lib/format_text/archive.c:65:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(filename);
data/lvm2-2.03.10/lib/format_text/archive.c:111:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!dm_pool_grow_object(mem, dir, strlen(dir)) ||
data/lvm2-2.03.10/lib/format_text/archive.c:113:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!dm_pool_grow_object(mem, name, strlen(name)) ||
data/lvm2-2.03.10/lib/format_text/archiver.c:84:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(line) + 32;
data/lvm2-2.03.10/lib/format_text/export.c:384:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(sl->str) + 4;
data/lvm2-2.03.10/lib/format_text/export.c:549:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pv_dev_name(pv)) >= PATH_MAX) {
data/lvm2-2.03.10/lib/format_text/export.c:691:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buf, "# ", buf_size);
data/lvm2-2.03.10/lib/format_text/export.c:831:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf_size += strlen(user_glvl->glv->live->name) + 4;
data/lvm2-2.03.10/lib/format_text/format-text.c:363:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(vgnamebuf, vgname, len = strlen(vgname)) &&
data/lvm2-2.03.10/lib/format_text/format-text.c:1369:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(temp_dir, ".");
data/lvm2-2.03.10/lib/format_text/format-text.c:1468:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len + strlen(vg->name)) > (sizeof(new_name) - 1)) {
data/lvm2-2.03.10/lib/format_text/format-text.c:1473:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new_name, tc->path_live, len);
data/lvm2-2.03.10/lib/format_text/format-text.c:2148:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((tmp = strstr(path, ".tmp")) && (tmp == path + strlen(path) - 4)) {
data/lvm2-2.03.10/lib/format_text/format-text.c:2162:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(tmp = dm_pool_alloc(mem, strlen(path) + 5)))
data/lvm2-2.03.10/lib/format_text/import_vsn1.c:875:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(origin_name, HISTORICAL_LV_PREFIX, strlen(HISTORICAL_LV_PREFIX))) {
data/lvm2-2.03.10/lib/format_text/import_vsn1.c:876:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(origin_glv = find_historical_glv(vg, origin_name + strlen(HISTORICAL_LV_PREFIX), 0, NULL))) {
data/lvm2-2.03.10/lib/format_text/text_label.c:512:19: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (vgsummary.mismatch) {
data/lvm2-2.03.10/lib/format_text/text_label.c:561:19: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (vgsummary.mismatch) {
data/lvm2-2.03.10/lib/integrity/integrity.c:77:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mode) > 7)
data/lvm2-2.03.10/lib/integrity/integrity.c:80:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(set->mode, mode, 7);
data/lvm2-2.03.10/lib/label/hints.c:615:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += (strlen(cv->v.str) + 1);
data/lvm2-2.03.10/lib/label/hints.c:696:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keylen = strlen("hints_version:");
data/lvm2-2.03.10/lib/label/hints.c:712:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keylen = strlen("global_filter:");
data/lvm2-2.03.10/lib/label/hints.c:725:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keylen = strlen("filter:");
data/lvm2-2.03.10/lib/label/hints.c:738:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keylen = strlen("scan_lvs:");
data/lvm2-2.03.10/lib/label/hints.c:750:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keylen = strlen("devs_hash:");
data/lvm2-2.03.10/lib/label/hints.c:763:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keylen = strlen("scan:");
data/lvm2-2.03.10/lib/label/hints.c:786:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (vgname && (strlen(vgname) > 3) && (vgname[4] != '-'))
data/lvm2-2.03.10/lib/label/hints.c:822:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(devpath, dev_name(dev), PATH_MAX);
data/lvm2-2.03.10/lib/label/hints.c:823:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
calc_hash = calc_crc(calc_hash, (const uint8_t *)devpath, strlen(devpath));
data/lvm2-2.03.10/lib/label/hints.c:970:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(devpath, dev_name(dev), PATH_MAX);
data/lvm2-2.03.10/lib/label/hints.c:971:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hash = calc_crc(hash, (const uint8_t *)devpath, strlen(devpath));
data/lvm2-2.03.10/lib/label/label.c:56:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = sizeof(*li) + strlen(name) + 1;
data/lvm2-2.03.10/lib/label/label.c:434:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = labeller->ops->read(cmd, labeller, dev, label_buf, sector, &is_duplicate);
data/lvm2-2.03.10/lib/label/label.c:560:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(5000);
data/lvm2-2.03.10/lib/label/label.h:67:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int (*read) (struct cmd_context *cmd, struct labeller * l, struct device * dev,
data/lvm2-2.03.10/lib/locking/lvmlockd.c:781:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000);
data/lvm2-2.03.10/lib/locking/lvmlockd.c:898:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!vg->lock_args || !strlen(vg->lock_args)) {
data/lvm2-2.03.10/lib/locking/lvmlockd.c:952:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000);
data/lvm2-2.03.10/lib/log/log.c:558:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msglen = strlen(message);
data/lvm2-2.03.10/lib/metadata/cache_manip.c:529:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500000);
data/lvm2-2.03.10/lib/metadata/lv.c:86:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
list_item_len = strlen(name);
data/lvm2-2.03.10/lib/metadata/lv.c:105:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
list_item_len += strlen(extent_str);
data/lvm2-2.03.10/lib/metadata/lv.c:991:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(lv->vg->cmd->dev_dir) + strlen(lv->vg->name) +
data/lvm2-2.03.10/lib/metadata/lv.c:991:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(lv->vg->cmd->dev_dir) + strlen(lv->vg->name) +
data/lvm2-2.03.10/lib/metadata/lv.c:992:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(lv->name) + 2;
data/lvm2-2.03.10/lib/metadata/lv.c:1022:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(dm_dir()) + strlen(name) + 2;
data/lvm2-2.03.10/lib/metadata/lv.c:1022:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(dm_dir()) + strlen(name) + 2;
data/lvm2-2.03.10/lib/metadata/lv_manip.c:2431:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dm_pool_grow_object(mem, pv_dev_name(pvl->pv), strlen(pv_dev_name(pvl->pv)))) {
data/lvm2-2.03.10/lib/metadata/lv_manip.c:3872:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
image_name[strlen(image_name) - 1] = '1';
data/lvm2-2.03.10/lib/metadata/lv_manip.c:4551:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(lv_name_old);
data/lvm2-2.03.10/lib/metadata/lv_manip.c:4566:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(lv_name_new) + strlen(suffix) + 1;
data/lvm2-2.03.10/lib/metadata/lv_manip.c:4566:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(lv_name_new) + strlen(suffix) + 1;
data/lvm2-2.03.10/lib/metadata/metadata.c:532:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(dev_dir);
data/lvm2-2.03.10/lib/metadata/metadata.c:535:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(vg_name_new) > NAME_LEN - length - 2) {
data/lvm2-2.03.10/lib/metadata/metadata.c:887:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dev_dir);
data/lvm2-2.03.10/lib/metadata/metadata.c:1206:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dm_pool_grow_object(mem, buf, strlen(buf))) {
data/lvm2-2.03.10/lib/metadata/metadata.c:2190:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(lock_args); i++) {
data/lvm2-2.03.10/lib/metadata/metadata.c:2264:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t vg_name_len = strlen(vg->name);
data/lvm2-2.03.10/lib/metadata/metadata.c:2373:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dev_name_len = strlen(lvl->lv->name) + vg_name_len + 3;
data/lvm2-2.03.10/lib/metadata/metadata.c:3455:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vgid, (const char *) vg->id.uuid, sizeof(vgid));
data/lvm2-2.03.10/lib/metadata/metadata.c:4350:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dm_pool_grow_object(mem, sl->str, strlen(sl->str)) ||
data/lvm2-2.03.10/lib/metadata/mirror.c:1584:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
lv_name = strncpy(tmp_name, lv->name, len);
data/lvm2-2.03.10/lib/metadata/raid_manip.c:367:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d = (unsigned) strlen(rh);
data/lvm2-2.03.10/lib/metadata/raid_manip.c:416:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500000);
data/lvm2-2.03.10/lib/metadata/raid_manip.c:2955:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (seg->area_count != strlen(dev_health)) {
data/lvm2-2.03.10/lib/metadata/raid_manip.c:4728:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz = strlen(msg) + strlen(alias) + 2;
data/lvm2-2.03.10/lib/metadata/raid_manip.c:4728:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz = strlen(msg) + strlen(alias) + 2;
data/lvm2-2.03.10/lib/metadata/raid_manip.c:5016:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz = strlen("rimage") + (suffix ? strlen(suffix) : 0) + 1;
data/lvm2-2.03.10/lib/metadata/raid_manip.c:5016:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz = strlen("rimage") + (suffix ? strlen(suffix) : 0) + 1;
data/lvm2-2.03.10/lib/metadata/raid_manip.c:6405:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz = strlen(basic_fmt) + ((seg_from->segtype == *segtype_to) ? 0 : strlen(type_fmt)) + strlen(question_fmt) + 1;
data/lvm2-2.03.10/lib/metadata/raid_manip.c:6405:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz = strlen(basic_fmt) + ((seg_from->segtype == *segtype_to) ? 0 : strlen(type_fmt)) + strlen(question_fmt) + 1;
data/lvm2-2.03.10/lib/metadata/raid_manip.c:6405:97: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz = strlen(basic_fmt) + ((seg_from->segtype == *segtype_to) ? 0 : strlen(type_fmt)) + strlen(question_fmt) + 1;
data/lvm2-2.03.10/lib/metadata/vdo_manip.c:146:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((size = read(fd, temp, sizeof(temp) - 1)) < 0) {
data/lvm2-2.03.10/lib/metadata/writecache_manip.c:411:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf) + 1;
data/lvm2-2.03.10/lib/misc/lvm-file.c:175:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = dir + strlen(dir);
data/lvm2-2.03.10/lib/misc/lvm-flock.c:162:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *file_aux = alloca(strlen(file) + sizeof(AUX_LOCK_SUFFIX));
data/lvm2-2.03.10/lib/misc/lvm-string.c:147:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(lvname, _prefixes[i], strlen(_prefixes[i])))
data/lvm2-2.03.10/lib/misc/lvm-wrappers.c:113:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buf, len) != (ssize_t) len) {
data/lvm2-2.03.10/lib/mm/memlock.c:358:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!(n = read(_maps_fd, _maps_buffer + len, _maps_len - len)))
data/lvm2-2.03.10/lib/report/report.c:562:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
reg_len = strlen(_time_reg[i].name);
data/lvm2-2.03.10/lib/report/report.c:1489:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf_len = strlen(key) + strlen(value) + 2;
data/lvm2-2.03.10/lib/report/report.c:1489:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf_len = strlen(key) + strlen(value) + 2;
data/lvm2-2.03.10/lib/report/report.c:1756:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_lvname) + strlen(HISTORICAL_LV_PREFIX) + 1;
data/lvm2-2.03.10/lib/report/report.c:1756:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_lvname) + strlen(HISTORICAL_LV_PREFIX) + 1;
data/lvm2-2.03.10/lib/report/report.c:1759:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp_lvname) + 3;
data/lvm2-2.03.10/lib/report/report.c:2011:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[NAME_LEN + strlen(HISTORICAL_LV_PREFIX) + 1];
data/lvm2-2.03.10/libdaemon/client/config-util.c:169:86: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dm_config_parse_without_dup_node_check(cft, config_settings, config_settings + strlen(config_settings))) {
data/lvm2-2.03.10/libdaemon/client/config-util.c:380:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/lvm2-2.03.10/libdaemon/client/daemon-io.c:36:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = read(fd, buffer->mem + buffer->used, buffer->allocated - buffer->used);
data/lvm2-2.03.10/libdaemon/server/daemon-server.c:161:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t path_len = strlen(path);
data/lvm2-2.03.10/libdaemon/server/daemon-server.c:238:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
old_mask = umask(0077);
data/lvm2-2.03.10/libdaemon/server/daemon-server.c:305:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_mask);
data/lvm2-2.03.10/libdm/datastruct/bitset.c:159:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/lvm2-2.03.10/libdm/datastruct/hash.c:197:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return dm_hash_lookup_binary(t, key, strlen(key) + 1);
data/lvm2-2.03.10/libdm/datastruct/hash.c:202:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return dm_hash_insert_binary(t, key, strlen(key) + 1, data);
data/lvm2-2.03.10/libdm/datastruct/hash.c:207:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dm_hash_remove_binary(t, key, strlen(key) + 1);
data/lvm2-2.03.10/libdm/datastruct/hash.c:238:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(key) + 1;
data/lvm2-2.03.10/libdm/datastruct/hash.c:271:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = _find_str_with_val(t, key, val, strlen(key) + 1, val_len);
data/lvm2-2.03.10/libdm/datastruct/hash.c:285:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = _find_str_with_val(t, key, val, strlen(key) + 1, val_len);
data/lvm2-2.03.10/libdm/datastruct/hash.c:311:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t len = strlen(key) + 1;
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:252:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep((useconds_t) usecs);
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:303:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!argv[0] || !strlen(argv[0])) {
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:323:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!argv[0] || !strlen(argv[0])) {
data/lvm2-2.03.10/libdm/dm-tools/dmfilemapd.c:479:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(fm->inotify_fd, (void *) &buf, sizeof(buf));
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:334:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (ptr = buffer + strlen(buffer) - 1; ptr >= buffer; ptr--)
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:636:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes = read(_timer_fd, &expired, sizeof(expired));
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:724:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
if (usleep(this_interval / NSEC_PER_USEC)) {
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1232:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(STDIN_FILENO, pos, (size_t) bufsize - total - 1);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1533:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += strlen(argv[i]) + 1;
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1542:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, " ");
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1566:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!*response || response[strlen(response) - 1] == '\n')
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1754:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dev_dir), udev_dir_len = strlen(DM_UDEV_DEV_DIR);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1754:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dev_dir), udev_dir_len = strlen(DM_UDEV_DEV_DIR);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1849:12: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getchar()) == EOF) {
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1960:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
otime_str[strlen(otimes)-1] = '\0';
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:1962:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctime_str[strlen(ctimes)-1] = '\0';
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:2385:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c += strlen(name);
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:3375:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dm_pool_grow_object(mem, buf, strlen(buf) + 1)) {
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4805:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(options) + strlen(opt_fields) + 2;
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:4805:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(options) + strlen(opt_fields) + 2;
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:5143:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define max_int_strlen(i) (strlen(#i))
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:5428:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(program_id) && !_switches[FORCE_ARG])
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:5451:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(program_id))
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:5547:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& !strlen(_string_args[PROGRAM_ID_ARG]) && !_switches[FORCE_ARG]) {
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:5603:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(program_id) && !_switches[FORCE_ARG])
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:5631:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(program_id))
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:6048:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(program_id) && !_switches[FORCE_ARG])
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:6064:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(program_id))
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:6570:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(device, dev_dir, strlen(dev_dir)))
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:6575:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dev_dir[strlen(dev_dir) - 1] != '/' &&
data/lvm2-2.03.10/libdm/dm-tools/dmsetup.c:6576:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device[strlen(dev_dir)] != '/')
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:207:7: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(line, "%d %255s\n", &num, &nm[0]) == 2) {
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:298:14: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
old_umask = umask(DM_DEV_DIR_UMASK);
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:300:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_umask);
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:309:14: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
old_umask = umask(DM_CONTROL_NODE_UMASK);
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:315:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_umask);
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:474:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(string, 0, strlen(string));
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:840:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(newuuid) >= DM_UUID_LEN) {
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:849:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(r = mangle_string(newuuid, "new UUID", strlen(newuuid), mangled_uuid,
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:982:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(type) >= DM_MAX_TYPE_NAME) {
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1023:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(t->type) >= sizeof(sp.target_type)) {
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1031:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sp.target_type, t->type, sizeof(sp.target_type) - 1);
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1040:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(t->params) + backslash_count;
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1093:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, names->name, len);
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1136:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(t->params) + 1 + ALIGNMENT;
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1179:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(dmt->newname) + 1;
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1182:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += sizeof(struct dm_target_msg) + strlen(dmt->message) + 1;
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1185:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(dmt->geometry) + 1;
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1247:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dmi->name, DEV_NAME(dmt), sizeof(dmi->name));
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1250:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dmi->uuid, DEV_UUID(dmt), sizeof(dmi->uuid));
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1598:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(t2->params);
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1753:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((r = unmangle_string(str, str_name, strlen(str), buf, buf_size, mode)) < 0) {
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:1760:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(str, buf, strlen(buf) + 1);
data/lvm2-2.03.10/libdm/ioctl/libdm-iface.c:2055:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(DM_RETRY_USLEEP_DELAY);
data/lvm2-2.03.10/libdm/libdm-common.c:376:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, name, buf_len);
data/lvm2-2.03.10/libdm/libdm-common.c:569:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) >= DM_NAME_LEN) {
data/lvm2-2.03.10/libdm/libdm-common.c:578:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(r = mangle_string(name, "name", strlen(name), mangled_name,
data/lvm2-2.03.10/libdm/libdm-common.c:632:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len = strlen(path)) < 3 || path[0] == '/' ||
data/lvm2-2.03.10/libdm/libdm-common.c:688:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((r = mangle_string(str, str_name, strlen(str), buf, buf_size, mode)) < 0)
data/lvm2-2.03.10/libdm/libdm-common.c:709:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(r = unmangle_string(str, str_name, strlen(str), buf, buf_size, mode)) < 0)
data/lvm2-2.03.10/libdm/libdm-common.c:782:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(newname) >= DM_NAME_LEN) {
data/lvm2-2.03.10/libdm/libdm-common.c:796:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(r = mangle_string(newname, "new name", strlen(newname), mangled_name,
data/lvm2-2.03.10/libdm/libdm-common.c:835:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(r = mangle_string(uuid, "UUID", strlen(uuid), mangled_uuid,
data/lvm2-2.03.10/libdm/libdm-common.c:1070:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
old_mask = umask(0);
data/lvm2-2.03.10/libdm/libdm-common.c:1075:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_mask);
data/lvm2-2.03.10/libdm/libdm-common.c:1079:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_mask);
data/lvm2-2.03.10/libdm/libdm-common.c:1241:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((len = read(fd, buf, sizeof(buf) - 1)) < 1) {
data/lvm2-2.03.10/libdm/libdm-common.c:1453:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*pos += strlen(*ptr) + 1;
data/lvm2-2.03.10/libdm/libdm-common.c:1509:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dev_name) + strlen(old_name) + 2;
data/lvm2-2.03.10/libdm/libdm-common.c:1509:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dev_name) + strlen(old_name) + 2;
data/lvm2-2.03.10/libdm/libdm-common.c:1662:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(src);
data/lvm2-2.03.10/libdm/libdm-common.c:1706:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(uuid_prefix) > DM_MAX_UUID_PREFIX_LEN) {
data/lvm2-2.03.10/libdm/libdm-common.c:1855:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(temp_buf);
data/lvm2-2.03.10/libdm/libdm-common.c:2518:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, &base_cookie, sizeof(base_cookie)) != sizeof(base_cookie)) {
data/lvm2-2.03.10/libdm/libdm-config.c:217:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dm_config_parse(cft, config_settings, config_settings + strlen(config_settings))) {
data/lvm2-2.03.10/libdm/libdm-config.c:374:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(escaped_key, "\"");
data/lvm2-2.03.10/libdm/libdm-config.c:602:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(str)) {
data/lvm2-2.03.10/libdm/libdm-deptree.c:578:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
default_uuid_prefix_len = strlen(default_uuid_prefix);
data/lvm2-2.03.10/libdm/libdm-deptree.c:585:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(uuid_without_suffix, uuid, sizeof(uuid_without_suffix));
data/lvm2-2.03.10/libdm/libdm-deptree.c:692:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t default_uuid_prefix_len = strlen(default_uuid_prefix);
data/lvm2-2.03.10/libdm/libdm-deptree.c:1086:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
default_uuid_prefix_len = strlen(default_uuid_prefix);
data/lvm2-2.03.10/libdm/libdm-file.c:173:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/lvm2-2.03.10/libdm/libdm-file.c:192:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufferlen = strlen(buffer);
data/lvm2-2.03.10/libdm/libdm-report.c:474:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sort_value->items[1].len = strlen(sl->str);
data/lvm2-2.03.10/libdm/libdm-report.c:492:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
delimiter_len = strlen(delimiter);
data/lvm2-2.03.10/libdm/libdm-report.c:499:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sl->str);
data/lvm2-2.03.10/libdm/libdm-report.c:517:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(arr[i].str);
data/lvm2-2.03.10/libdm/libdm-report.c:727:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fields[f].id) > id_len)
data/lvm2-2.03.10/libdm/libdm-report.c:728:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id_len = strlen(fields[f].id);
data/lvm2-2.03.10/libdm/libdm-report.c:743:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fields[f].id) > id_len)
data/lvm2-2.03.10/libdm/libdm-report.c:744:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id_len = strlen(fields[f].id);
data/lvm2-2.03.10/libdm/libdm-report.c:747:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(type->prefix) + 3 > id_len)
data/lvm2-2.03.10/libdm/libdm-report.c:748:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
id_len = strlen(type->prefix) + 3;
data/lvm2-2.03.10/libdm/libdm-report.c:760:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_warn("%*.*s", (int) strlen(desc) + 7,
data/lvm2-2.03.10/libdm/libdm-report.c:761:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(desc) + 7,
data/lvm2-2.03.10/libdm/libdm-report.c:765:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) (id_len - 3 - strlen(type->prefix)), "",
data/lvm2-2.03.10/libdm/libdm-report.c:901:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix_len = strlen(prefix) - 1;
data/lvm2-2.03.10/libdm/libdm-report.c:923:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = strlen(field_canon);
data/lvm2-2.03.10/libdm/libdm-report.c:926:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix_len = strlen(t->prefix) - 1;
data/lvm2-2.03.10/libdm/libdm-report.c:943:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(flen = strlen(rh->field_prefix)))
data/lvm2-2.03.10/libdm/libdm-report.c:1229:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!_get_canonical_field_name(rh->fields[i].id, strlen(rh->fields[i].id),
data/lvm2-2.03.10/libdm/libdm-report.c:1705:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(sel_item->str) != val->items[i].len) ||
data/lvm2-2.03.10/libdm/libdm-report.c:1736:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(sel_item->str) == val->items[i].len) &&
data/lvm2-2.03.10/libdm/libdm-report.c:1771:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(sel_item->str) == val->items[i].len) &&
data/lvm2-2.03.10/libdm/libdm-report.c:2203:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(t->string);
data/lvm2-2.03.10/libdm/libdm-report.c:2342:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(*name) == len) && !strncmp(*name, s, len))
data/lvm2-2.03.10/libdm/libdm-report.c:3703:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_all += strlen(*rvs) + 2;
data/lvm2-2.03.10/libdm/libdm-report.c:3715:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!dm_pool_grow_object(rh->mem, *rvs, strlen(*rvs))) {
data/lvm2-2.03.10/libdm/libdm-report.c:4252:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen(field->report_string);
data/lvm2-2.03.10/libdm/libdm-report.c:4683:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_print("%*s", rh->group_item ? rh->group_item->group->indent + (int) strlen(line) : 0, line);
data/lvm2-2.03.10/libdm/libdm-report.c:4750:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_print("%*s", item->group->indent + (int) strlen(output), output);
data/lvm2-2.03.10/libdm/libdm-report.c:4792:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(report_name);
data/lvm2-2.03.10/libdm/libdm-stats.c:201:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!program_id || !strlen(program_id))
data/lvm2-2.03.10/libdm/libdm-stats.c:716:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
alias = c + strlen(DMS_GROUP_TAG);
data/lvm2-2.03.10/libdm/libdm-stats.c:741:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = c + strlen(c);
data/lvm2-2.03.10/libdm/libdm-stats.c:760:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(alias)) {
data/lvm2-2.03.10/libdm/libdm-stats.c:769:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(end) > 1) || strncmp(end, "-", 1))
data/lvm2-2.03.10/libdm/libdm-stats.c:953:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aux_data[strlen(aux_data) - 1] = '\0';
data/lvm2-2.03.10/libdm/libdm-stats.c:1002:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(resp)) {
data/lvm2-2.03.10/libdm/libdm-stats.c:1013:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(list_rows = fmemopen((char *)resp, strlen(resp), "r")))
data/lvm2-2.03.10/libdm/libdm-stats.c:1245:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stats_rows = fmemopen((char *)resp, strlen(resp), "r");
data/lvm2-2.03.10/libdm/libdm-stats.c:1845:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buflen += 1 + (alias ? strlen(alias) : 0); /* 'alias:' */
data/lvm2-2.03.10/libdm/libdm-stats.c:1902:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(aux_data)) ? aux_data : "-") < 0) {
data/lvm2-2.03.10/libdm/libdm-stats.c:1941:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!program_id || !strlen(program_id))
data/lvm2-2.03.10/libdm/libdm-stats.c:1968:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(hist_arg)) ? HISTOGRAM_ARG : "",
data/lvm2-2.03.10/libdm/libdm-stats.c:2990:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!allow_empty && (!program_id || !strlen(program_id))) {
data/lvm2-2.03.10/libdm/libdm-string.c:380:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(uuid_prefix) + strlen(lvid) + strlen(layer) + 2;
data/lvm2-2.03.10/libdm/libdm-string.c:380:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(uuid_prefix) + strlen(lvid) + strlen(layer) + 2;
data/lvm2-2.03.10/libdm/libdm-string.c:380:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(uuid_prefix) + strlen(lvid) + strlen(layer) + 2;
data/lvm2-2.03.10/libdm/mm/dbg_malloc.c:51:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ret = dm_malloc_aux_debug(strlen(str) + 1, file, line)))
data/lvm2-2.03.10/libdm/mm/pool-debug.c:234:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
delta = strlen(extra);
data/lvm2-2.03.10/libdm/mm/pool-fast.c:201:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
delta = strlen(extra);
data/lvm2-2.03.10/libdm/mm/pool.c:51:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str) + 1;
data/lvm2-2.03.10/libdm/mm/pool.c:62:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t slen = strlen(str);
data/lvm2-2.03.10/libdm/regex/matcher.c:350:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(patterns[i]) + 8;
data/lvm2-2.03.10/libdm/regex/parse_rx.c:666:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return rx_parse_tok(mem, str, str + strlen(str));
data/lvm2-2.03.10/scripts/generator-internals.c:125:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(prefix);
data/lvm2-2.03.10/scripts/generator-internals.c:127:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) < len)
data/lvm2-2.03.10/scripts/lvm2_activation_generator_systemd_red_hat.c:212:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
old_mask = umask(0022);
data/lvm2-2.03.10/scripts/lvm2_activation_generator_systemd_red_hat.c:217:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_mask);
data/lvm2-2.03.10/test/lib/brick-shelltest.h:290:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read( std::string n ) {
data/lvm2-2.03.10/test/lib/brick-shelltest.h:297:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read() { read( location ); }
data/lvm2-2.03.10/test/lib/brick-shelltest.h:297:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read() { read( location ); }
data/lvm2-2.03.10/test/lib/brick-shelltest.h:485:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (sz = read(fd, buf, sizeof(buf) - 1)) > 0 )
data/lvm2-2.03.10/test/lib/brick-shelltest.h:498:13: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(50000);
data/lvm2-2.03.10/test/lib/brick-shelltest.h:584:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (sz = ::read(fd, buf, buffer_size)) > 0 )
data/lvm2-2.03.10/test/lib/brick-shelltest.h:1047:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
journal.read();
data/lvm2-2.03.10/test/lib/brick-shelltest.h:1143:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( v ) == 0 || !strcmp( v, "0" ) )
data/lvm2-2.03.10/test/lib/harness.c:101:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
next = from + strlen(from);
data/lvm2-2.03.10/test/lib/harness.c:120:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b = line + strlen(line);
data/lvm2-2.03.10/test/lib/harness.c:136:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a += strlen(subst[idx].value);
data/lvm2-2.03.10/test/lib/harness.c:138:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} while (b < line + strlen(line));
data/lvm2-2.03.10/test/lib/harness.c:242:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((sz = read(fd, buf, sizeof(buf) - 1)) > 0) {
data/lvm2-2.03.10/test/lib/harness.c:400:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *c = outpath + strlen(results) + 1;
data/lvm2-2.03.10/test/unit/string_t.c:50:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
T_ASSERT_EQUAL(strlen(buf) + 1, sizeof(buf) - 1);
data/lvm2-2.03.10/tools/command.c:352:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(name, val_names[i].name, strlen(val_names[i].name)))
data/lvm2-2.03.10/tools/command.c:782:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(old_line) + strlen(new_line) + 2;
data/lvm2-2.03.10/tools/command.c:782:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(old_line) + strlen(new_line) + 2;
data/lvm2-2.03.10/tools/command.c:1483:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int newlen = strlen(cmd->desc) + strlen(desc) + 2;
data/lvm2-2.03.10/tools/command.c:1483:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int newlen = strlen(cmd->desc) + strlen(desc) + 2;
data/lvm2-2.03.10/tools/command.c:1696:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (di = 0; di < strlen(desc); di++) {
data/lvm2-2.03.10/tools/command.c:2997:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (di = 0; di < strlen(desc); di++) {
data/lvm2-2.03.10/tools/command.c:3031:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(buf + 1, cname->name, strlen(cname->name))) {
data/lvm2-2.03.10/tools/command.c:3312:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (di = 0; di < strlen(desc); di++) {
data/lvm2-2.03.10/tools/command.c:3386:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((sz = read(fd, buf, statbuf.st_size)) < 0) {
data/lvm2-2.03.10/tools/lvchange.c:882:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_str_len = strlen(tmp_str);
data/lvm2-2.03.10/tools/lvchange.c:896:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pv_names[i][strlen(pv_names[i]) - 2] = '\0';
data/lvm2-2.03.10/tools/lvchange.c:914:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pv_names[i][strlen(pv_names[i]) + 1] == 'y')
data/lvm2-2.03.10/tools/lvchange.c:917:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (pv_names[i][strlen(pv_names[i]) + 1] == 'n')
data/lvm2-2.03.10/tools/lvchange.c:920:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (pv_names[i][strlen(pv_names[i]) + 1] == 't')
data/lvm2-2.03.10/tools/lvconvert.c:1177:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(raidlv_name, lv->name, len);
data/lvm2-2.03.10/tools/lvconvert.c:4146:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vglv_sz = strlen(vgname) + strlen(lvname2_orig) + 2;
data/lvm2-2.03.10/tools/lvconvert.c:4146:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vglv_sz = strlen(vgname) + strlen(lvname2_orig) + 2;
data/lvm2-2.03.10/tools/lvm.c:41:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/lvm2-2.03.10/tools/lvm.c:65:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/lvm2-2.03.10/tools/lvmcmdline.c:626:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(suffixes) - 1; i >= 0; i--)
data/lvm2-2.03.10/tools/lvmcmdline.c:2623:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dm_pool_grow_object(cmd->mem, argv[i], strlen(argv[i])))
data/lvm2-2.03.10/tools/lvmcmdline.c:3316:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((n = read(fd, _proc_cmdline, sizeof(_proc_cmdline) - 1)) < 0) {
data/lvm2-2.03.10/tools/lvmcmdline.c:3496:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(buffer) == sizeof(buffer) - 1)
data/lvm2-2.03.10/tools/lvmdiskscan.c:44:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(dev_name(dev));
data/lvm2-2.03.10/tools/lvmdiskscan.c:55:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int c = dev_name(dev)[strlen(dev_name(dev)) - 1];
data/lvm2-2.03.10/tools/lvrename.c:161:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(lv_name_old, HISTORICAL_LV_PREFIX, strlen(HISTORICAL_LV_PREFIX))) {
data/lvm2-2.03.10/tools/lvrename.c:162:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lv_name_old = lv_name_old + strlen(HISTORICAL_LV_PREFIX);
data/lvm2-2.03.10/tools/lvrename.c:166:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(lv_name_new, HISTORICAL_LV_PREFIX, strlen(HISTORICAL_LV_PREFIX))) {
data/lvm2-2.03.10/tools/lvrename.c:168:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lv_name_new = lv_name_old + strlen(HISTORICAL_LV_PREFIX);
data/lvm2-2.03.10/tools/lvrename.c:177:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxlen = NAME_LEN - strlen(vg_name) - 3;
data/lvm2-2.03.10/tools/lvrename.c:178:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(lv_name_new) > maxlen) {
data/lvm2-2.03.10/tools/pvck.c:388:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(def->fd, data, len);
data/lvm2-2.03.10/tools/pvck.c:1758:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "metadata_offset", strlen("metadata_offset"))) {
data/lvm2-2.03.10/tools/pvck.c:1765:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "seqno", strlen("seqno"))) {
data/lvm2-2.03.10/tools/pvck.c:1772:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "backup_file", strlen("backup_file"))) {
data/lvm2-2.03.10/tools/pvck.c:1778:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "mda_offset", strlen("mda_offset"))) {
data/lvm2-2.03.10/tools/pvck.c:1785:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "mda_size", strlen("mda_size"))) {
data/lvm2-2.03.10/tools/pvck.c:1792:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "mda2_offset", strlen("mda2_offset"))) {
data/lvm2-2.03.10/tools/pvck.c:1799:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "mda2_size", strlen("mda2_size"))) {
data/lvm2-2.03.10/tools/pvck.c:1806:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "device_size", strlen("device_size"))) {
data/lvm2-2.03.10/tools/pvck.c:1813:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "data_offset", strlen("data_offset"))) {
data/lvm2-2.03.10/tools/pvck.c:1820:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "pv_uuid", strlen("pv_uuid"))) {
data/lvm2-2.03.10/tools/pvck.c:1821:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strchr(val, '-') && (strlen(val) == 32)) {
data/lvm2-2.03.10/tools/pvck.c:1834:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "mda_num", strlen("mda_num"))) {
data/lvm2-2.03.10/tools/pvck.c:1867:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (pos < strlen(str)) {
data/lvm2-2.03.10/tools/pvck.c:1873:8: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(str + pos, " %63[^=]=%63s %n", key, val, &num) != 2) {
data/lvm2-2.03.10/tools/pvck.c:2829:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, back_buf, back_size);
data/lvm2-2.03.10/tools/pvck.c:2966:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, text_buf, text_size);
data/lvm2-2.03.10/tools/pvmove.c:78:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(vgname, lvname, strlen(vgname)) ||
data/lvm2-2.03.10/tools/pvmove.c:79:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(lvname += strlen(vgname), *lvname != '/')) {
data/lvm2-2.03.10/tools/pvscan.c:215:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(fd, buf, sizeof(buf));
data/lvm2-2.03.10/tools/pvscan.c:230:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vgname, name, NAME_LEN);
data/lvm2-2.03.10/tools/reporter.c:911:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(args->single_args[idx].report_prefix), sl->str);
data/lvm2-2.03.10/tools/reporter.c:1036:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(report_prefix);
data/lvm2-2.03.10/tools/toollib.c:103:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(*cmd->argv, "(lvm2)", strlen(*cmd->argv));
data/lvm2-2.03.10/tools/toollib.c:103:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(*cmd->argv, "(lvm2)", strlen(*cmd->argv));
data/lvm2-2.03.10/tools/toollib.c:122:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t devdir_len = strlen(cmd->dev_dir);
data/lvm2-2.03.10/tools/toollib.c:124:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t dmdir_len = strlen(dmdir), vglv_sz;
data/lvm2-2.03.10/tools/toollib.c:155:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vglv_sz = strlen(vgname) + strlen(lvname) + 2;
data/lvm2-2.03.10/tools/toollib.c:155:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vglv_sz = strlen(vgname) + strlen(lvname) + 2;
data/lvm2-2.03.10/tools/toollib.c:1153:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!dm_config_parse_without_dup_node_check(current, str, str + strlen(str)))
data/lvm2-2.03.10/tools/toollib.c:1191:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "block_size", strlen("block_size"))) {
data/lvm2-2.03.10/tools/toollib.c:1204:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "high_watermark", strlen("high_watermark"))) {
data/lvm2-2.03.10/tools/toollib.c:1213:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "low_watermark", strlen("low_watermark"))) {
data/lvm2-2.03.10/tools/toollib.c:1222:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "writeback_jobs", strlen("writeback_jobs"))) {
data/lvm2-2.03.10/tools/toollib.c:1229:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "autocommit_blocks", strlen("autocommit_blocks"))) {
data/lvm2-2.03.10/tools/toollib.c:1236:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "autocommit_time", strlen("autocommit_time"))) {
data/lvm2-2.03.10/tools/toollib.c:1243:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "fua", strlen("fua"))) {
data/lvm2-2.03.10/tools/toollib.c:1254:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "nofua", strlen("nofua"))) {
data/lvm2-2.03.10/tools/toollib.c:1265:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "cleaner", strlen("cleaner"))) {
data/lvm2-2.03.10/tools/toollib.c:1272:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(key, "max_age", strlen("max_age"))) {
data/lvm2-2.03.10/tools/toollib.c:1325:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (pos < strlen(str)) {
data/lvm2-2.03.10/tools/toollib.c:1331:8: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(str + pos, " %63[^=]=%63s %n", key, val, &num) != 2) {
data/lvm2-2.03.10/tools/toollib.c:2267:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t prefix_len = strlen(prefix);
data/lvm2-2.03.10/tools/toollib.c:3298:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vglv_sz = strlen(one_vgname) + strlen(one_lvname) + 2;
data/lvm2-2.03.10/tools/toollib.c:3298:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vglv_sz = strlen(one_vgname) + strlen(one_lvname) + 2;
data/lvm2-2.03.10/tools/toollib.c:3374:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vglv_sz = strlen(vgname) + strlen(lv_name) + 2;
data/lvm2-2.03.10/tools/toollib.c:3374:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vglv_sz = strlen(vgname) + strlen(lv_name) + 2;
data/lvm2-2.03.10/tools/toollib.c:3513:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vglv_sz = strlen(use_vgname) + strlen(pos_lvname) + 2;
data/lvm2-2.03.10/tools/toollib.c:3513:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vglv_sz = strlen(use_vgname) + strlen(pos_lvname) + 2;
data/lvm2-2.03.10/tools/toollib.c:3596:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (lvn && !strncmp(vgn, vg_name, strlen(vg_name)) &&
data/lvm2-2.03.10/tools/toollib.c:3597:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(vg_name) == (size_t) (lvn - vgn)) {
data/lvm2-2.03.10/tools/toollib.c:3859:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dil->pvid, dil->dev->pvid, ID_LEN);
data/lvm2-2.03.10/tools/toollib.c:3893:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dil->pvid, hint->pvid, ID_LEN);
data/lvm2-2.03.10/tools/toollib.c:3913:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dil->pvid, dev->pvid, ID_LEN);
data/lvm2-2.03.10/tools/toollib.c:4929:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pd->pvid, pv->dev->pvid, ID_LEN);
data/lvm2-2.03.10/tools/toollib.c:5157:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pd->pvid, pv->dev->pvid, ID_LEN);
ANALYSIS SUMMARY:
Hits = 2048
Lines analyzed = 239569 in approximately 6.07 seconds (39476 lines/second)
Physical Source Lines of Code (SLOC) = 166057
Hits@level = [0] 865 [1] 657 [2] 1100 [3] 73 [4] 209 [5] 9
Hits@level+ = [0+] 2913 [1+] 2048 [2+] 1391 [3+] 291 [4+] 218 [5+] 9
Hits/KSLOC@level+ = [0+] 17.5422 [1+] 12.3331 [2+] 8.37664 [3+] 1.75241 [4+] 1.3128 [5+] 0.0541983
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.