Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/nfs-ganesha-3.3/coverity/ganesha_model.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/ds.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/export.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/handle.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/internal.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/internal.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/main.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/mds.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/statx_compat.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/statx_compat.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/ds.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/fsal_up.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/gluster_internal.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/gluster_internal.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/main.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/mds.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/export.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/file.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_attrs.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_convert.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_create.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_ds.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_fileop.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_internal.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_internal.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_lock.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_lookup.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_mds.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_rename.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_stats_gpfs.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_symlinks.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_unlink.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_up.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/gpfs_methods.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/gpfsext.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/handle.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/include/gpfs.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/include/gpfs_nfs.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/main.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/context_wrap.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/context_wrap.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/ds.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/export.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/fileinfo_cache.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/handle.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/lzfs_acl.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/lzfs_internal.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/lzfs_internal.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/main.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/mds_export.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/mds_handle.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_export.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_int.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_main.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_up.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/export.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping_db.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping_db.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping_internal.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/test_handle_mapping.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/test_handle_mapping_db.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/main.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/pxy_fsal_methods.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/xattrs.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PSEUDO/export.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PSEUDO/handle.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PSEUDO/main.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_PSEUDO/pseudofs_methods.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/export.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/handle.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/internal.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/internal.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/main.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/up.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/empty_check_hsm.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/export.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/file.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/handle.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/handle_syscalls.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/os/freebsd/handle_syscalls.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/os/linux/handle_syscalls.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/attrs.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/attrs.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/handle.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/main.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/mds.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/mds.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/panfs.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/panfs_int.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/panfs_pnfs_ioctl.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/panfs_um_pnfs.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/panfs_um_pnfs.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/subfsal_panfs.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/state.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/subfsal.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/subfsal_helpers.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/vfs/attrs.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/vfs/attrs.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/vfs/llapi_check_hsm.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/vfs/subfsal_vfs.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/vfs_methods.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xattrs.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/handle_syscalls.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/handle_syscalls.h
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/main.c
Examining data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/subfsal_xfs.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_avl.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_avl.h
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_debug.h
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_export.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_ext.h
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_file.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_hash.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_hash.h
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_helpers.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_int.h
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_lru.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_lru.h
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_main.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_read_conf.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_up.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_xattrs.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_handle.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_NULL/export.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_NULL/file.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_NULL/handle.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_NULL/main.c
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_NULL/nullfs_methods.h
Examining data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_NULL/xattrs.c
Examining data/nfs-ganesha-3.3/src/FSAL/access_check.c
Examining data/nfs-ganesha-3.3/src/FSAL/common_pnfs.c
Examining data/nfs-ganesha-3.3/src/FSAL/commonlib.c
Examining data/nfs-ganesha-3.3/src/FSAL/default_methods.c
Examining data/nfs-ganesha-3.3/src/FSAL/fsal_config.c
Examining data/nfs-ganesha-3.3/src/FSAL/fsal_convert.c
Examining data/nfs-ganesha-3.3/src/FSAL/fsal_destroyer.c
Examining data/nfs-ganesha-3.3/src/FSAL/fsal_helper.c
Examining data/nfs-ganesha-3.3/src/FSAL/fsal_manager.c
Examining data/nfs-ganesha-3.3/src/FSAL/fsal_private.h
Examining data/nfs-ganesha-3.3/src/FSAL/posix_acls.c
Examining data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_async.c
Examining data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_top.c
Examining data/nfs-ganesha-3.3/src/MainNFSD/9p_dispatcher.c
Examining data/nfs-ganesha-3.3/src/MainNFSD/9p_rdma_callbacks.c
Examining data/nfs-ganesha-3.3/src/MainNFSD/9p_rdma_dispatcher.c
Examining data/nfs-ganesha-3.3/src/MainNFSD/nfs_admin_thread.c
Examining data/nfs-ganesha-3.3/src/MainNFSD/nfs_init.c
Examining data/nfs-ganesha-3.3/src/MainNFSD/nfs_lib.c
Examining data/nfs-ganesha-3.3/src/MainNFSD/nfs_main.c
Examining data/nfs-ganesha-3.3/src/MainNFSD/nfs_reaper_thread.c
Examining data/nfs-ganesha-3.3/src/MainNFSD/nfs_rpc_callback.c
Examining data/nfs-ganesha-3.3/src/MainNFSD/nfs_rpc_callback_simulator.c
Examining data/nfs-ganesha-3.3/src/MainNFSD/nfs_rpc_dispatcher_thread.c
Examining data/nfs-ganesha-3.3/src/MainNFSD/nfs_rpc_tcp_socket_manager_thread.c
Examining data/nfs-ganesha-3.3/src/MainNFSD/nfs_worker_thread.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_attach.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_auth.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_clunk.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_flush.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_flush_hook.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_fsync.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_getattr.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_getlock.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_interpreter.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_lcreate.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_link.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_lock.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_lopen.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_mkdir.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_mknod.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_proto_tools.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_read.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_read_conf.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_readdir.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_readlink.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_remove.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_rename.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_renameat.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_rerror.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_setattr.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_statfs.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_symlink.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_unlinkat.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_version.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_walk.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_write.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_xattrcreate.c
Examining data/nfs-ganesha-3.3/src/Protocols/9P/9p_xattrwalk.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/mnt_Dump.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/mnt_Export.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/mnt_Mnt.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/mnt_Null.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/mnt_Umnt.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/mnt_UmntAll.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_access.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_commit.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_create.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_fsinfo.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_fsstat.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_getattr.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_link.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_lookup.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_mkdir.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_mknod.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_pathconf.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_read.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_readdir.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_readdirplus.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_readlink.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_remove.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_rename.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_rmdir.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_setattr.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_symlink.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_write.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_Compound.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_cb_Compound.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_access.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_allocate.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_bind_conn.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_close.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_commit.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_create.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_create_session.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_delegpurge.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_delegreturn.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_destroy_clientid.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_destroy_session.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_exchange_id.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_free_stateid.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_getattr.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_getdeviceinfo.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_getdevicelist.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_getfh.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_illegal.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_layoutcommit.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_layoutget.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_layoutreturn.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_link.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_lock.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_lockt.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_locku.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_lookup.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_lookupp.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_nverify.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_open.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_open_confirm.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_open_downgrade.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_openattr.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_putfh.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_putpubfh.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_putrootfh.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_read.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_readdir.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_readlink.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_reclaim_complete.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_release_lockowner.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_remove.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_rename.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_renew.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_restorefh.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_savefh.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_secinfo.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_secinfo_no_name.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_sequence.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_set_ssv.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setattr.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_test_stateid.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_verify.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_write.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_xattr.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_pseudo.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_null.c
Examining data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c
Examining data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Cancel.c
Examining data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Free_All.c
Examining data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Granted_Res.c
Examining data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Lock.c
Examining data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Null.c
Examining data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Share.c
Examining data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Sm_Notify.c
Examining data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Test.c
Examining data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Unlock.c
Examining data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Unshare.c
Examining data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_async.c
Examining data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_util.c
Examining data/nfs-ganesha-3.3/src/Protocols/NLM/nsm.c
Examining data/nfs-ganesha-3.3/src/Protocols/NLM/sm_notify.c
Examining data/nfs-ganesha-3.3/src/Protocols/RQUOTA/rquota_Null.c
Examining data/nfs-ganesha-3.3/src/Protocols/RQUOTA/rquota_common.c
Examining data/nfs-ganesha-3.3/src/Protocols/RQUOTA/rquota_getactivequota.c
Examining data/nfs-ganesha-3.3/src/Protocols/RQUOTA/rquota_getquota.c
Examining data/nfs-ganesha-3.3/src/Protocols/RQUOTA/rquota_setactivequota.c
Examining data/nfs-ganesha-3.3/src/Protocols/RQUOTA/rquota_setquota.c
Examining data/nfs-ganesha-3.3/src/Protocols/XDR/xdr_mount.c
Examining data/nfs-ganesha-3.3/src/Protocols/XDR/xdr_nfs23.c
Examining data/nfs-ganesha-3.3/src/Protocols/XDR/xdr_nfsv41.c
Examining data/nfs-ganesha-3.3/src/Protocols/XDR/xdr_nlm4.c
Examining data/nfs-ganesha-3.3/src/Protocols/XDR/xdr_nsm.c
Examining data/nfs-ganesha-3.3/src/Protocols/XDR/xdr_rquota.c
Examining data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c
Examining data/nfs-ganesha-3.3/src/RPCAL/gss_extra.c
Examining data/nfs-ganesha-3.3/src/RPCAL/nfs_dupreq.c
Examining data/nfs-ganesha-3.3/src/RPCAL/rpc_tools.c
Examining data/nfs-ganesha-3.3/src/SAL/9p_owner.c
Examining data/nfs-ganesha-3.3/src/SAL/nfs41_session_id.c
Examining data/nfs-ganesha-3.3/src/SAL/nfs4_clientid.c
Examining data/nfs-ganesha-3.3/src/SAL/nfs4_lease.c
Examining data/nfs-ganesha-3.3/src/SAL/nfs4_owner.c
Examining data/nfs-ganesha-3.3/src/SAL/nfs4_recovery.c
Examining data/nfs-ganesha-3.3/src/SAL/nfs4_state.c
Examining data/nfs-ganesha-3.3/src/SAL/nfs4_state_id.c
Examining data/nfs-ganesha-3.3/src/SAL/nlm_owner.c
Examining data/nfs-ganesha-3.3/src/SAL/nlm_state.c
Examining data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c
Examining data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.h
Examining data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c
Examining data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados.h
Examining data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_cluster.c
Examining data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c
Examining data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_ng.c
Examining data/nfs-ganesha-3.3/src/SAL/state_async.c
Examining data/nfs-ganesha-3.3/src/SAL/state_deleg.c
Examining data/nfs-ganesha-3.3/src/SAL/state_layout.c
Examining data/nfs-ganesha-3.3/src/SAL/state_lock.c
Examining data/nfs-ganesha-3.3/src/SAL/state_misc.c
Examining data/nfs-ganesha-3.3/src/SAL/state_share.c
Examining data/nfs-ganesha-3.3/src/avl/avl.c
Examining data/nfs-ganesha-3.3/src/avl/bst.c
Examining data/nfs-ganesha-3.3/src/avl/rb.c
Examining data/nfs-ganesha-3.3/src/avl/splay.c
Examining data/nfs-ganesha-3.3/src/cidr/cidr_addr.c
Examining data/nfs-ganesha-3.3/src/cidr/cidr_compare.c
Examining data/nfs-ganesha-3.3/src/cidr/cidr_from_str.c
Examining data/nfs-ganesha-3.3/src/cidr/cidr_get.c
Examining data/nfs-ganesha-3.3/src/cidr/cidr_inaddr.c
Examining data/nfs-ganesha-3.3/src/cidr/cidr_mem.c
Examining data/nfs-ganesha-3.3/src/cidr/cidr_misc.c
Examining data/nfs-ganesha-3.3/src/cidr/cidr_net.c
Examining data/nfs-ganesha-3.3/src/cidr/cidr_num.c
Examining data/nfs-ganesha-3.3/src/cidr/cidr_pow2_p.h
Examining data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c
Examining data/nfs-ganesha-3.3/src/config_parsing/analyse.c
Examining data/nfs-ganesha-3.3/src/config_parsing/analyse.h
Examining data/nfs-ganesha-3.3/src/config_parsing/conf_url.c
Examining data/nfs-ganesha-3.3/src/config_parsing/conf_url_rados.c
Examining data/nfs-ganesha-3.3/src/config_parsing/config_parsing.c
Examining data/nfs-ganesha-3.3/src/config_parsing/test_parse.c
Examining data/nfs-ganesha-3.3/src/config_parsing/verif_syntax.c
Examining data/nfs-ganesha-3.3/src/dbus/dbus_heartbeat.c
Examining data/nfs-ganesha-3.3/src/dbus/dbus_priv.h
Examining data/nfs-ganesha-3.3/src/dbus/dbus_server.c
Examining data/nfs-ganesha-3.3/src/dbus/properties_handler.c
Examining data/nfs-ganesha-3.3/src/dbus/signal_handler.c
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_close2_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_close_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_commit2_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_getattrs_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_handle_to_key_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_handle_to_wire_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_lock_op2_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_lookup_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_open2_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_read2_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_readdir_correctness.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_readdir_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_readlink_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_release_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_reopen2_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_setattr2_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_unlink_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/fsal_api/test_write2_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_link_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_lookup_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_putfh_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_rename_latency.cc
Examining data/nfs-ganesha-3.3/src/gtest/test_ci_hash_dist1.cc
Examining data/nfs-ganesha-3.3/src/gtest/test_example.cc
Examining data/nfs-ganesha-3.3/src/gtest/test_rbt.cc
Examining data/nfs-ganesha-3.3/src/hashtable/hashtable.c
Examining data/nfs-ganesha-3.3/src/idmapper/idmapper.c
Examining data/nfs-ganesha-3.3/src/idmapper/idmapper_cache.c
Examining data/nfs-ganesha-3.3/src/include/9p.h
Examining data/nfs-ganesha-3.3/src/include/9p_req_queue.h
Examining data/nfs-ganesha-3.3/src/include/9p_types.h
Examining data/nfs-ganesha-3.3/src/include/Connectathon_config_parsing.h
Examining data/nfs-ganesha-3.3/src/include/FSAL/access_check.h
Examining data/nfs-ganesha-3.3/src/include/FSAL/fsal_commonlib.h
Examining data/nfs-ganesha-3.3/src/include/FSAL/fsal_config.h
Examining data/nfs-ganesha-3.3/src/include/FSAL/fsal_init.h
Examining data/nfs-ganesha-3.3/src/include/abstract_atomic.h
Examining data/nfs-ganesha-3.3/src/include/abstract_mem.h
Examining data/nfs-ganesha-3.3/src/include/atomic_x86_64.h
Examining data/nfs-ganesha-3.3/src/include/avltree.h
Examining data/nfs-ganesha-3.3/src/include/bsd-base64.h
Examining data/nfs-ganesha-3.3/src/include/cidr.h
Examining data/nfs-ganesha-3.3/src/include/city.h
Examining data/nfs-ganesha-3.3/src/include/citycrc.h
Examining data/nfs-ganesha-3.3/src/include/client_mgr.h
Examining data/nfs-ganesha-3.3/src/include/common_utils.h
Examining data/nfs-ganesha-3.3/src/include/conf_url.h
Examining data/nfs-ganesha-3.3/src/include/conf_url_rados.h
Examining data/nfs-ganesha-3.3/src/include/config_parsing.h
Examining data/nfs-ganesha-3.3/src/include/delayed_exec.h
Examining data/nfs-ganesha-3.3/src/include/display.h
Examining data/nfs-ganesha-3.3/src/include/err_inject.h
Examining data/nfs-ganesha-3.3/src/include/export_mgr.h
Examining data/nfs-ganesha-3.3/src/include/extended_types.h
Examining data/nfs-ganesha-3.3/src/include/fridgethr.h
Examining data/nfs-ganesha-3.3/src/include/fsal.h
Examining data/nfs-ganesha-3.3/src/include/fsal_api.h
Examining data/nfs-ganesha-3.3/src/include/fsal_convert.h
Examining data/nfs-ganesha-3.3/src/include/fsal_handle_syscalls.h
Examining data/nfs-ganesha-3.3/src/include/fsal_pnfs.h
Examining data/nfs-ganesha-3.3/src/include/fsal_types.h
Examining data/nfs-ganesha-3.3/src/include/fsal_up.h
Examining data/nfs-ganesha-3.3/src/include/gsh_config.h
Examining data/nfs-ganesha-3.3/src/include/gsh_dbus.h
Examining data/nfs-ganesha-3.3/src/include/gsh_intrinsic.h
Examining data/nfs-ganesha-3.3/src/include/gsh_list.h
Examining data/nfs-ganesha-3.3/src/include/gsh_lttng/fsal_gluster.h
Examining data/nfs-ganesha-3.3/src/include/gsh_lttng/fsal_mem.h
Examining data/nfs-ganesha-3.3/src/include/gsh_lttng/logger.h
Examining data/nfs-ganesha-3.3/src/include/gsh_lttng/mdcache.h
Examining data/nfs-ganesha-3.3/src/include/gsh_lttng/nfs4.h
Examining data/nfs-ganesha-3.3/src/include/gsh_lttng/nfs_rpc.h
Examining data/nfs-ganesha-3.3/src/include/gsh_lttng/state.h
Examining data/nfs-ganesha-3.3/src/include/gsh_refstr.h
Examining data/nfs-ganesha-3.3/src/include/gsh_rpc.h
Examining data/nfs-ganesha-3.3/src/include/gsh_status.h
Examining data/nfs-ganesha-3.3/src/include/gsh_types.h
Examining data/nfs-ganesha-3.3/src/include/gsh_wait_queue.h
Examining data/nfs-ganesha-3.3/src/include/gss_credcache.h
Examining data/nfs-ganesha-3.3/src/include/hashtable.h
Examining data/nfs-ganesha-3.3/src/include/idmapper.h
Examining data/nfs-ganesha-3.3/src/include/log.h
Examining data/nfs-ganesha-3.3/src/include/mdcache.h
Examining data/nfs-ganesha-3.3/src/include/mount.h
Examining data/nfs-ganesha-3.3/src/include/murmur3.h
Examining data/nfs-ganesha-3.3/src/include/netgroup_cache.h
Examining data/nfs-ganesha-3.3/src/include/nfs23.h
Examining data/nfs-ganesha-3.3/src/include/nfs4.h
Examining data/nfs-ganesha-3.3/src/include/nfs4_acls.h
Examining data/nfs-ganesha-3.3/src/include/nfs4_fs_locations.h
Examining data/nfs-ganesha-3.3/src/include/nfs_convert.h
Examining data/nfs-ganesha-3.3/src/include/nfs_core.h
Examining data/nfs-ganesha-3.3/src/include/nfs_creds.h
Examining data/nfs-ganesha-3.3/src/include/nfs_dupreq.h
Examining data/nfs-ganesha-3.3/src/include/nfs_exports.h
Examining data/nfs-ganesha-3.3/src/include/nfs_fh.h
Examining data/nfs-ganesha-3.3/src/include/nfs_file_handle.h
Examining data/nfs-ganesha-3.3/src/include/nfs_init.h
Examining data/nfs-ganesha-3.3/src/include/nfs_ip_stats.h
Examining data/nfs-ganesha-3.3/src/include/nfs_lib.h
Examining data/nfs-ganesha-3.3/src/include/nfs_proto_data.h
Examining data/nfs-ganesha-3.3/src/include/nfs_proto_functions.h
Examining data/nfs-ganesha-3.3/src/include/nfs_proto_tools.h
Examining data/nfs-ganesha-3.3/src/include/nfs_rpc_callback.h
Examining data/nfs-ganesha-3.3/src/include/nfs_rpc_callback_simulator.h
Examining data/nfs-ganesha-3.3/src/include/nfsv41.h
Examining data/nfs-ganesha-3.3/src/include/nlm4.h
Examining data/nfs-ganesha-3.3/src/include/nlm_async.h
Examining data/nfs-ganesha-3.3/src/include/nlm_util.h
Examining data/nfs-ganesha-3.3/src/include/nsm.h
Examining data/nfs-ganesha-3.3/src/include/os/freebsd/extended_types.h
Examining data/nfs-ganesha-3.3/src/include/os/freebsd/fsal_handle_syscalls.h
Examining data/nfs-ganesha-3.3/src/include/os/freebsd/memstream.h
Examining data/nfs-ganesha-3.3/src/include/os/freebsd/mntent.h
Examining data/nfs-ganesha-3.3/src/include/os/freebsd/quota.h
Examining data/nfs-ganesha-3.3/src/include/os/freebsd/syscalls.h
Examining data/nfs-ganesha-3.3/src/include/os/freebsd/xattr.h
Examining data/nfs-ganesha-3.3/src/include/os/linux/extended_types.h
Examining data/nfs-ganesha-3.3/src/include/os/linux/fsal_handle_syscalls.h
Examining data/nfs-ganesha-3.3/src/include/os/linux/quota.h
Examining data/nfs-ganesha-3.3/src/include/os/memstream.h
Examining data/nfs-ganesha-3.3/src/include/os/mntent.h
Examining data/nfs-ganesha-3.3/src/include/os/quota.h
Examining data/nfs-ganesha-3.3/src/include/os/subr.h
Examining data/nfs-ganesha-3.3/src/include/os/xattr.h
Examining data/nfs-ganesha-3.3/src/include/pnfs_utils.h
Examining data/nfs-ganesha-3.3/src/include/posix_acls.h
Examining data/nfs-ganesha-3.3/src/include/rados_grace.h
Examining data/nfs-ganesha-3.3/src/include/rbt_node.h
Examining data/nfs-ganesha-3.3/src/include/rbt_tree.h
Examining data/nfs-ganesha-3.3/src/include/rquota.h
Examining data/nfs-ganesha-3.3/src/include/sal_data.h
Examining data/nfs-ganesha-3.3/src/include/sal_functions.h
Examining data/nfs-ganesha-3.3/src/include/sal_shared.h
Examining data/nfs-ganesha-3.3/src/include/server_stats.h
Examining data/nfs-ganesha-3.3/src/include/server_stats_private.h
Examining data/nfs-ganesha-3.3/src/include/uid2grp.h
Examining data/nfs-ganesha-3.3/src/log/display.c
Examining data/nfs-ganesha-3.3/src/log/log_functions.c
Examining data/nfs-ganesha-3.3/src/log/test_display.c
Examining data/nfs-ganesha-3.3/src/os/freebsd/atsyscalls.c
Examining data/nfs-ganesha-3.3/src/os/freebsd/memstream.c
Examining data/nfs-ganesha-3.3/src/os/freebsd/mntent_compat.c
Examining data/nfs-ganesha-3.3/src/os/freebsd/subr.c
Examining data/nfs-ganesha-3.3/src/os/freebsd/xattr.c
Examining data/nfs-ganesha-3.3/src/os/linux/subr.c
Examining data/nfs-ganesha-3.3/src/support/bsd-base64.c
Examining data/nfs-ganesha-3.3/src/support/city-test.c
Examining data/nfs-ganesha-3.3/src/support/city.c
Examining data/nfs-ganesha-3.3/src/support/client_mgr.c
Examining data/nfs-ganesha-3.3/src/support/delayed_exec.c
Examining data/nfs-ganesha-3.3/src/support/ds.c
Examining data/nfs-ganesha-3.3/src/support/err_inject.c
Examining data/nfs-ganesha-3.3/src/support/export_mgr.c
Examining data/nfs-ganesha-3.3/src/support/exports.c
Examining data/nfs-ganesha-3.3/src/support/fridgethr.c
Examining data/nfs-ganesha-3.3/src/support/misc.c
Examining data/nfs-ganesha-3.3/src/support/murmur3.c
Examining data/nfs-ganesha-3.3/src/support/netgroup_cache.c
Examining data/nfs-ganesha-3.3/src/support/nfs4_acls.c
Examining data/nfs-ganesha-3.3/src/support/nfs4_fs_locations.c
Examining data/nfs-ganesha-3.3/src/support/nfs_convert.c
Examining data/nfs-ganesha-3.3/src/support/nfs_creds.c
Examining data/nfs-ganesha-3.3/src/support/nfs_filehandle_mgmt.c
Examining data/nfs-ganesha-3.3/src/support/nfs_ip_name.c
Examining data/nfs-ganesha-3.3/src/support/nfs_read_conf.c
Examining data/nfs-ganesha-3.3/src/support/rados_grace.c
Examining data/nfs-ganesha-3.3/src/support/refstr.c
Examining data/nfs-ganesha-3.3/src/support/server_stats.c
Examining data/nfs-ganesha-3.3/src/support/strlcpy.c
Examining data/nfs-ganesha-3.3/src/support/strnlen.c
Examining data/nfs-ganesha-3.3/src/support/uid2grp.c
Examining data/nfs-ganesha-3.3/src/support/uid2grp_cache.c
Examining data/nfs-ganesha-3.3/src/test/test_atomic_x86_86.c
Examining data/nfs-ganesha-3.3/src/test/test_avl.c
Examining data/nfs-ganesha-3.3/src/test/test_glist.c
Examining data/nfs-ganesha-3.3/src/test/test_mh_avl.c
Examining data/nfs-ganesha-3.3/src/test/test_url_regex.c
Examining data/nfs-ganesha-3.3/src/tools/ganesha-rados-grace.c
Examining data/nfs-ganesha-3.3/src/tools/multilock/ml_cephfs_client.c
Examining data/nfs-ganesha-3.3/src/tools/multilock/ml_console.c
Examining data/nfs-ganesha-3.3/src/tools/multilock/ml_functions.c
Examining data/nfs-ganesha-3.3/src/tools/multilock/ml_glusterfs_client.c
Examining data/nfs-ganesha-3.3/src/tools/multilock/ml_posix_client.c
Examining data/nfs-ganesha-3.3/src/tools/multilock/multilock.h
Examining data/nfs-ganesha-3.3/src/tools/test_findlog.c
Examining data/nfs-ganesha-3.3/src/tracing/fsal_gluster.c
Examining data/nfs-ganesha-3.3/src/tracing/fsal_mem.c
Examining data/nfs-ganesha-3.3/src/tracing/logger.c
Examining data/nfs-ganesha-3.3/src/tracing/mdcache.c
Examining data/nfs-ganesha-3.3/src/tracing/nfs4.c
Examining data/nfs-ganesha-3.3/src/tracing/nfs_rpc.c
Examining data/nfs-ganesha-3.3/src/tracing/state.c
FINAL RESULTS:
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/subfsal_helpers.c:67:6: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
r = readlink(proclnk, readlink_buf, sizeof(readlink_buf) - 1);
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_handle.c:454:40: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
status = entry->sub_handle->obj_ops->readlink(
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_NULL/handle.c:271:32: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
handle->sub_handle->obj_ops->readlink(handle->sub_handle,
data/nfs-ganesha-3.3/src/FSAL/fsal_helper.c:596:23: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
return obj->obj_ops->readlink(obj, link_content, false);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_readlink_latency.cc:128:40: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
status = symlink_test_root->obj_ops->readlink(symlink_test_root, &link_content, false);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_readlink_latency.cc:146:30: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
status = sub_hdl->obj_ops->readlink(sub_hdl, &link_content, false);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_readlink_latency.cc:164:42: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
status = symlink_test_root->obj_ops->readlink(symlink_test_root, &link_content, false);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_readlink_latency.cc:204:42: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
status = symlink_test_root->obj_ops->readlink(symlink_test_root, &link_content, false);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_readlink_latency.cc:226:32: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
status = sub_hdl->obj_ops->readlink(sub_hdl, &link_content, false);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc:136:30: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
status = symlink->obj_ops->readlink(symlink, &link_content, false);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc:173:30: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
status = symlink->obj_ops->readlink(symlink, &link_content, false);
data/nfs-ganesha-3.3/src/include/fsal_api.h:1674:19: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
fsal_status_t (*readlink)(struct fsal_obj_handle *obj_hdl,
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/main.c:243:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void) snprintf(uuid, len, RECLAIM_UUID_PREFIX "%s-%4.4hx", nodeid,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_up.c:95:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void) snprintf(thr_name, sizeof(thr_name),
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/include/gpfs_nfs.h:745:18: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
unsigned int access; /* v4maske */
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:2336:15: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
owner_len = snprintf(owner_val, sizeof(owner_val),
data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/main.c:219:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(RGWFSM.conf_path, F_OK)) {
data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/main.c:225:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(conf_path, "--conf=%s",
data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/main.c:234:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(inst_name, "--name=%s",
data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/main.c:243:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(cluster, "--cluster=%s",
data/nfs-ganesha-3.3/src/FSAL/fsal_manager.c:202:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void) snprintf(path, size, pathfmt,
data/nfs-ganesha-3.3/src/MainNFSD/nfs_main.c:253:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, usage, exec_name);
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_access.c:90:44: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
nfs_access_op(entry, arg->arg_access3.access,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_access.c:91:43: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
&res->res_access3.ACCESS3res_u.resok.access, NULL);
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_access.c:85:19: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (arg_ACCESS4->access > max_access) {
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_access.c:92:52: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
nfs_access_op(data->current_obj, arg_ACCESS4->access,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_access.c:93:40: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
&res_ACCESS4->ACCESS4res_u.resok4.access,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c:1248:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path_sav, path);
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c:1920:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!inline_xdr_bool(xdr, &system))
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c:4070:65: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
bool nfs4_Fattr_Check_Access_Bitmap(struct bitmap4 *bitmap, int access)
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c:4082:34: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (((int)fattr4tab[attribute].access & access) != access)
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c:4082:43: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (((int)fattr4tab[attribute].access & access) != access)
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c:4082:54: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (((int)fattr4tab[attribute].access & access) != access)
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c:4103:49: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
bool nfs4_Fattr_Check_Access(fattr4 *Fattr, int access)
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c:4105:58: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return nfs4_Fattr_Check_Access_Bitmap(&Fattr->attrmask, access);
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Share.c:86:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
arg->share.access,
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Share.c:128:23: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
arg->share.access,
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Unshare.c:85:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
arg->share.access,
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Unshare.c:111:23: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
arg->share.access,
data/nfs-ganesha-3.3/src/Protocols/NLM/sm_notify.c:88:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, ERR_MSG1, "monitor host");
data/nfs-ganesha-3.3/src/Protocols/NLM/sm_notify.c:97:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, ERR_MSG1, "remote address");
data/nfs-ganesha-3.3/src/Protocols/NLM/sm_notify.c:105:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, ERR_MSG1, "local address");
data/nfs-ganesha-3.3/src/Protocols/NLM/sm_notify.c:112:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, USAGE, argv[0]);
data/nfs-ganesha-3.3/src/Protocols/NLM/sm_notify.c:118:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, USAGE, argv[0]);
data/nfs-ganesha-3.3/src/Protocols/XDR/xdr_nfs23.c:696:36: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!xdr_nfs3_uint32(xdrs, &objp->access))
data/nfs-ganesha-3.3/src/Protocols/XDR/xdr_nfs23.c:705:36: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!xdr_nfs3_uint32(xdrs, &objp->access))
data/nfs-ganesha-3.3/src/Protocols/XDR/xdr_nlm4.c:164:36: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!xdr_fsh4_access(xdrs, &objp->access))
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:678:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(myhostad, myhostname);
data/nfs-ganesha-3.3/src/RPCAL/gss_extra.c:79:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(outmsg, "%s : untranslatable error", (char *)msg.value);
data/nfs-ganesha-3.3/src/RPCAL/gss_extra.c:83:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(outmsg, "%s : %s ", (char *)msg.value, (char *)msg2.value);
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:111:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(toret, tmpbuf);
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:138:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(toret, tmpbuf);
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:161:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(toret, tmpbuf);
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:292:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(toret, tmpbuf);
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:341:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(toret, nmstr);
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:356:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(toret, tmpbuf);
data/nfs-ganesha-3.3/src/config_parsing/analyse.c:102:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_tok->token, token);
data/nfs-ganesha-3.3/src/config_parsing/analyse.c:275:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(fp, fmt, args);
data/nfs-ganesha-3.3/src/dbus/dbus_server.c:409:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, INTROSPECT_INTERFACE_HEAD, (*iface)->name);
data/nfs-ganesha-3.3/src/dbus/dbus_server.c:414:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, INTROSPECT_PROPERTY, (*prop)->name,
data/nfs-ganesha-3.3/src/dbus/dbus_server.c:416:27: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
prop_access[(*prop)->access]);
data/nfs-ganesha-3.3/src/dbus/dbus_server.c:428:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, INTROSPECT_METHOD_HEAD, mp->name);
data/nfs-ganesha-3.3/src/dbus/dbus_server.c:430:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, INTROSPECT_METHOD_ARG,
data/nfs-ganesha-3.3/src/dbus/dbus_server.c:443:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, INTROSPECT_SIGNAL_HEAD,
data/nfs-ganesha-3.3/src/dbus/dbus_server.c:447:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, INTROSPECT_SIGNAL_ARG,
data/nfs-ganesha-3.3/src/idmapper/idmapper.c:147:14: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
name.len = sprintf(namebuf, "%"PRIu32, id);
data/nfs-ganesha-3.3/src/idmapper/idmapper.c:263:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
new_name.len = sprintf(namebuff, "%"PRIu32, id);
data/nfs-ganesha-3.3/src/include/abstract_mem.h:234:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dest, src); \
data/nfs-ganesha-3.3/src/include/fsal_types.h:569:68: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static inline fsal_accessflags_t FSAL_MODE_MASK(fsal_accessflags_t access)
data/nfs-ganesha-3.3/src/include/fsal_types.h:571:22: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
unsigned long acc = access & FSAL_MODE_BIT_MASK;
data/nfs-ganesha-3.3/src/include/fsal_types.h:576:68: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static inline fsal_accessflags_t FSAL_ACE4_MASK(fsal_accessflags_t access)
data/nfs-ganesha-3.3/src/include/fsal_types.h:578:22: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
unsigned long acc = access & FSAL_ACE4_BIT_MASK;
data/nfs-ganesha-3.3/src/include/fsal_types.h:583:28: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
#define FSAL_MODE_MASK_SET(access) (access | FSAL_MODE_MASK_FLAG)
data/nfs-ganesha-3.3/src/include/fsal_types.h:583:37: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
#define FSAL_MODE_MASK_SET(access) (access | FSAL_MODE_MASK_FLAG)
data/nfs-ganesha-3.3/src/include/fsal_types.h:584:28: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
#define FSAL_ACE4_MASK_SET(access) (access | FSAL_ACE4_MASK_FLAG)
data/nfs-ganesha-3.3/src/include/fsal_types.h:584:37: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
#define FSAL_ACE4_MASK_SET(access) (access | FSAL_ACE4_MASK_FLAG)
data/nfs-ganesha-3.3/src/include/fsal_types.h:586:33: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
#define IS_FSAL_MODE_MASK_VALID(access) \
data/nfs-ganesha-3.3/src/include/fsal_types.h:587:4: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
((access & FSAL_ACCESS_FLAG_BIT_MASK) == FSAL_MODE_MASK_FLAG)
data/nfs-ganesha-3.3/src/include/fsal_types.h:588:33: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
#define IS_FSAL_ACE4_MASK_VALID(access) \
data/nfs-ganesha-3.3/src/include/fsal_types.h:589:4: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
((access & FSAL_ACCESS_FLAG_BIT_MASK) == FSAL_ACE4_MASK_FLAG)
data/nfs-ganesha-3.3/src/include/fsal_types.h:591:26: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
#define IS_FSAL_ACE4_REQ(access) (access & FSAL_ACE4_REQ_FLAG)
data/nfs-ganesha-3.3/src/include/fsal_types.h:591:35: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
#define IS_FSAL_ACE4_REQ(access) (access & FSAL_ACE4_REQ_FLAG)
data/nfs-ganesha-3.3/src/include/gsh_dbus.h:155:21: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
dbus_prop_access_t access;
data/nfs-ganesha-3.3/src/include/log.h:152:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format(printf, 6, 7)));
data/nfs-ganesha-3.3/src/include/nfs23.h:394:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
nfs3_uint32 access;
data/nfs-ganesha-3.3/src/include/nfs23.h:400:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
nfs3_uint32 access;
data/nfs-ganesha-3.3/src/include/nfs_proto_tools.h:95:15: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
unsigned int access; /* The access type for this attributes */
data/nfs-ganesha-3.3/src/include/nfsv41.h:1166:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
uint32_t access;
data/nfs-ganesha-3.3/src/include/nfsv41.h:1172:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
uint32_t access;
data/nfs-ganesha-3.3/src/include/nfsv41.h:5432:41: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!inline_xdr_u_int32_t(xdrs, &objp->access))
data/nfs-ganesha-3.3/src/include/nfsv41.h:5441:41: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!inline_xdr_u_int32_t(xdrs, &objp->access))
data/nfs-ganesha-3.3/src/include/nlm4.h:137:15: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
fsh4_access access;
data/nfs-ganesha-3.3/src/log/display.c:310:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(dspbuf->b_current, b_left, fmt, args);
data/nfs-ganesha-3.3/src/log/log_functions.c:759:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
rc = access(dir, W_OK);
data/nfs-ganesha-3.3/src/log/log_functions.c:1028:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
rc = access(dir, W_OK);
data/nfs-ganesha-3.3/src/support/nfs_ip_name.c:190:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hostname, ipstring);
data/nfs-ganesha-3.3/src/tools/multilock/multilock.h:178:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf) - 1, fmt, ## args) \
data/nfs-ganesha-3.3/src/tools/multilock/multilock.h:182:12: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int lx = snprintf(buf, left, fmt, ## args); \
data/nfs-ganesha-3.3/src/tools/multilock/multilock.h:190:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(output, fmt, ## args); \
data/nfs-ganesha-3.3/src/tools/multilock/multilock.h:191:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, fmt, ## args); \
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/export.c:118:14: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
const char *realpath;
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/export.c:126:11: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
if (*(++realpath) != '/') {
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/export.c:141:13: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
if (strstr(realpath, op_ctx->ctx_export->fullpath) != realpath) {
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/export.c:141:56: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
if (strstr(realpath, op_ctx->ctx_export->fullpath) != realpath) {
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/export.c:150:13: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
if (strcmp(realpath, "/") == 0) {
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/export.c:156:41: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
rc = fsal_ceph_ll_walk(export->cmount, realpath, &i, &stx,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:127:11: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
memcpy(realpath, glfs_export->export_path,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:131:16: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
dest_path = realpath;
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:138:59: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
glhandle = glfs_h_lookupat(glfs_export->gl_fs->fs, NULL, realpath,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:167:11: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
gsh_free(realpath);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:172:11: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
gsh_free(realpath);
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:1797:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
async_delay = random() % async_delay;
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:1920:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
((async_type == MEM_RANDOM_OR_INLINE) && ((random() % 1) == 1))) {
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:2057:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
((async_type == MEM_RANDOM_OR_INLINE) && ((random() % 1) == 1))) {
data/nfs-ganesha-3.3/src/MainNFSD/nfs_main.c:160:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(nfs_ServerEpoch);
data/nfs-ganesha-3.3/src/MainNFSD/nfs_main.c:178:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, options)) != EOF) {
data/nfs-ganesha-3.3/src/Protocols/NLM/sm_notify.c:76:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "p:r:m:l:s:")) != EOF)
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:408:13: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
old_path = realpath(v4_recov_link, old_pathbuf);
data/nfs-ganesha-3.3/src/log/log_functions.c:670:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env_value = getenv(LogComponents[component].comp_name);
data/nfs-ganesha-3.3/src/test/test_atomic_x86_86.c:568:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
res1 = res2 = random(); \
data/nfs-ganesha-3.3/src/test/test_atomic_x86_86.c:569:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
x1 = x2 = random(); \
data/nfs-ganesha-3.3/src/test/test_atomic_x86_86.c:570:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
f1 = f2 = random(); \
data/nfs-ganesha-3.3/src/test/test_avl.c:818:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/nfs-ganesha-3.3/src/tools/ganesha-rados-grace.c:115:14: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "c:n:o:p:u:", long_options,
data/nfs-ganesha-3.3/src/tools/multilock/ml_cephfs_client.c:1197:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, options)) != EOF) {
data/nfs-ganesha-3.3/src/tools/multilock/ml_console.c:1198:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, options)) != EOF) {
data/nfs-ganesha-3.3/src/tools/multilock/ml_glusterfs_client.c:1266:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, options)) != EOF) {
data/nfs-ganesha-3.3/src/tools/multilock/ml_posix_client.c:1156:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, options)) != EOF) {
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/ds.c:372:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ops, &def_dsh_ops, sizeof(struct fsal_dsh_ops));
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/ds.c:421:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ds->wire, desc->addr, desc->len);
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/ds.c:427:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ops, &def_pnfs_ds_ops, sizeof(struct fsal_pnfs_ds_ops));
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/handle.c:124:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[NFS4_OPAQUE_LIMIT];
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/handle.c:602:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char content[PATH_MAX];
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/handle.c:1035:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&verf_hi, verifier, sizeof(uint32_t));
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/handle.c:1036:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&verf_lo, verifier + sizeof(uint32_t), sizeof(uint32_t));
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/handle.c:2495:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh_desc->addr, &handle->key, fh_desc->len);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/ds.c:282:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char globjhdl[GFAPI_HANDLE_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/ds.c:298:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(globjhdl, hdl_desc->addr, GFAPI_HANDLE_LENGTH);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/ds.c:320:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ops, &def_pnfs_ds_ops, sizeof(struct fsal_pnfs_ds_ops));
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:95:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char globjhdl[GFAPI_HANDLE_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vol_uuid[GLAPI_UUID_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:127:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(realpath, glfs_export->export_path,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:134:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest_path, path + len_mount_path,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:227:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char globjhdl[GFAPI_HANDLE_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vol_uuid[GLAPI_UUID_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:247:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(globjhdl, fh_desc->addr+GLAPI_UUID_LENGTH, GFAPI_HANDLE_LENGTH);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:299:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char globjhdl[GFAPI_HANDLE_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:301:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vol_uuid[GLAPI_UUID_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/fsal_up.c:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vol_uuid[GLAPI_UUID_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/fsal_up.c:49:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char globjhdl[GLAPI_HANDLE_LENGTH];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/fsal_up.c:83:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(globjhdl, vol_uuid, GLAPI_UUID_LENGTH);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/fsal_up.c:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thr_name[16];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/gluster_internal.c:145:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(constructing->globjhdl, vol_uuid, GLAPI_UUID_LENGTH);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/gluster_internal.c:146:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(constructing->globjhdl+GLAPI_UUID_LENGTH, globjhdl,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/gluster_internal.c:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lease_id[GLAPI_LEASE_ID_SIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/gluster_internal.c:204:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lease_id, client_addr, client_addr_len);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/gluster_internal.h:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lease_id[GLAPI_LEASE_ID_SIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/gluster_internal.h:181:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char globjhdl[GLAPI_HANDLE_LENGTH]; /* handle descriptor,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/gluster_internal.h:214:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char gfid[16];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:130:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char globjhdl[GFAPI_HANDLE_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vol_uuid[GLAPI_UUID_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:222:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[NFS4_OPAQUE_LIMIT];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:465:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char globjhdl[GFAPI_HANDLE_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:466:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vol_uuid[GLAPI_UUID_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:569:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char globjhdl[GFAPI_HANDLE_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:570:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vol_uuid[GLAPI_UUID_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:696:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char globjhdl[GFAPI_HANDLE_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:697:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vol_uuid[GLAPI_UUID_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:1154:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst_fd->lease_id, src_fd->lease_id, GLAPI_LEASE_ID_SIZE);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:1226:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*garray_copy), op_ctx->creds->caller_garray,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:1233:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(my_fd->lease_id,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:1309:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*garray_copy), op_ctx->creds->caller_garray,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:1316:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(my_fd->lease_id,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:1538:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(my_fd->lease_id, tmp2_fd->lease_id, GLAPI_LEASE_ID_SIZE);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:1611:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char globjhdl[GFAPI_HANDLE_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:1612:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vol_uuid[GLAPI_UUID_LENGTH] = {'\0'};
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:1904:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
goto open;
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:2044:1: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open:
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:2240:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(my_share_fd->lease_id, my_fd->lease_id,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:2932:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lease.lease_id, my_fd.lease_id, GLAPI_LEASE_ID_SIZE);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/handle.c:3437:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh_desc->addr, objhandle->globjhdl, fh_size);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/mds.c:565:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char posix[10] = "POSIX";
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/mds.c:567:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ds_path_info[MAX_DS_COUNT];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/mds.c:569:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[16];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/mds.c:648:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathinfo[1024] = {0, };
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/mds.c:649:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[256] = {0, };
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/mds.c:676:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scratch[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/export.c:418:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gpfs_fs->root_fd = open(gpfs_fs->fs->path, O_RDONLY | O_DIRECTORY);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/export.c:509:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
map->exp->export_fd = open(op_ctx->ctx_export->fullpath,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_attrs.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char root[MAXPATHLEN];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_attrs.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXPATHLEN];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_attrs.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server[MAXHOSTNAMELEN];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_ds.c:347:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ops, &def_dsh_ops, sizeof(struct fsal_dsh_ops));
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_ds.c:437:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ds->wire, desc->addr, desc->len);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_ds.c:453:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ops, &def_pnfs_ds_ops, sizeof(struct fsal_pnfs_ds_ops));
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_internal.h:115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffacl[GPFS_ACL_BUF_SIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_lookup.c:41:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused1[8];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_lookup.c:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused2[8];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_mds.c:294:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&gpfs_ds_handle, myself->handle,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_up.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thr_name[16];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/gpfsext.c:175:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gpfs_fd = open(GPFS_DEVNAMEX, O_RDONLY);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/handle.c:69:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdl->handle, fh, fh->handle_size);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/handle.c:79:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdl->u.symlink.link_content, link_content, len);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/handle.c:384:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char link_buff[PATH_MAX];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/handle.c:449:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/handle.c:797:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->utf8string_val, name,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/handle.c:884:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh_desc->addr, fh, fh_size);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/handle.c:1179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char link_buff[PATH_MAX];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/handle.c:1192:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh, hdl_desc->addr, hdl_desc->len);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/include/gpfs.h:134:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char acl_var_data[1]; /* OUTPUT: Remainder of the ACL information. */
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/include/gpfs.h:858:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f_fname[32]; /* file system name (usually mount pt.) */
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/include/gpfs.h:859:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f_fpack[32]; /* file system pack name */
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/include/gpfs.h:885:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[256]; /* null terminated variable length name */
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/include/gpfs.h:900:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[1028]; /* null terminated variable length name */
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/include/gpfs.h:1081:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opaque[48];
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/include/gpfs.h:3800:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fspathname,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/include/gpfs.h:3802:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[18], /* "gold", "silver", or .. "1" or "2" .. */
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/include/gpfs.h:3824:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *fspathname,
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/include/gpfs.h:3826:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[18],
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/include/gpfs_nfs.h:158:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char f_handle[OPENHANDLE_HANDLE_LEN];
data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/handle.c:397:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[LIZARDFS_MAX_READLINK_LENGTH];
data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/handle.c:564:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh_desc->addr, &inode, sizeof(liz_inode_t));
data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/lzfs_internal.c:87:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(garray + 1,
data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/lzfs_internal.c:102:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(garray + 1, cred->caller_garray, sizeof(gid_t) * count);
data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/mds_export.c:71:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *)base + i * size,
data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/mds_export.c:92:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, (uint8_t *)base + i * size, size);
data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/mds_export.c:93:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *)base + i * size,
data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/mds_export.c:96:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *)base + j * size, temp, size);
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:200:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXPATHLEN];
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:209:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &myself->obj_handle.fileid, len_fileid);
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:211:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + len_fileid, myself->m_name,
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:215:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(myself->handle, &hashkey, sizeof(hashkey));
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:221:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(myself->handle + opaque_bytes_used, &len_name, sizeof(len_name));
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:229:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(myself->handle + opaque_bytes_used, myself->m_name, pathlen);
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:1896:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(read_arg->iov[i].iov_base, myself->data + offset,
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:2030:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(myself->data + offset,
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:2279:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh_desc->addr, myself->handle, V4_FH_OPAQUE_SIZE);
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_int.h:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char handle[V4_FH_OPAQUE_SIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_int.h:115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[0]; /* Allocated data */
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:33:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr[1024]; \
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:56:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(op->nfs_argop4_u.opsequence.sa_sessionid, sessionid, \
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:124:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(argcompound.argarray.argarray_val[\
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:173:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(op->nfs_argop4_u.opclose.open_stateid.other, \
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padowner[MAXNAMLEN + 1];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padgroup[MAXNAMLEN + 1];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padfh[NFS4_FHSIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:151:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(verif4, fsal_verif, sizeof(fsal_verifier_t)); \
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:372:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(repbuf, &xid, sizeof(xid));
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:409:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sink[256];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:557:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:781:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pcontext->sendbuf, &recmark, sizeof(recmark));
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:913:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, pxy_exp->rpc.pxy_client_sessionid, sizeof(sessionid4));
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:924:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, pxy_exp->rpc.pxy_client_sessionid, sizeof(sessionid4));
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:985:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_sessionid,
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1020:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clientid_name[MAXNAMLEN + 1];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1025:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char so_major_id_val[NFS4_OPAQUE_LIMIT];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1026:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eir_server_scope_val[NFS4_OPAQUE_LIMIT];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1030:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrbuf[sizeof("255.255.255.255")];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1057:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&clientid.co_verifier, &temp_verifier, sizeof(uint64_t));
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1174:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pxy_exp->rpc.pxy_client_sessionid,
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1399:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fattr_blob[FATTR_BLOB_SZ];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1400:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fattr_blob_per_file_system_attr[FATTR_BLOB_SZ];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padfilehandle[NFS4_FHSIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1494:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padfilehandle[NFS4_FHSIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1496:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fattr_blob[FATTR_BLOB_SZ];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1556:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padfilehandle[NFS4_FHSIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1558:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fattr_blob[FATTR_BLOB_SZ];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1641:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padfilehandle[NFS4_FHSIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1642:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fattr_blob[FATTR_BLOB_SZ];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1970:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fattr_blob[FATTR_BLOB_SZ];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:2013:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fattr_blob[FATTR_BLOB_SZ];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:2074:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh_desc->addr, data, fhs);
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:2259:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padfilehandle[NFS4_FHSIZE]; /* gotten FH */
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:2260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char owner_val[128];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:2279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fattr_blob[FATTR_BLOB_SZ];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:2828:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&extract, cpt, sizeof(unsigned int));
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:2874:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n->blob.bytes, fh->nfs_fh4_val, fh->nfs_fh4_len);
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:2996:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fattr_blob[FATTR_BLOB_SZ];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:3039:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fattr_blob[48]; /* 6 values, 8 bytes each */
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping.c:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fh_data[NFS4_FHSIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping.c:208:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handle->fh_data, data, datalen);
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping.c:349:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fsal_handle->addr, h->fh_data, h->fh_len);
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping_db.c:110:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fh4_data[NFS4_FHSIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping_db.c:170:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dbmap_dir[MAXPATHLEN];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping_db.c:171:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char db_tmpdir[MAXPATHLEN];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping_db.c:305:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char db_file[MAXPATHLEN];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping_db.c:406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fh4_data[NFS4_FHSIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping_db.c:496:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char handle_str[OPAQUE_BYTES_SIZE(NFS4_FHSIZE)];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping_db.c:617:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thread_name[32];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping_db.c:755:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char db_pattern[MAXPATHLEN];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping_db.c:964:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_task->op_arg.fh_info.fh4_data, data, len);
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/test_handle_mapping.c:27:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi(argv[2])
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/test_handle_mapping_db.c:18:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi(argv[2])
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/pxy_fsal_methods.h:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pxy_hostname[MAXNAMLEN + 1];
data/nfs-ganesha-3.3/src/FSAL/FSAL_PSEUDO/handle.c:108:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, &hashkey, sizeof(hashkey));
data/nfs-ganesha-3.3/src/FSAL/FSAL_PSEUDO/handle.c:114:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff + opaque_bytes_used, &len, sizeof(len));
data/nfs-ganesha-3.3/src/FSAL/FSAL_PSEUDO/handle.c:122:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff + opaque_bytes_used, pathbuf->b_start, pathlen);
data/nfs-ganesha-3.3/src/FSAL/FSAL_PSEUDO/handle.c:181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXPATHLEN] = "\0";
data/nfs-ganesha-3.3/src/FSAL/FSAL_PSEUDO/handle.c:620:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh_desc->addr, myself->handle, V4_FH_OPAQUE_SIZE);
data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/export.c:287:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &fh_hk, desc->addr, desc->len);
data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/handle.c:1630:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh_desc->addr, &(handle->rgw_fh->fh_hk),
data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/main.c:214:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[5] = { "nfs-ganesha",
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/handle.c:142:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdl->handle, fh, sizeof(vfs_file_handle_t));
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/handle.c:183:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdl->u.unopenable.dir, dir_fh,
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/handle.c:1144:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(link_content->addr, myself->u.symlink.link_content,
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/handle.c:1286:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUF_SIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/handle.c:1289:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entbuf[sizeof(struct dirent)];
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/handle.c:1478:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(obj->u.unopenable.dir, newdir->handle,
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/handle.c:1717:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh_desc->addr,
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/handle.c:1945:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh->handle_data, hdl_desc->addr, hdl_desc->len);
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/handle_syscalls.c:115:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vfs_fs->root_fd = open(vfs_fs->fs->path, O_RDONLY | O_DIRECTORY);
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/os/freebsd/handle_syscalls.c:88:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256] = "\0"; \
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/os/freebsd/handle_syscalls.c:228:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256] = "\0";
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/os/linux/handle_syscalls.c:87:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(u64,
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/os/linux/handle_syscalls.c:167:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256] = "\0"; \
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/os/linux/handle_syscalls.c:233:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh->handle_data + fh->handle_len,
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/os/linux/handle_syscalls.c:241:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh->handle_data + fh->handle_len,
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/os/linux/handle_syscalls.c:254:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh->handle_data + fh->handle_len,
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/os/linux/handle_syscalls.c:311:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kernel_fh->f_handle,
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/panfs_pnfs_ioctl.h:204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PAN_FS_CLIENT_IOC_LOOKUP_NAME_SIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/panfs_um_pnfs.c:197:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pan_attrs->acls.aces, args.panfs_acl,
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/panfs_um_pnfs.c:216:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(args.panfs_acl, pan_attrs->acls.aces,
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/subfsal_helpers.c:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proclnk[MAXPATHLEN];
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/subfsal_helpers.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readlink_buf[MAXPATHLEN];
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/subfsal_helpers.c:104:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(proclnk, op_ctx->ctx_export->pseudopath,
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/subfsal_helpers.c:106:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(proclnk + pseudo_length, dirpath, dirpath_len + 1);
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/vfs/attrs.c:187:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(acldata.aces, fa->fa_acl.aces,
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/vfs/attrs.c:217:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fa->fa_acl.aces, attrib->acl->aces,
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xattrs.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xattr_name[XATTR_NAME_SIZE];
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xattrs.c:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char names[MAXPATHLEN], *ptr;
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xattrs.c:162:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, ptr, len + 1);
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xattrs.c:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char names[MAXPATHLEN], *ptr;
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xattrs.c:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char names[MAXPATHLEN], *ptr;
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xattrs.c:380:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr_name[MAXPATHLEN];
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xattrs.c:556:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMLEN];
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xattrs.c:594:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMLEN];
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/handle_syscalls.c:68:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256] = "\0"; \
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/handle_syscalls.c:111:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&hdl->ha_fsid, data, sizeof(xfs_fsid_t));
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/handle_syscalls.c:165:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fh->handle_data, data, sz);
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/handle_syscalls.c:206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ldata[MAXPATHLEN + 1];
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/handle_syscalls.c:239:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char handle_data[sizeof(struct fsal_fsid__)];
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/handle_syscalls.c:244:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handle_data, &hdl->ha_fsid, sizeof(hdl->ha_fsid));
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/handle_syscalls.c:245:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(handle_data + sizeof(hdl->ha_fsid),
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/handle_syscalls.c:272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char handle_data[sizeof(struct fsal_fsid__)];
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/handle_syscalls.c:324:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256] = "\0";
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/handle_syscalls.c:394:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(vfs_fs->fs->path, O_RDONLY | O_DIRECTORY);
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/main.c:143:7: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(temp_name);
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_avl.c:330:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&v->namehash, hk, 8);
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_avl.c:360:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_avl.c:388:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_avl.c:389:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_avl.c:436:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_avl.c:573:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&v.namehash, hashbuff, 8);
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_hash.h:210:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key->kv.addr, fh_desc->addr, fh_desc->len);
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_helpers.c:417:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NFS4_FHSIZE];
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_helpers.c:836:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_helpers.c:971:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_helpers.c:1056:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key.kv.addr, fh_desc->addr, key.kv.len);
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_helpers.c:1535:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&new_dir_entry->name_buffer, name, namesize);
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_helpers.c:2223:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&new_dir_entry->name_buffer, name, namesize);
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_int.h:655:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tgt->kv.addr, src->kv.addr, src->kv.len);
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_int.h:730:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy(dest->addr, src->addr, dest->len);
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_lru.c:1633:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
nr_open = fopen("/proc/sys/fs/nr_open", "r");
data/nfs-ganesha-3.3/src/FSAL/access_check.c:157:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[64];
data/nfs-ganesha-3.3/src/FSAL/access_check.c:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fbuf[16];
data/nfs-ganesha-3.3/src/FSAL/access_check.c:231:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ibuf[16];
data/nfs-ganesha-3.3/src/FSAL/access_check.c:394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/FSAL/access_check.c:508:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/FSAL/access_check.c:888:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/nfs-ganesha-3.3/src/FSAL/common_pnfs.c:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrbuff[v4_addrbuff_len];
data/nfs-ganesha-3.3/src/FSAL/common_pnfs.c:207:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v4_handle->fsopaque, fh_desc->addr, fh_desc->len);
data/nfs-ganesha-3.3/src/FSAL/common_pnfs.c:283:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[NFS4_FHSIZE];
data/nfs-ganesha-3.3/src/FSAL/common_pnfs.c:412:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[NFS4_FHSIZE];
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:140:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&exp->exp_ops, &def_export_ops, sizeof(struct export_ops));
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:552:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:580:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, path, len);
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:596:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/", O_RDONLY | O_NOFOLLOW);
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:1236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blanks[1024];
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:1805:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:1811:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:1819:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:1823:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + sizeof(u32),
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:1855:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fsid,
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:2348:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&verf_hi,
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:2351:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&verf_lo,
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:3064:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&verf_hi,
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:3067:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&verf_lo,
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:3097:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&verf_hi,
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:3100:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&verf_lo,
data/nfs-ganesha-3.3/src/FSAL/default_methods.c:249:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ops, &def_pnfs_ds_ops, sizeof(struct fsal_pnfs_ds_ops));
data/nfs-ganesha-3.3/src/FSAL/default_methods.c:656:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(verf_desc->addr, &NFS4_write_verifier, verf_desc->len);
data/nfs-ganesha-3.3/src/FSAL/default_methods.c:1625:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ops, &def_dsh_ops, sizeof(struct fsal_dsh_ops));
data/nfs-ganesha-3.3/src/FSAL/fsal_manager.c:410:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&fsal_hdl->m_ops, &def_fsal_ops, sizeof(struct fsal_ops));
data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_async.c:105:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(args->key, obj->addr, obj->len);
data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_async.c:161:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(args->key, obj->addr, obj->len);
data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_async.c:218:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(args->key, file->addr, file->len);
data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_async.c:275:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(args->key, file->addr, file->len);
data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_async.c:341:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(args->data, handle->addr, handle->len);
data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_async.c:531:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(args->key, handle->addr, handle->len);
data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_top.c:363:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stateid_other[OTHERSIZE]; /*< "Other" part of state id */
data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_top.c:478:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cb_data->stateid_other, s->stateid_other, OTHERSIZE);
data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_top.c:1020:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[DISPLAY_STATEID_OTHER_SIZE] = "\0";
data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_top.c:1105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_top.c:1137:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_top.c:1253:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_top.c:1336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/FSAL_UP/fsal_up_top.c:1524:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/MainNFSD/9p_dispatcher.c:71:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *req_q_s[N_REQ_QUEUES] = {
data/nfs-ganesha-3.3/src/MainNFSD/9p_dispatcher.c:352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thr_name[32];
data/nfs-ganesha-3.3/src/MainNFSD/9p_dispatcher.c:534:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char my_name[32];
data/nfs-ganesha-3.3/src/MainNFSD/9p_dispatcher.c:535:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strcaller[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/MainNFSD/9p_rdma_dispatcher.c:170:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p_9p_conn->addrpeer, addrpeer,
data/nfs-ganesha-3.3/src/MainNFSD/9p_rdma_dispatcher.c:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port[6];
data/nfs-ganesha-3.3/src/MainNFSD/nfs_admin_thread.c:166:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, input, size);
data/nfs-ganesha-3.3/src/MainNFSD/nfs_admin_thread.c:170:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gsp.event = atoi(buf);
data/nfs-ganesha-3.3/src/MainNFSD/nfs_admin_thread.c:173:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gsp.nodeid = atoi(gsp.ipaddr);
data/nfs-ganesha-3.3/src/MainNFSD/nfs_init.c:626:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char GssError[MAXNAMLEN + 1];
data/nfs-ganesha-3.3/src/MainNFSD/nfs_lib.c:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localmachine[MAXHOSTNAMELEN + 1];
data/nfs-ganesha-3.3/src/MainNFSD/nfs_main.c:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localmachine[MAXHOSTNAMELEN + 1];
data/nfs-ganesha-3.3/src/MainNFSD/nfs_main.c:314:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dev_null_fd = open("/dev/null", O_RDWR);
data/nfs-ganesha-3.3/src/MainNFSD/nfs_main.c:376:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pidfile = open(nfs_pidfile_path, O_CREAT | O_RDWR, 0644);
data/nfs-ganesha-3.3/src/MainNFSD/nfs_reaper_thread.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/MainNFSD/nfs_reaper_thread.c:162:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/MainNFSD/nfs_rpc_callback.c:215:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons((atoi(p1) << 8) | atoi(p2));
data/nfs-ganesha-3.3/src/MainNFSD/nfs_rpc_callback.c:215:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = htons((atoi(p1) << 8) | atoi(p2));
data/nfs-ganesha-3.3/src/MainNFSD/nfs_rpc_callback.c:441:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, qualifier, qualifier_len + 1);
data/nfs-ganesha-3.3/src/MainNFSD/nfs_rpc_callback.c:464:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hprinc[MAXPATHLEN + 1];
data/nfs-ganesha-3.3/src/MainNFSD/nfs_rpc_callback.c:1049:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sequence->csa_sessionid, session->session_id,
data/nfs-ganesha-3.3/src/MainNFSD/nfs_rpc_callback.c:1066:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(list->rcl_sessionid, refer->session,
data/nfs-ganesha-3.3/src/MainNFSD/nfs_rpc_dispatcher_thread.c:100:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *xprt_stat_s[XPRT_DESTROYED + 1] = {
data/nfs-ganesha-3.3/src/MainNFSD/nfs_rpc_dispatcher_thread.c:1378:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrbuf[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_attach.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exppath[MAXPATHLEN+1];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_interpreter.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char replydata[_9P_MSG_SIZE];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_lcreate.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[MAXNAMLEN+1];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_link.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char link_name[MAXNAMLEN+1];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_lock.c:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMLEN+1];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_lock.c:140:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&client_addr,
data/nfs-ganesha-3.3/src/Protocols/9P/9p_mkdir.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir_name[MAXNAMLEN+1];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_mknod.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char obj_name[MAXNAMLEN+1];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_read.c:107:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(databuffer,
data/nfs-ganesha-3.3/src/Protocols/9P/9p_rename.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[MAXNAMLEN+1];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_renameat.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldname[MAXNAMLEN+1];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_renameat.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[MAXNAMLEN+1];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_symlink.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symlink_name[MAXNAMLEN+1];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_symlink.c:109:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(link_content, linkcontent_str, *linkcontent_len);
data/nfs-ganesha-3.3/src/Protocols/9P/9p_unlinkat.c:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMLEN+1];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_walk.c:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMLEN+1];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_walk.c:92:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)pnewfid, (char *)pfid, sizeof(struct _9p_fid));
data/nfs-ganesha-3.3/src/Protocols/9P/9p_write.c:112:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pfid->xattr->xattr_content + *offset,
data/nfs-ganesha-3.3/src/Protocols/9P/9p_xattrcreate.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMLEN+1];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_xattrwalk.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMLEN+1];
data/nfs-ganesha-3.3/src/Protocols/9P/9p_xattrwalk.c:118:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)pxattrfid, (char *)pfid, sizeof(struct _9p_fid));
data/nfs-ganesha-3.3/src/Protocols/9P/9p_xattrwalk.c:168:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xattr_cursor, xattrs_arr[i].xattr_name, tmplen);
data/nfs-ganesha-3.3/src/Protocols/NFS/mnt_Mnt.c:200:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN_FH_STR];
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_commit.c:106:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res->res_commit3.COMMIT3res_u.resok.verf, NFS3_write_verifier,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_create.c:156:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(verifier,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_readdir.c:309:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RES_READDIR3_OK->cookieverf, cookie_verifier,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_readdirplus.c:373:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resok->cookieverf, cookie_verifier, sizeof(cookieverf3));
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_write.c:85:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resok->verf, NFS3_write_verifier, sizeof(writeverf3));
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_Compound.c:1196:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN];
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_Compound.c:1218:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data->tagname,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_Compound.c:1487:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res_dst, res_src, sizeof(*res_dst));
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_allocate.c:139:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_close.c:212:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res_CLOSE4->CLOSE4res_u.open_stateid.other,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_create_session.c:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_client[CLIENTNAME_BUFSIZE];
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_create_session.c:104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_clientid4[DISPLAY_CLIENTID_SIZE];
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_create_session.c:181:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_create_session.c:206:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_create_session.c:388:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res_CREATE_SESSION4ok->csr_sessionid,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_create_session.c:430:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_create_session.c:474:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_create_session.c:483:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_create_session.c:509:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_create_session.c:522:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_create_session.c:549:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_destroy_clientid.c:71:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_destroy_clientid.c:122:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_destroy_clientid.c:165:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_destroy_clientid.c:187:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_exchange_id.c:86:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cid_server_owner[MAXNAMLEN+1]; /* max hostname length */
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_exchange_id.c:355:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(unconf->cid_incoming_verifier,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_exchange_id.c:382:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, cid_server_owner, owner_len + 1);
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_exchange_id.c:392:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, cid_server_owner, owner_len);
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_exchange_id.c:393:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp + owner_len, cid_server_scope_suffix, scope_len + 1);
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_getdevicelist.c:134:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&res.cookieverf,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_getdevicelist.c:169:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resok->gdlr_cookieverf, &res.cookieverf, NFS4_VERIFIER_SIZE);
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_getfh.c:108:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res_GETFH->GETFH4res_u.resok4.object.nfs_fh4_val,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_layoutget.c:95:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(refer.session, data->session->session_id, sizeof(sessionid4));
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_lock.c:128:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(refer.session,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_lock.c:243:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_open[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_lock.c:246:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_lock[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_lock.c:683:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_open.c:385:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_open.c:446:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(refer.session,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_open.c:525:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_open.c:526:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_open.c:619:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(verifier,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_open.c:623:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(verifier,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_open.c:918:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_open.c:1053:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(refer.session,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_putfh.c:271:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data->currentFH.nfs_fh4_val, arg_PUTFH4->object.nfs_fh4_val,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_read.c:510:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_readdir.c:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val_fh[NFS4_FHSIZE];
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_readdir.c:751:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(resok->cookieverf, cookie_verifier, NFS4_VERIFIER_SIZE);
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_restorefh.c:109:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data->currentFH.nfs_fh4_val, data->savedFH.nfs_fh4_val,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_savefh.c:97:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data->savedFH.nfs_fh4_val,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_sequence.c:190:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res_SEQUENCE4->SEQUENCE4res_u.sr_resok4.sr_sessionid,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid.c:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_verifier[OPAQUE_BYTES_SIZE(NFS4_VERIFIER_SIZE)];
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_client[NFS4_OPAQUE_LIMIT * 2 + 1];
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_clientid4[DISPLAY_CLIENTID_SIZE];
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid.c:141:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid.c:194:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)netid_nc_table[conf->cid_cb.v40.cb_addr.nc]
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid.c:284:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid.c:330:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(unconf->cid_incoming_verifier,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid.c:334:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(unconf->cid_verifier, verifier, sizeof(NFS4_write_verifier));
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid.c:349:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid.c:362:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res_SETCLIENTID4->SETCLIENTID4res_u.resok4.setclientid_confirm,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_verifier[OPAQUE_BYTES_SIZE(NFS4_VERIFIER_SIZE)];
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_client[CLIENTNAME_BUFSIZE];
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_clientid4[DISPLAY_CLIENTID_SIZE];
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:129:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:152:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:165:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:210:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:230:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:283:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:298:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:346:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:367:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:391:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conf->cid_verifier, unconf->cid_verifier,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:401:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:424:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:452:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_setclientid_confirm.c:477:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_write.c:336:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_xattr.c:308:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res_LISTXATTR4->LISTXATTR4res_u.resok4.lr_cookieverf,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c:793:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAXNAMLEN + 1];
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c:4248:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&len,
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c:4289:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&len,
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Cancel.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAXNETOBJ_SZ * 2] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Cancel.c:140:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Granted_Res.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Lock.c:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAXNETOBJ_SZ * 2] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Lock.c:205:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Share.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAXNETOBJ_SZ * 2] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Share.c:73:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN_FH_STR];
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Share.c:75:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oh[MAXNETOBJ_SZ * 2] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Sm_Notify.c:42:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char addrbuf[4];
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Sm_Notify.c:54:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(((struct sockaddr_in *)&name_addr)->sin_addr),
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Sm_Notify.c:70:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(((struct sockaddr_in *)op_ctx->caller_addr)
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Sm_Notify.c:79:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char addrbuf[16];
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Sm_Notify.c:93:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(((struct sockaddr_in6 *)&name_addr)->sin6_addr),
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Sm_Notify.c:109:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(((struct sockaddr_in6 *)op_ctx->caller_addr)
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Test.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAXNETOBJ_SZ * 2] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Test.c:165:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Unlock.c:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAXNETOBJ_SZ * 2] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Unlock.c:134:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Unshare.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAXNETOBJ_SZ * 2] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Unshare.c:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN_FH_STR];
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_Unshare.c:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oh[MAXNETOBJ_SZ * 2] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_async.c:139:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port_str[20];
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_async.c:145:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&server_addr,
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_async.c:182:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(port_str, "%d",
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_util.c:104:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->n_bytes, data, len);
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_util.c:112:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->n_bytes, src->n_bytes, src->n_len);
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_util.c:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_util.c:363:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bdat->sbd_prot.sbd_nlm.sbd_nlm_fh_buf,
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_util.c:660:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024] = "\0";
data/nfs-ganesha-3.3/src/Protocols/NLM/sm_notify.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mon_client[STR_SIZE], mflag = 0;
data/nfs-ganesha-3.3/src/Protocols/NLM/sm_notify.c:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remote_addr_s[STR_SIZE], rflag = 0;
data/nfs-ganesha-3.3/src/Protocols/NLM/sm_notify.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_addr_s[STR_SIZE], lflag = 0;
data/nfs-ganesha-3.3/src/Protocols/NLM/sm_notify.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port_str[20];
data/nfs-ganesha-3.3/src/Protocols/NLM/sm_notify.c:79:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(optarg);
data/nfs-ganesha-3.3/src/Protocols/NLM/sm_notify.c:82:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
state = atoi(optarg);
data/nfs-ganesha-3.3/src/Protocols/NLM/sm_notify.c:157:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(port_str, "%d",
data/nfs-ganesha-3.3/src/Protocols/RQUOTA/rquota_common.c:48:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp_path, exp->fullpath, pathlen);
data/nfs-ganesha-3.3/src/Protocols/RQUOTA/rquota_common.c:62:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp_path + pathlen, quota_path, qpathlen + 1);
data/nfs-ganesha-3.3/src/Protocols/RQUOTA/rquota_getquota.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXPATHLEN];
data/nfs-ganesha-3.3/src/Protocols/RQUOTA/rquota_setquota.c:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXPATHLEN];
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kt_name[BUFSIZ];
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cc_name[BUFSIZ];
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:380:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ple->realm, princ->realm.data, princ->realm.length);
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:544:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kt_name[BUFSIZ];
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:653:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myhostname[NI_MAXHOST], targethostname[NI_MAXHOST];
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:654:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myhostad[NI_MAXHOST + 1];
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:730:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spn[1028];
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:851:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ccachesearch[GSSD_MAX_CCACHE_SEARCH + 1];
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:865:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *svcnames[5] = { "$", "root", "nfs", "host", NULL };
data/nfs-ganesha-3.3/src/RPCAL/gss_extra.c:71:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outmsg, "untranslatable error");
data/nfs-ganesha-3.3/src/RPCAL/nfs_dupreq.c:617:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/RPCAL/nfs_dupreq.c:673:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&drc->d_u.tcp.addr, &drc_k.d_u.tcp.addr,
data/nfs-ganesha-3.3/src/RPCAL/rpc_tools.c:112:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, phostaddr->buf, phostaddr->len);
data/nfs-ganesha-3.3/src/RPCAL/rpc_tools.c:184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipname[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/SAL/9p_owner.c:112:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/9p_owner.c:113:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/9p_owner.c:274:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key.so_owner.so_9p_owner.client_addr, client_addr,
data/nfs-ganesha-3.3/src/SAL/nfs41_session_id.c:226:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sessionid, clientid, sizeof(clientid4));
data/nfs-ganesha-3.3/src/SAL/nfs41_session_id.c:227:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sessionid + sizeof(clientid4), &seq, sizeof(seq));
data/nfs-ganesha-3.3/src/SAL/nfs41_session_id.c:340:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int nfs41_Session_Get_Pointer(char sessionid[NFS4_SESSIONID_SIZE],
data/nfs-ganesha-3.3/src/SAL/nfs41_session_id.c:346:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs41_session_id.c:391:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int nfs41_Session_Del(char sessionid[NFS4_SESSIONID_SIZE])
data/nfs-ganesha-3.3/src/SAL/nfs41_session_id.c:440:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs41_session_id.c:441:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs41_session_id.c:466:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs41_session_id.c:489:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&session->connections[session->num_conn++], &addr, sizeof(addr));
data/nfs-ganesha-3.3/src/SAL/nfs4_clientid.c:267:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_clientid.c:365:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_clientid.c:756:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_clientid.c:777:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_clientid.c:868:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_clientid.c:994:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_clientid.c:1060:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_clientid.c:1314:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(verf, &my_verifier, NFS4_VERIFIER_SIZE);
data/nfs-ganesha-3.3/src/SAL/nfs4_clientid.c:1363:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_clientid.c:1394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_clientid.c:1610:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(record->cr_client_val, value, len);
data/nfs-ganesha-3.3/src/SAL/nfs4_lease.c:86:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_lease.c:119:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_lease.c:152:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_owner.c:170:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_owner.c:171:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_owner.c:216:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_owner.c:217:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_owner.c:448:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_owner.c:467:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_owner.c:468:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_owner.c:492:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_owner.c:562:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(denied->owner.owner.owner_val, holder->so_owner_val,
data/nfs-ganesha-3.3/src/SAL/nfs4_owner.c:606:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(denied_dst, denied_src, sizeof(*denied_dst));
data/nfs-ganesha-3.3/src/SAL/nfs4_owner.c:615:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(denied_dst->owner.owner.owner_val,
data/nfs-ganesha-3.3/src/SAL/nfs4_owner.c:706:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_recovery.c:669:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_recovery.c:877:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rhdlstr[NAME_MAX];
data/nfs-ganesha-3.3/src/SAL/nfs4_recovery.c:950:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipv4[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/SAL/nfs4_recovery.c:988:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverip[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/SAL/nfs4_recovery.c:1039:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(haystack, value, len);
data/nfs-ganesha-3.3/src/SAL/nfs4_state.c:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[DISPLAY_STATEID_OTHER_SIZE] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_state.c:142:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(pnew_state->state_data), state_data, sizeof(*state_data));
data/nfs-ganesha-3.3/src/SAL/nfs4_state.c:336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_state.c:429:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_state.c:679:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_state.c:737:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_state.c:855:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_state.c:1107:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_state.c:1108:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_state_id.c:74:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char all_zero[OTHERSIZE];
data/nfs-ganesha-3.3/src/SAL/nfs4_state_id.c:79:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char all_ones[OTHERSIZE];
data/nfs-ganesha-3.3/src/SAL/nfs4_state_id.c:243:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[DISPLAY_STATEID_OTHER_SIZE] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_state_id.c:244:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[DISPLAY_STATEID_OTHER_SIZE] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_state_id.c:477:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(other, &clientid->cid_clientid, sizeof(clientid->cid_clientid));
data/nfs-ganesha-3.3/src/SAL/nfs4_state_id.c:479:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(other + sizeof(clientid->cid_clientid), &my_stateid,
data/nfs-ganesha-3.3/src/SAL/nfs4_state_id.c:490:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_state_id.c:582:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_state_id.c:724:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_state_id.c:800:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[DISPLAY_STATEID4_SIZE] = "\0";
data/nfs-ganesha-3.3/src/SAL/nfs4_state_id.c:1222:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[DISPLAY_STATEID4_SIZE] = "\0";
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:137:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:138:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:332:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:333:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:519:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:520:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:734:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:815:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:913:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pclient, &key, sizeof(key));
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:1007:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:1094:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:1118:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(key.slc_server_addr), &local_addr,
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:1200:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pclient, &key, sizeof(key));
data/nfs-ganesha-3.3/src/SAL/nlm_state.c:104:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nlm_state.c:105:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/nlm_state.c:240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/nlm_state.c:352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:17:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char v4_recov_dir[PATH_MAX];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:19:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char v4_old_dir[PATH_MAX];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:56:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((!isprint(((char *)value)[i])) ||
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:57:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(((char *)value)[i] == '/'))
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cidstr[PATH_MAX] = { 0, };
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cidstr_lenx[5];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[14];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:173:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v4_recov_dir, nfs_v4_recov_root, root_len);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:175:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v4_recov_dir + 1 + root_len, nfs_v4_recov_dir, dir_len + 1);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:196:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v4_old_dir, nfs_v4_recov_root, root_len);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:198:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v4_old_dir + 1 + root_len, nfs_v4_old_dir, old_len + 1);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:214:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v4_recov_dir + 1 + dir_len, node, node_size);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:215:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v4_old_dir + 1 + old_len, node, node_size);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX] = {0};
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:250:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, v4_recov_dir, pathpos + 1);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:270:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path + pathpos,
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:279:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path + pathpos,
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:309:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char del_path[PATH_MAX];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:375:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, parent_path, parent_len);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:377:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path + parent_len + 1, recov_dir + position, segment_len + 1);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:457:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lopath[PATH_MAX];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:495:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char del_path[PATH_MAX];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:554:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[10];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:611:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(build_clid, clid_str, clid_str_len);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:613:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(build_clid + clid_str_len,
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:673:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, ptr+1, len+1);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:674:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cid_len = atoi(temp);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:744:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:874:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rhdlstr[NAME_MAX];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:875:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX] = {0};
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:892:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, v4_recov_dir, v4_recov_dir_len + 1);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:911:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path + pathpos,
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:915:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path + pathpos + len, "/\x1", 2);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:916:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path + pathpos + len + 2,
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:931:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path + pathpos,
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.h:8:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char v4_recov_dir[PATH_MAX];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:19:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char v4_recov_link[sizeof(NFS_V4_RECOV_ROOT) +
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:37:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathbuf[PATH_MAX];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[NI_MAXHOST];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[10];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:248:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(build_clid, clid_str, clid_str_len);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:250:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(build_clid + clid_str_len,
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:307:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, ptr+1, len+1);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:308:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cid_len = atoi(temp);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:403:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char old_pathbuf[PATH_MAX];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:404:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_link[PATH_MAX];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_cluster.c:253:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ckey[RADOS_KEY_MAX_LEN];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_cluster.c:284:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *keys[RADOS_KV_STARTING_SLOTS];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_cluster.c:285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vals[RADOS_KV_STARTING_SLOTS];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:85:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((!isprint(((char *)value)[i])) ||
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:86:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(((char *)value)[i] == '/'))
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cidstr[PATH_MAX] = { 0, }, *val;
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cidstr_lenx[5];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:145:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val, str_client_addr, str_client_addr_len);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:147:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val + total_len, "-(", 2);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:149:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val + total_len, cidstr_lenx, cidstr_lenx_len);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:153:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val + total_len, cidstr, cidstr_len);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:155:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val + total_len, ")", 2);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *keys[1];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vals[1];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *keys[1];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:224:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val, val_out, val_len_out+1);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:235:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *keys[1];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rdfhstr[NAME_MAX];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:396:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[NI_MAXHOST];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:485:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ckey[RADOS_KEY_MAX_LEN];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:509:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ckey[RADOS_KEY_MAX_LEN];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:545:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dupval, val, val_len);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:636:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char object_takeover[NI_MAXHOST];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:691:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ckey[RADOS_KEY_MAX_LEN];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_ng.c:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *keys[1];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_ng.c:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vals[1];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_ng.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *keys[1];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_ng.c:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[NI_MAXHOST];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_ng.c:189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ckey[RADOS_KEY_MAX_LEN];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_ng.c:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ckey[RADOS_KEY_MAX_LEN];
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_ng.c:246:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dupval, val, val_len);
data/nfs-ganesha-3.3/src/SAL/state_layout.c:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_layout.c:268:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_lock.c:283:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char owner[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_lock.c:432:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_lock.c:1213:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_lock.c:1214:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LOG_BUFF_LEN / 2] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_lock.c:1304:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_lock.c:1371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_lock.c:1399:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffkey.addr, cookie, cookie_size);
data/nfs-ganesha-3.3/src/SAL/state_lock.c:1553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_lock.c:2858:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_lock.c:3104:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_lock.c:3224:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_misc.c:788:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_misc.c:813:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_misc.c:893:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_misc.c:997:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_misc.c:1049:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_misc.c:1150:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(owner, key, sizeof(*key));
data/nfs-ganesha-3.3/src/SAL/state_misc.c:1170:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(owner->so_owner_val,
data/nfs-ganesha-3.3/src/SAL/state_misc.c:1234:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/SAL/state_misc.c:1333:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/cidr/cidr_addr.c:20:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(toret->mask, addr->mask, (16 * sizeof(toret->mask[0])));
data/nfs-ganesha-3.3/src/cidr/cidr_addr.c:52:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(toret->mask, addr->mask, (16 * sizeof(toret->mask[0])));
data/nfs-ganesha-3.3/src/cidr/cidr_get.c:66:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(toret, addr->addr, sizeof(addr->addr));
data/nfs-ganesha-3.3/src/cidr/cidr_get.c:79:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(toret, addr->mask, sizeof(addr->mask));
data/nfs-ganesha-3.3/src/cidr/cidr_mem.c:26:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(toret, src, sizeof(CIDR));
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[128]; /* We shouldn't need more than ~5 anywhere */
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:77:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(toret, "%d.%d.%d.%d.in-addr.arpa",
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:89:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(toret,
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:92:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(toret, "0:0:0:0:0:");
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:94:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(toret, "::");
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:99:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(toret, "0000:");
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:101:8: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(toret, "0:");
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:104:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(toret, "ffff:");
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:110:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmpbuf, "%u", (block->addr)[i]);
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:137:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmpbuf, "%u", moct);
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:157:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmpbuf, "%u",
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:175:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(toret,
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:257:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(toret, "::");
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:289:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmpbuf, "%.4x", v6sect);
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:291:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmpbuf, "%x", v6sect);
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:355:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(tmpbuf, "%u", pflen);
data/nfs-ganesha-3.3/src/config_parsing/conf_url.c:216:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[100];
data/nfs-ganesha-3.3/src/config_parsing/conf_url_rados.c:207:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, in + m->rm_so, size - 1);
data/nfs-ganesha-3.3/src/config_parsing/conf_url_rados.c:259:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[100];
data/nfs-ganesha-3.3/src/config_parsing/conf_url_rados.c:279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/nfs-ganesha-3.3/src/config_parsing/config_parsing.c:619:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sock, res->ai_addr, res->ai_addrlen);
data/nfs-ganesha-3.3/src/config_parsing/config_parsing.c:884:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sock, res->ai_addr, res->ai_addrlen);
data/nfs-ganesha-3.3/src/dbus/dbus_server.c:149:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prefixed_dbus_name, default_name, default_len + 1);
data/nfs-ganesha-3.3/src/dbus/dbus_server.c:158:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prefixed_dbus_name, default_name, default_len + 1);
data/nfs-ganesha-3.3/src/dbus/dbus_server.c:162:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prefixed_dbus_name, prefix, prefix_len);
data/nfs-ganesha-3.3/src/dbus/dbus_server.c:164:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prefixed_dbus_name + prefix_len + 1, default_name,
data/nfs-ganesha-3.3/src/dbus/dbus_server.c:269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixed_dbus_name[NAME_MAX + 1];
data/nfs-ganesha-3.3/src/dbus/dbus_server.c:679:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixed_dbus_name[NAME_MAX + 1];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_close2_latency.cc:167:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_close2_latency.cc:173:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_close2_latency.cc:184:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_close2_latency.cc:197:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_close2_latency.cc:208:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_close2_latency.cc:215:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_close2_latency.cc:228:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_close2_latency.cc:241:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_close_latency.cc:118:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_close_latency.cc:123:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_close_latency.cc:144:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_getattrs_latency.cc:159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_getattrs_latency.cc:163:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i % DIR_COUNT);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_getattrs_latency.cc:214:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_getattrs_latency.cc:218:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i % DIR_COUNT);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:104:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:113:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "file-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:127:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:130:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "file-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:197:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:203:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "link-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:216:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "link-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:226:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:232:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "link-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:245:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "link-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:255:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:261:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "link-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:274:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "link-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:284:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:297:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "link-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_link_latency.cc:310:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "link-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_lookup_latency.cc:194:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_lookup_latency.cc:202:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", FILE_COUNT / 5);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_lookup_latency.cc:219:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_lookup_latency.cc:230:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i % FILE_COUNT);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_lookup_latency.cc:250:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_lookup_latency.cc:264:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i % FILE_COUNT);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:81:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:90:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:104:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:107:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:169:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:176:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:190:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:200:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:207:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:221:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:231:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:238:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:252:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:262:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:273:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mkdir_latency.cc:289:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:82:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:91:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:105:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:108:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:172:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:179:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:194:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:204:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:211:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:226:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:236:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:243:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:258:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:268:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:282:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_mknode_latency.cc:297:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_open2_latency.cc:178:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_open2_latency.cc:185:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_open2_latency.cc:199:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_open2_latency.cc:213:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_open2_latency.cc:221:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_open2_latency.cc:236:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_open2_latency.cc:251:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_open2_latency.cc:265:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_open2_latency.cc:280:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_open2_latency.cc:294:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_open2_latency.cc:300:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_open2_latency.cc:313:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_open2_latency.cc:328:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_readdir_correctness.cc:143:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->addr, src->addr, src->len);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:161:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN] = TEST_FILE;
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:162:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname_new[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:174:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname_new, "nf-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:198:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN] = TEST_FILE;
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:199:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname_new[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:211:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname_new, "nf-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:234:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN] = TEST_FILE;
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:235:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname_new[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:247:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname_new, "nf-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:271:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN] = TEST_FILE;
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:272:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname_new[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:292:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname_new, "nf-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_setattr2_latency.cc:174:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_setattr2_latency.cc:178:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_setattr2_latency.cc:228:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_setattr2_latency.cc:232:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc:192:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc:199:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "s-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc:214:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "s-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc:224:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc:231:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "s-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc:246:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "s-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc:256:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc:263:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "s-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc:278:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "s-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc:288:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc:302:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "s-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_symlink_latency.cc:317:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "s-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_unlink_latency.cc:154:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_unlink_latency.cc:165:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "fl-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_unlink_latency.cc:174:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "fl-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_unlink_latency.cc:195:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_unlink_latency.cc:206:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "fl-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_unlink_latency.cc:215:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "fl-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_unlink_latency.cc:237:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_unlink_latency.cc:256:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "fl-%08x", i);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_unlink_latency.cc:265:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "fl-%08x", i);
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_link_latency.cc:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_link_latency.cc:91:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x-%08x", DIR_COUNT / 5, 1);
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_link_latency.cc:116:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_link_latency.cc:129:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x-%08x", n, r + 1);
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_link_latency.cc:154:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "d-%08x-%08x", n, r + 1);
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_lookup_latency.cc:128:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_lookup_latency.cc:135:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", FILE_COUNT / 5);
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_lookup_latency.cc:155:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_lookup_latency.cc:167:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", n);
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_rename_latency.cc:141:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN], fname2[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_rename_latency.cc:148:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", FILE_COUNT / 5);
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_rename_latency.cc:149:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname2, "r-%08x", FILE_COUNT / 5);
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_rename_latency.cc:175:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[NAMELEN], fname2[NAMELEN];
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_rename_latency.cc:187:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "f-%08x", n);
data/nfs-ganesha-3.3/src/gtest/nfs4/test_nfs4_rename_latency.cc:188:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname2, "r-%08x", n);
data/nfs-ganesha-3.3/src/gtest/test_rbt.cc:56:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[65536];
data/nfs-ganesha-3.3/src/hashtable/hashtable.c:512:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dispval[HASHTABLE_DISPLAY_STRLEN];
data/nfs-ganesha-3.3/src/hashtable/hashtable.c:615:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dispkey[HASHTABLE_DISPLAY_STRLEN];
data/nfs-ganesha-3.3/src/hashtable/hashtable.c:616:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dispval[HASHTABLE_DISPLAY_STRLEN];
data/nfs-ganesha-3.3/src/hashtable/hashtable.c:650:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dispkey[HASHTABLE_DISPLAY_STRLEN];
data/nfs-ganesha-3.3/src/hashtable/hashtable.c:651:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dispval[HASHTABLE_DISPLAY_STRLEN];
data/nfs-ganesha-3.3/src/hashtable/hashtable.c:760:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dispkey[HASHTABLE_DISPLAY_STRLEN];
data/nfs-ganesha-3.3/src/hashtable/hashtable.c:761:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dispval[HASHTABLE_DISPLAY_STRLEN];
data/nfs-ganesha-3.3/src/hashtable/hashtable.c:917:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dispkey[HASHTABLE_DISPLAY_STRLEN];
data/nfs-ganesha-3.3/src/hashtable/hashtable.c:919:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dispval[HASHTABLE_DISPLAY_STRLEN];
data/nfs-ganesha-3.3/src/idmapper/idmapper.c:144:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[11];
data/nfs-ganesha-3.3/src/idmapper/idmapper.c:222:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cursor, owner_domain.addr,
data/nfs-ganesha-3.3/src/idmapper/idmapper.c:268:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_name.addr, "nobody", 6);
data/nfs-ganesha-3.3/src/idmapper/idmapper.c:573:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(namebuff, name->addr, name->len);
data/nfs-ganesha-3.3/src/idmapper/idmapper_cache.c:325:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->uname.addr, name->addr, name->len);
data/nfs-ganesha-3.3/src/idmapper/idmapper_cache.c:431:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->gname.addr, name->addr, name->len);
data/nfs-ganesha-3.3/src/idmapper/idmapper_cache.c:766:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(namebuff, user->uname.addr, user->uname.len);
data/nfs-ganesha-3.3/src/include/9p.h:311:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xattr_name[MAXNAMLEN + 1];
data/nfs-ganesha-3.3/src/include/9p.h:328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMLEN+1];
data/nfs-ganesha-3.3/src/include/9p.h:478:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__cursor, __str, __len); \
data/nfs-ganesha-3.3/src/include/9p.h:490:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(__cursor, __buffer, __len); \
data/nfs-ganesha-3.3/src/include/9p.h:833:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, str, len);
data/nfs-ganesha-3.3/src/include/abstract_mem.h:223:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p_, s, l); \
data/nfs-ganesha-3.3/src/include/abstract_mem.h:241:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p_, s, l); \
data/nfs-ganesha-3.3/src/include/abstract_mem.h:402:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, p1, len1);
data/nfs-ganesha-3.3/src/include/abstract_mem.h:403:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path + len1, p2, len2 + 1);
data/nfs-ganesha-3.3/src/include/abstract_mem.h:414:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, p1, len1);
data/nfs-ganesha-3.3/src/include/abstract_mem.h:416:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path + len1 + 1, p2, len2 + 1);
data/nfs-ganesha-3.3/src/include/client_mgr.h:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostaddr_str[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/include/fsal_types.h:531:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xattr_name[XATTR_NAME_SIZE]; /*< attribute name */
data/nfs-ganesha-3.3/src/include/fsal_types.h:917:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char fsal_verifier_t[NFS4_VERIFIER_SIZE];
data/nfs-ganesha-3.3/src/include/log.h:330:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[buf_size]; \
data/nfs-ganesha-3.3/src/include/log.h:347:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[buf_size]; \
data/nfs-ganesha-3.3/src/include/nfs23.h:32:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char fhandle2[NFS2_FHSIZE];
data/nfs-ganesha-3.3/src/include/nfs23.h:72:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char nfscookie2[NFS2_COOKIESIZE];
data/nfs-ganesha-3.3/src/include/nfs23.h:90:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char cookieverf3[8];
data/nfs-ganesha-3.3/src/include/nfs23.h:92:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char createverf3[8];
data/nfs-ganesha-3.3/src/include/nfs23.h:94:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char writeverf3[8];
data/nfs-ganesha-3.3/src/include/nfs_file_handle.h:223:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN_FH_STR]; \
data/nfs-ganesha-3.3/src/include/nfs_file_handle.h:245:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN_FH_STR]; \
data/nfs-ganesha-3.3/src/include/nfs_file_handle.h:248:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LEN_FH_STR]; \
data/nfs-ganesha-3.3/src/include/nfs_file_handle.h:273:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN_FH_STR]; \
data/nfs-ganesha-3.3/src/include/nfs_file_handle.h:289:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN_FH_STR]; \
data/nfs-ganesha-3.3/src/include/nfsv41.h:215:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char sessionid4[NFS4_SESSIONID_SIZE];
data/nfs-ganesha-3.3/src/include/nfsv41.h:251:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->utf8string_val, s, l + 1);
data/nfs-ganesha-3.3/src/include/nfsv41.h:260:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char verifier4[NFS4_VERIFIER_SIZE];
data/nfs-ganesha-3.3/src/include/nfsv41.h:426:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char other[12];
data/nfs-ganesha-3.3/src/include/nfsv41.h:481:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char deviceid4[NFS4_DEVICEID4_SIZE];
data/nfs-ganesha-3.3/src/include/nlm4.h:164:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char priv[SM_PRIV_SZ];
data/nfs-ganesha-3.3/src/include/nsm.h:58:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char priv[16];
data/nfs-ganesha-3.3/src/include/os/freebsd/fsal_handle_syscalls.h:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fid_data[MAXFIDSIZE]; /* data (variable length) */
data/nfs-ganesha-3.3/src/include/os/linux/fsal_handle_syscalls.h:53:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char f_handle[0];
data/nfs-ganesha-3.3/src/include/os/subr.h:40:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int vfs_utimesat(int fd, const char *path, const struct timespec times[2],
data/nfs-ganesha-3.3/src/include/rados_grace.h:55:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *nodeids[1];
data/nfs-ganesha-3.3/src/include/rados_grace.h:66:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *nodeids[1];
data/nfs-ganesha-3.3/src/include/rados_grace.h:77:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *nodeids[1];
data/nfs-ganesha-3.3/src/include/rados_grace.h:88:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *nodeids[1];
data/nfs-ganesha-3.3/src/include/rados_grace.h:99:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *nodeids[1];
data/nfs-ganesha-3.3/src/include/sal_data.h:168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char session_id[NFS4_SESSIONID_SIZE]; /*< Session ID */
data/nfs-ganesha-3.3/src/include/sal_data.h:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cl_name[PATH_MAX]; /*< Client name */
data/nfs-ganesha-3.3/src/include/sal_data.h:233:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char v4_old_dir[PATH_MAX];
data/nfs-ganesha-3.3/src/include/sal_data.h:234:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char v4_recov_dir[PATH_MAX];
data/nfs-ganesha-3.3/src/include/sal_data.h:370:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char all_zero[OTHERSIZE];
data/nfs-ganesha-3.3/src/include/sal_data.h:371:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char all_ones[OTHERSIZE];
data/nfs-ganesha-3.3/src/include/sal_data.h:400:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stateid_other[OTHERSIZE]; /**< "Other" part of state id,
data/nfs-ganesha-3.3/src/include/sal_data.h:415:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((id4)->other, (state)->stateid_other, OTHERSIZE); \
data/nfs-ganesha-3.3/src/include/sal_data.h:694:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cb_client_r_addr[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/include/sal_data.h:793:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbd_nlm_fh_buf[NFS3_FHSIZE]; /*< Statically allocated
data/nfs-ganesha-3.3/src/include/sal_functions.h:74:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LOG_BUFF_LEN]; \
data/nfs-ganesha-3.3/src/include/sal_functions.h:327:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int nfs41_Session_Get_Pointer(char sessionid[NFS4_SESSIONID_SIZE],
data/nfs-ganesha-3.3/src/include/sal_functions.h:330:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int nfs41_Session_Del(char sessionid[NFS4_SESSIONID_SIZE]);
data/nfs-ganesha-3.3/src/log/display.c:158:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ptr, "...");
data/nfs-ganesha-3.3/src/log/display.c:386:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
display_printf(dspbuf, fmt, ((unsigned char *)value)[i]);
data/nfs-ganesha-3.3/src/log/display.c:441:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (!isprint(((char *)value)[i]))
data/nfs-ganesha-3.3/src/log/display.c:491:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dspbuf->b_current, str, cpy);
data/nfs-ganesha-3.3/src/log/log_functions.c:234:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const_log_str[LOG_BUFF_LEN] = "\0";
data/nfs-ganesha-3.3/src/log/log_functions.c:235:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date_time_fmt[MAX_TD_FMT_LEN] = "\0";
data/nfs-ganesha-3.3/src/log/log_functions.c:265:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char program_name[1024];
data/nfs-ganesha-3.3/src/log/log_functions.c:266:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hostname[256];
data/nfs-ganesha-3.3/src/log/log_functions.c:273:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
__thread char thread_name[32];
data/nfs-ganesha-3.3/src/log/log_functions.c:274:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
__thread char log_buffer[LOG_BUFF_LEN + 1];
data/nfs-ganesha-3.3/src/log/log_functions.c:1226:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, O_WRONLY | O_APPEND | O_CREAT, log_mask);
data/nfs-ganesha-3.3/src/log/log_functions.c:1313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[MAX_TD_FMT_LEN];
data/nfs-ganesha-3.3/src/log/log_functions.c:1346:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[MAX_TD_FMT_LEN];
data/nfs-ganesha-3.3/src/log/log_functions.c:2552:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(component_log_level,
data/nfs-ganesha-3.3/src/log/log_functions.c:2651:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open((char *)facility->lf_private,
data/nfs-ganesha-3.3/src/log/test_display.c:15:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/nfs-ganesha-3.3/src/log/test_display.c:17:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer2[200];
data/nfs-ganesha-3.3/src/log/test_display.c:19:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer3[14];
data/nfs-ganesha-3.3/src/os/freebsd/memstream.c:74:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, *ms->cp + ms->offset, tocopy);
data/nfs-ganesha-3.3/src/os/freebsd/memstream.c:92:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*ms->cp + ms->offset, buf, tocopy);
data/nfs-ganesha-3.3/src/os/freebsd/mntent_compat.c:124:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + *pos, s1, newlen + 1);
data/nfs-ganesha-3.3/src/os/freebsd/mntent_compat.c:143:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char opts_buf[40];
data/nfs-ganesha-3.3/src/os/freebsd/subr.c:98:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int vfs_utimesat(int fd, const char *path, const struct timespec ts[2],
data/nfs-ganesha-3.3/src/os/freebsd/xattr.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[EXTATTR_MAXNAMELEN];
data/nfs-ganesha-3.3/src/os/linux/subr.c:90:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int vfs_utimesat(int fd, const char *path, const struct timespec ts[2],
data/nfs-ganesha-3.3/src/support/city-test.c:43:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char data[1 << 20];
data/nfs-ganesha-3.3/src/support/city-test.c:61:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + i, &u, 1); /* uint8 -> char */
data/nfs-ganesha-3.3/src/support/city.c:540:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[240];
data/nfs-ganesha-3.3/src/support/city.c:542:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, s, len);
data/nfs-ganesha-3.3/src/support/client_mgr.c:303:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cl_addrbuf[sizeof(struct in6_addr)];
data/nfs-ganesha-3.3/src/support/client_mgr.c:320:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((struct sockaddr_in *)sp)->sin_addr,
data/nfs-ganesha-3.3/src/support/client_mgr.c:324:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((struct sockaddr_in6 *)sp)->sin6_addr,
data/nfs-ganesha-3.3/src/support/exports.c:326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024] = "\0";
data/nfs-ganesha-3.3/src/support/exports.c:1024:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char perms[1024] = "\0";
data/nfs-ganesha-3.3/src/support/exports.c:1395:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char perms[1024] = "\0";
data/nfs-ganesha-3.3/src/support/exports.c:1456:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char perms[1024] = "\0";
data/nfs-ganesha-3.3/src/support/exports.c:1482:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char perms[1024] = "\0";
data/nfs-ganesha-3.3/src/support/exports.c:2510:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[NI_MAXHOST];
data/nfs-ganesha-3.3/src/support/exports.c:2511:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstring[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/support/exports.c:2743:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ten_bytes_all_0[10];
data/nfs-ganesha-3.3/src/support/exports.c:2773:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstring4[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/support/exports.c:2774:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstring6[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/support/exports.c:2892:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstring[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/support/exports.c:2995:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char perms[1024] = "\0";
data/nfs-ganesha-3.3/src/support/nfs_creds.c:265:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char principal[MAXNAMLEN + 1];
data/nfs-ganesha-3.3/src/support/nfs_creds.c:312:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(principal, gd->cname.value, gd->cname.length);
data/nfs-ganesha-3.3/src/support/nfs_creds.c:461:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*garray_copy),
data/nfs-ganesha-3.3/src/support/nfs_ip_name.c:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstring[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/support/nfs_ip_name.c:210:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nfs_ip_name->hostname, hn, len + 1);
data/nfs-ganesha-3.3/src/support/nfs_ip_name.c:261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstring[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/support/nfs_ip_name.c:308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstring[SOCK_NAME_MAX];
data/nfs-ganesha-3.3/src/support/rados_grace.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(uint64_t) * 2];
data/nfs-ganesha-3.3/src/support/rados_grace.c:75:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, (char *)&cur, sizeof(cur));
data/nfs-ganesha-3.3/src/support/rados_grace.c:76:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + sizeof(cur), (char *)&rec, sizeof(rec));
data/nfs-ganesha-3.3/src/support/rados_grace.c:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(uint64_t) * 2];
data/nfs-ganesha-3.3/src/support/rados_grace.c:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(uint64_t) * 2];
data/nfs-ganesha-3.3/src/support/rados_grace.c:221:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(uint64_t) * 2];
data/nfs-ganesha-3.3/src/support/rados_grace.c:406:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(uint64_t) * 2];
data/nfs-ganesha-3.3/src/support/rados_grace.c:481:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, (char *)&tc, sizeof(tc));
data/nfs-ganesha-3.3/src/support/rados_grace.c:482:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + sizeof(tc), (char *)&tr, sizeof(tr));
data/nfs-ganesha-3.3/src/support/rados_grace.c:562:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(uint64_t) * 2];
data/nfs-ganesha-3.3/src/support/rados_grace.c:687:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, (char *)&tc, sizeof(tc));
data/nfs-ganesha-3.3/src/support/rados_grace.c:688:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + sizeof(tc), (char *)&tr, sizeof(tr));
data/nfs-ganesha-3.3/src/support/uid2grp.c:177:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(namebuff, name->addr, name->len);
data/nfs-ganesha-3.3/src/support/uid2grp.c:205:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gdata->uname.addr, p.pw_name, gdata->uname.len);
data/nfs-ganesha-3.3/src/support/uid2grp.c:252:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gdata->uname.addr, p.pw_name, gdata->uname.len);
data/nfs-ganesha-3.3/src/test/test_mh_avl.c:78:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&v->hk.k, hk, 8);
data/nfs-ganesha-3.3/src/test/test_mh_avl.c:92:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&v->hk.k, hk, 8);
data/nfs-ganesha-3.3/src/test/test_mh_avl.c:119:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&v->hk.k, hk, 8);
data/nfs-ganesha-3.3/src/test/test_mh_avl.c:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[256];
data/nfs-ganesha-3.3/src/test/test_mh_avl.c:323:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "file%d", ix);
data/nfs-ganesha-3.3/src/test/test_mh_avl.c:343:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[256];
data/nfs-ganesha-3.3/src/test/test_mh_avl.c:348:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "file%d", ix);
data/nfs-ganesha-3.3/src/test/test_url_regex.c:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[100];
data/nfs-ganesha-3.3/src/test/test_url_regex.c:110:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[100];
data/nfs-ganesha-3.3/src/test/test_url_regex.c:127:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[100];
data/nfs-ganesha-3.3/src/test/test_url_regex.c:142:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[100];
data/nfs-ganesha-3.3/src/tools/multilock/ml_cephfs_client.c:75:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server[MAXSTR];
data/nfs-ganesha-3.3/src/tools/multilock/ml_cephfs_client.c:76:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXSTR];
data/nfs-ganesha-3.3/src/tools/multilock/ml_cephfs_client.c:77:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portstr[MAXSTR];
data/nfs-ganesha-3.3/src/tools/multilock/ml_cephfs_client.c:79:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXXFER];
data/nfs-ganesha-3.3/src/tools/multilock/ml_cephfs_client.c:84:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ceph_config[PATH_MAX];
data/nfs-ganesha-3.3/src/tools/multilock/ml_cephfs_client.c:85:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ceph_path[PATH_MAX] = "/";
data/nfs-ganesha-3.3/src/tools/multilock/ml_cephfs_client.c:274:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullpath[PATH_MAX];
data/nfs-ganesha-3.3/src/tools/multilock/ml_cephfs_client.c:1227:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
input = fopen(optarg, "r");
data/nfs-ganesha-3.3/src/tools/multilock/ml_cephfs_client.c:1247:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(optarg);
data/nfs-ganesha-3.3/src/tools/multilock/ml_console.c:318:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXXFER];
data/nfs-ganesha-3.3/src/tools/multilock/ml_console.c:520:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[MAXSTR];
data/nfs-ganesha-3.3/src/tools/multilock/ml_console.c:598:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXXFER];
data/nfs-ganesha-3.3/src/tools/multilock/ml_console.c:599:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[MAXXFER];
data/nfs-ganesha-3.3/src/tools/multilock/ml_console.c:600:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last[MAXXFER]; /* last command sent */
data/nfs-ganesha-3.3/src/tools/multilock/ml_console.c:1210:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(optarg);
data/nfs-ganesha-3.3/src/tools/multilock/ml_console.c:1222:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
input = fopen(optarg, "r");
data/nfs-ganesha-3.3/src/tools/multilock/ml_functions.c:50:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errdetail[MAXSTR * 2 + 1];
data/nfs-ganesha-3.3/src/tools/multilock/ml_functions.c:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char badtoken[MAXSTR + 1];
data/nfs-ganesha-3.3/src/tools/multilock/ml_functions.c:894:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXXFER];
data/nfs-ganesha-3.3/src/tools/multilock/ml_functions.c:1569:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXXFER];
data/nfs-ganesha-3.3/src/tools/multilock/ml_glusterfs_client.c:74:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server[MAXSTR];
data/nfs-ganesha-3.3/src/tools/multilock/ml_glusterfs_client.c:75:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXSTR];
data/nfs-ganesha-3.3/src/tools/multilock/ml_glusterfs_client.c:76:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portstr[MAXSTR];
data/nfs-ganesha-3.3/src/tools/multilock/ml_glusterfs_client.c:77:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char volname[MAXSTR];
data/nfs-ganesha-3.3/src/tools/multilock/ml_glusterfs_client.c:78:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char glusterserver[MAXSTR];
data/nfs-ganesha-3.3/src/tools/multilock/ml_glusterfs_client.c:80:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXXFER];
data/nfs-ganesha-3.3/src/tools/multilock/ml_glusterfs_client.c:273:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullpath[PATH_MAX];
data/nfs-ganesha-3.3/src/tools/multilock/ml_glusterfs_client.c:1301:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
input = fopen(optarg, "r");
data/nfs-ganesha-3.3/src/tools/multilock/ml_glusterfs_client.c:1321:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(optarg);
data/nfs-ganesha-3.3/src/tools/multilock/ml_posix_client.c:71:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server[MAXSTR];
data/nfs-ganesha-3.3/src/tools/multilock/ml_posix_client.c:72:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXSTR];
data/nfs-ganesha-3.3/src/tools/multilock/ml_posix_client.c:73:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portstr[MAXSTR];
data/nfs-ganesha-3.3/src/tools/multilock/ml_posix_client.c:75:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXXFER];
data/nfs-ganesha-3.3/src/tools/multilock/ml_posix_client.c:259:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(resp->r_data, resp->r_flags);
data/nfs-ganesha-3.3/src/tools/multilock/ml_posix_client.c:261:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(resp->r_data, resp->r_flags, resp->r_mode);
data/nfs-ganesha-3.3/src/tools/multilock/ml_posix_client.c:1192:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
input = fopen(optarg, "r");
data/nfs-ganesha-3.3/src/tools/multilock/ml_posix_client.c:1212:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(optarg);
data/nfs-ganesha-3.3/src/tools/multilock/multilock.h:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_name[MAXSTR+1];
data/nfs-ganesha-3.3/src/tools/multilock/multilock.h:145:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char errdetail[MAXSTR * 2 + 1];
data/nfs-ganesha-3.3/src/tools/multilock/multilock.h:146:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char badtoken[MAXSTR + 1];
data/nfs-ganesha-3.3/src/tools/multilock/multilock.h:173:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, len); \
data/nfs-ganesha-3.3/src/tools/multilock/multilock.h:290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char r_data[MAXDATA];
data/nfs-ganesha-3.3/src/tools/multilock/multilock.h:291:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char r_original[MAXXFER];
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/export.c:147:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
realpath += strlen(op_ctx->ctx_export->fullpath);
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/main.c:101:35: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
ceph_fsal_module, fsal.fs_info.umask),
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/main.c:241:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(RECLAIM_UUID_PREFIX) + strlen(nodeid) + 1 + 4 + 1;
data/nfs-ganesha-3.3/src/FSAL/FSAL_CEPH/main.c:241:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(RECLAIM_UUID_PREFIX) + strlen(nodeid) + 1 + 4 + 1;
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:108:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len_export_path = strlen(glfs_export->export_path);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:109:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len_path = strlen(path);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/export.c:110:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len_mount_path = strlen(glfs_export->mount_path);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/fsal_up.c:227:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(gl_fs->up_poll_usec);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GLUSTER/fsal_up.c:236:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(gl_fs->up_poll_usec);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_attrs.c:94:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
attrs->fs_locations->server[0].utf8string_len = strlen(server);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_attrs.c:96:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gsh_memdup(server, strlen(server));
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_internal.c:186:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
harg.len = strlen(fs_name);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_internal.c:247:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
linkarg.len = strlen(link_name);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_internal.c:279:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
statarg.len = strlen(stat_name);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_internal.c:311:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
statarg.len = strlen(stat_name);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_internal.c:357:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
crarg.len = strlen(stat_name);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_internal.c:389:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
crarg.len = strlen(stat_name);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_internal.c:428:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
renamearg.old_len = strlen(old_name);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/fsal_internal.c:430:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
renamearg.new_len = strlen(new_name);
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/handle.c:76:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(link_content) + 1;
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/handle.c:399:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
myself->u.symlink.link_size = strlen(link_buff) + 1;
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/main.c:94:31: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
fsal_staticfsinfo_t, umask),
data/nfs-ganesha-3.3/src/FSAL/FSAL_GPFS/main.c:140:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
targ.len = strlen(compstr);
data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/export.c:118:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
real_path += strlen(op_ctx->ctx_export->fullpath);
data/nfs-ganesha-3.3/src/FSAL/FSAL_LIZARDFS/main.c:65:50: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
CONF_ITEM_MODE("umask", 0, fsal_staticfsinfo_t, umask),
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:210:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_name = strlen(myself->m_name);
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:261:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirent->d_index = CityHash64(name, strlen(name));
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:1155:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
link_content->len = strlen(myself->mh_symlink.link_contents) + 1;
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:1802:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(async_delay);
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:1956:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(async_stall_delay);
data/nfs-ganesha-3.3/src/FSAL/FSAL_MEM/mem_handle.c:2093:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(async_stall_delay);
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:228:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
op->nfs_argop4_u.oplookup.objname.utf8string_len = strlen(name); \
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:263:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(argcompound.argarray.argarray_val[\
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:340:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(inname); \
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:349:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
op->nfs_argop4_u.opcreate.objname.utf8string_len = strlen(inname); \
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:361:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
op->nfs_argop4_u.opcreate.objname.utf8string_len = strlen(inname); \
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:373:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
linkdata.utf8string_len = strlen(incontent); \
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:375:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
op->nfs_argop4_u.opcreate.objname.utf8string_len = strlen(inname); \
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:384:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
op->nfs_argop4_u.oplink.newname.utf8string_len = strlen(inname); \
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:392:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
op->nfs_argop4_u.opremove.target.utf8string_len = strlen(inname); \
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:400:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
op->nfs_argop4_u.oprename.oldname.utf8string_len = strlen(inoldname); \
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/fsal_nfsv4_macros.h:402:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
op->nfs_argop4_u.oprename.newname.utf8string_len = strlen(innewname); \
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:384:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int bc = read(sock, repbuf, sz);
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:413:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int bc = read(pxy_exp->rpc.rpc_sock, buf + cnt, 8 - cnt);
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:447:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rb = read(pxy_exp->rpc.rpc_sock, sink, rb);
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:1051:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clientid.co_ownerid.co_ownerid_len = strlen(clientid_name);
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle.c:2366:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
claim.open_claim4_u.file.utf8string_len = strlen(name);
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/handle_mapping/handle_mapping_db.c:431:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fsal_handle_str);
data/nfs-ganesha-3.3/src/FSAL/FSAL_PROXY/main.c:96:20: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
module.fs_info.umask),
data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/export.c:114:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcmp(path, "/") && !strcmp((path + strlen(path) - 1), "/")) {
data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/export.c:126:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
global_dir = path + strlen(bucket_name) + 1;
data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/main.c:100:34: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
rgw_fsal_module, fsal.fs_info.umask),
data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/main.c:223:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(RGWFSM.conf_path) + 8;
data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/main.c:232:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(RGWFSM.name) + 8;
data/nfs-ganesha-3.3/src/FSAL/FSAL_RGW/main.c:241:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(RGWFSM.cluster) + 8;
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/handle.c:228:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(fsloc->rootpath) + 2;
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/panfs/main.c:96:25: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
module.fs_info.umask),
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/subfsal_helpers.c:88:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t pseudo_length = strlen(
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/subfsal_helpers.c:90:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t fullpath_length = strlen(
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xattrs.c:158:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ptr);
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xattrs.c:190:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i++, ptr += strlen(ptr) + 1) {
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xattrs.c:269:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ptr);
data/nfs-ganesha-3.3/src/FSAL/FSAL_VFS/xfs/main.c:99:25: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
module.fs_info.umask),
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_avl.c:329:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MurmurHash3_x64_128(v->name, strlen(v->name), 67, hk);
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_avl.c:332:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
v->namehash = CityHash64WithSeed(v->name, strlen(v->name), 67);
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_avl.c:563:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namelen = strlen(name);
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_helpers.c:1514:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namesize = strlen(name) + 1;
data/nfs-ganesha-3.3/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_helpers.c:2154:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namesize = strlen(name) + 1;
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:464:17: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
fsal->fs_info.umask);
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:570:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(path);
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:1091:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fs->pathlen = strlen(mnt->mnt_dir);
data/nfs-ganesha-3.3/src/FSAL/commonlib.c:1677:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
retval = process_claim(path, strlen(path), root, fsal,
data/nfs-ganesha-3.3/src/FSAL/fsal_config.c:158:15: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
return info->umask;
data/nfs-ganesha-3.3/src/FSAL/fsal_manager.c:197:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(nfs_param.core_param.ganesha_modules_loc)
data/nfs-ganesha-3.3/src/FSAL/fsal_manager.c:198:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(name)
data/nfs-ganesha-3.3/src/FSAL/fsal_manager.c:199:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(pathfmt) + 1;
data/nfs-ganesha-3.3/src/FSAL/fsal_manager.c:527:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name == NULL || strlen(name) == 0) {
data/nfs-ganesha-3.3/src/MainNFSD/nfs_admin_thread.c:162:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen(input) + 1;
data/nfs-ganesha-3.3/src/MainNFSD/nfs_init.c:674:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(nfs_param.krb5_param.svc.principal) + 1;
data/nfs-ganesha-3.3/src/MainNFSD/nfs_init.c:903:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0000);
data/nfs-ganesha-3.3/src/MainNFSD/nfs_rpc_callback.c:427:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int qualifier_len = strlen(qualifier);
data/nfs-ganesha-3.3/src/Protocols/9P/9p_readdir.c:94:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int name_len = strlen(cb_parms->name);
data/nfs-ganesha-3.3/src/Protocols/9P/9p_readdir.c:240:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DT_DIR, strlen(pathdot), pathdot);
data/nfs-ganesha-3.3/src/Protocols/9P/9p_readdir.c:241:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcount += 24 + strlen(pathdot);
data/nfs-ganesha-3.3/src/Protocols/9P/9p_readdir.c:246:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
2LL, DT_DIR, strlen(pathdotdot), pathdotdot);
data/nfs-ganesha-3.3/src/Protocols/9P/9p_readdir.c:247:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcount += 24 + strlen(pathdotdot);
data/nfs-ganesha-3.3/src/Protocols/9P/9p_readdir.c:264:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
2LL, DT_DIR, strlen(pathdotdot), pathdotdot);
data/nfs-ganesha-3.3/src/Protocols/9P/9p_readdir.c:265:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcount += 24 + strlen(pathdotdot);
data/nfs-ganesha-3.3/src/Protocols/NFS/mnt_Mnt.c:88:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(arg->arg_mnt) > 1) &&
data/nfs-ganesha-3.3/src/Protocols/NFS/mnt_Mnt.c:89:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(arg->arg_mnt[strlen(arg->arg_mnt) - 1] == '/'))
data/nfs-ganesha-3.3/src/Protocols/NFS/mnt_Mnt.c:90:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
arg->arg_mnt[strlen(arg->arg_mnt) - 1] = '\0';
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs3_readdir.c:375:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namelen = strlen(cb_parms->name);
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_exchange_id.c:155:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
owner_len = strlen(cid_server_owner);
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_exchange_id.c:156:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
scope_len = strlen(cid_server_scope_suffix);
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_open.c:433:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
&resok->delegation.open_delegation4_u.read;
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_read.c:296:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nfs_status = data->current_ds->dsh_ops.read(
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_op_readdir.c:317:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name.utf8string_len = strlen(cb_parms->name);
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_pseudo.c:107:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *pos = pseudopath + strlen(pseudopath) - 1;
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs4_pseudo.c:374:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(op_ctx->ctx_export->pseudopath) + 1;
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c:1242:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(token) > 0) {
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c:1255:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(token) > 0) {
data/nfs-ganesha-3.3/src/Protocols/NFS/nfs_proto_tools.c:1259:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
token, strlen(token));
data/nfs-ganesha-3.3/src/Protocols/NLM/nlm_async.c:205:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/nfs-ganesha-3.3/src/Protocols/RQUOTA/rquota_common.c:43:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathlen = strlen(exp->fullpath);
data/nfs-ganesha-3.3/src/Protocols/RQUOTA/rquota_common.c:56:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qpathlen = strlen(quota_path);
data/nfs-ganesha-3.3/src/Protocols/XDR/xdr_nfs23.c:787:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(lkhd->read)++;
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:495:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(realm) == p->realm.length)
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:497:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen(service) == p->data[0].length)
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:746:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
context, &princ, strlen(realm), realm,
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:747:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(myhostad), myhostad, NULL);
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:759:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
context, &princ, strlen(realm), realm,
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:760:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(svcnames[j]), svcnames[j],
data/nfs-ganesha-3.3/src/RPCAL/gss_credcache.c:761:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(myhostname), myhostname, NULL);
data/nfs-ganesha-3.3/src/SAL/nfs4_recovery.c:1035:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ip) == 0) /* No IP all are matching */
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:828:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key.ssc_nlm_caller_name_len = strlen(caller_name);
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:841:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key.ssc_nlm_caller_name_len = strlen(key.ssc_nlm_caller_name);
data/nfs-ganesha-3.3/src/SAL/nlm_owner.c:1110:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key.slc_nlm_caller_name_len = strlen(caller_name);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:102:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cidstr_len = strlen(cidstr);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:103:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_client_addr_len = strlen(str_client_addr);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:164:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
root_len = strlen(nfs_v4_recov_root);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:165:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dir_len = strlen(nfs_v4_recov_dir);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:187:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
root_len = strlen(nfs_v4_recov_root);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:188:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
old_len = strlen(nfs_v4_old_dir);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:244:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pathpos = strlen(v4_recov_dir);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:252:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(clientid->cid_recov_tag);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:406:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
recov_dir, strlen(recov_dir),
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:558:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clid_str_len = (clid_str == NULL) ? 0 : strlen(clid_str);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:586:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
segment_len = strlen(dentp->d_name);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:675:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ptr2);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:885:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rhdlstr_len = strlen(rhdlstr);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs.c:895:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(delr_clid->cid_recov_tag);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:213:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clid_str_len = clid_str ? strlen(clid_str) : 0;
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:241:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
segment_len = strlen(dentp->d_name);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:272:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(build_clid) >= PATH_MAX) {
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_fs_ng.c:309:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ptr2);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_cluster.c:183:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = 4 + 16 + 1 + strlen(nodeid) + 1;
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_cluster.c:315:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = 4 + 16 + 1 + strlen(nodeid) + 1;
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:121:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_client_addr_len = strlen(str_client_addr);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:175:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lens[0] = strlen(val);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:308:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buflen = RADOS_VAL_MAX_LEN - (strlen(val) + 1);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:309:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(val, "#", buflen);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:311:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(val, rdfhstr, buflen);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_kv.c:424:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
host_len = strlen(host);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_ng.c:60:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lens[0] = strlen(val);
data/nfs-ganesha-3.3/src/SAL/recovery/recovery_rados_ng.c:147:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(host) + 6 + 1;
data/nfs-ganesha-3.3/src/cidr/cidr_from_str.c:27:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
alen = strlen(addr);
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:113:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(toret, ".");
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:125:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(toret, "/");
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:140:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(toret, ".");
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:271:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(toret, ":");
data/nfs-ganesha-3.3/src/cidr/cidr_to_str.c:303:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(toret, "/");
data/nfs-ganesha-3.3/src/config_parsing/analyse.c:64:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(token) + 1));
data/nfs-ganesha-3.3/src/config_parsing/analyse.c:103:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (new_tok->token[strlen(new_tok->token) - 1] == '\'')
data/nfs-ganesha-3.3/src/config_parsing/analyse.c:104:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_tok->token[strlen(new_tok->token) - 1] = '\0';
data/nfs-ganesha-3.3/src/config_parsing/config_parsing.c:179:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[strlen(buf) -1] == ' ') {
data/nfs-ganesha-3.3/src/dbus/dbus_server.c:138:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int prefix_len, total_len, default_len = strlen(default_name);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:179:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fname, fname_new, NAMELEN);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:215:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fname, fname_new, NAMELEN);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:252:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fname, fname_new, NAMELEN);
data/nfs-ganesha-3.3/src/gtest/fsal_api/test_rename_latency.cc:296:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fname, fname_new, NAMELEN);
data/nfs-ganesha-3.3/src/idmapper/idmapper.c:107:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
owner_domain.len = strlen(owner_domain.addr);
data/nfs-ganesha-3.3/src/idmapper/idmapper.c:113:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
owner_domain.len = strlen(nfs_param.nfsv4_param.domainname);
data/nfs-ganesha-3.3/src/idmapper/idmapper.c:218:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_name.len = strlen(namebuff);
data/nfs-ganesha-3.3/src/idmapper/idmapper.c:244:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_name.len = strlen(namebuff);
data/nfs-ganesha-3.3/src/idmapper/idmapper.c:742:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
.len = strlen(principal)
data/nfs-ganesha-3.3/src/include/abstract_mem.h:233:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *dest = alloca(strlen(src) + 1); \
data/nfs-ganesha-3.3/src/include/abstract_mem.h:398:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len1 = strlen(p1);
data/nfs-ganesha-3.3/src/include/abstract_mem.h:399:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len2 = strlen(p2);
data/nfs-ganesha-3.3/src/include/abstract_mem.h:410:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len1 = strlen(p1);
data/nfs-ganesha-3.3/src/include/abstract_mem.h:411:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len2 = strlen(p2);
data/nfs-ganesha-3.3/src/include/display.h:140:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(dspbuf->b_start);
data/nfs-ganesha-3.3/src/include/display.h:244:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return display_len_cat(dspbuf, str, strlen(str));
data/nfs-ganesha-3.3/src/include/fsal_api.h:2666:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nfsstat4(*read)(struct fsal_ds_handle *const ds_hdl,
data/nfs-ganesha-3.3/src/include/fsal_types.h:708:11: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
uint32_t umask; /*< This mask is applied to the mode of created
data/nfs-ganesha-3.3/src/include/gsh_rpc.h:58:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint16_t read;
data/nfs-ganesha-3.3/src/include/nfsv41.h:1592:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
open_read_delegation4 read;
data/nfs-ganesha-3.3/src/include/nfsv41.h:6237:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
&objp->open_delegation4_u.read))
data/nfs-ganesha-3.3/src/include/nfsv41.h:8310:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(lkhd->read)++;
data/nfs-ganesha-3.3/src/include/nfsv41.h:8481:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(lkhd->read)++;
data/nfs-ganesha-3.3/src/log/log_functions.c:659:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
date_time_fmt[strlen(date_time_fmt) - 1] == ' ')
data/nfs-ganesha-3.3/src/log/log_functions.c:660:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
date_time_fmt[strlen(date_time_fmt) - 1] = '\0';
data/nfs-ganesha-3.3/src/log/log_functions.c:752:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(private) >= MAXPATHLEN) {
data/nfs-ganesha-3.3/src/log/log_functions.c:1009:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(dest) >= MAXPATHLEN) {
data/nfs-ganesha-3.3/src/log/test_display.c:6:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(dspbuf->b_start), dspbuf->b_start);
data/nfs-ganesha-3.3/src/log/test_display.c:49:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)display_opaque_value(&display, opaque1, strlen(opaque1));
data/nfs-ganesha-3.3/src/log/test_display.c:52:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)display_opaque_value(&display, opaque2, strlen(opaque2));
data/nfs-ganesha-3.3/src/log/test_display.c:55:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)display_opaque_value(&display, opaque3, strlen(opaque3) + 3);
data/nfs-ganesha-3.3/src/log/test_display.c:58:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)display_opaque_value(&display2, opaque1, strlen(opaque1));
data/nfs-ganesha-3.3/src/log/test_display.c:61:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)display_opaque_value(&display2, opaque2, strlen(opaque2));
data/nfs-ganesha-3.3/src/log/test_display.c:64:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)display_opaque_value(&display2, opaque3, strlen(opaque3) + 3);
data/nfs-ganesha-3.3/src/log/test_display.c:67:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)display_opaque_value(&display2, opaque4, strlen(opaque4));
data/nfs-ganesha-3.3/src/log/test_display.c:71:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)display_opaque_value(&display3, opaque1, strlen(opaque1));
data/nfs-ganesha-3.3/src/log/test_display.c:74:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)display_opaque_value(&display3, opaque2, strlen(opaque2));
data/nfs-ganesha-3.3/src/log/test_display.c:77:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)display_opaque_value(&display3, opaque3, strlen(opaque3) + 3);
data/nfs-ganesha-3.3/src/os/freebsd/mntent_compat.c:116:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(s1);
data/nfs-ganesha-3.3/src/support/export_mgr.c:405:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len_path = strlen(path);
data/nfs-ganesha-3.3/src/support/export_mgr.c:420:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_export = strlen(export->fullpath);
data/nfs-ganesha-3.3/src/support/export_mgr.c:511:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len_path = strlen(path);
data/nfs-ganesha-3.3/src/support/export_mgr.c:530:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_export = strlen(export->pseudopath);
data/nfs-ganesha-3.3/src/support/export_mgr.c:1101:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(conf_errs.buf) > 0) {
data/nfs-ganesha-3.3/src/support/export_mgr.c:1102:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg_size += (strlen(conf_errs.buf)
data/nfs-ganesha-3.3/src/support/export_mgr.c:1103:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(". Errors found:\n"));
data/nfs-ganesha-3.3/src/support/export_mgr.c:1654:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(conf_errs.buf) > 0) {
data/nfs-ganesha-3.3/src/support/export_mgr.c:1655:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg_size += (strlen(conf_errs.buf)
data/nfs-ganesha-3.3/src/support/export_mgr.c:1656:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(". Errors found:\n"));
data/nfs-ganesha-3.3/src/support/exports.c:441:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(client_tok) > MAXHOSTNAMELEN) {
data/nfs-ganesha-3.3/src/support/exports.c:490:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(client_tok) > MAXHOSTNAMELEN) {
data/nfs-ganesha-3.3/src/support/exports.c:701:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathlen = strlen(export->fullpath);
data/nfs-ganesha-3.3/src/support/exports.c:712:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathlen = strlen(export->pseudopath);
data/nfs-ganesha-3.3/src/support/netgroup_cache.c:158:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->ng_group.len = strlen(group)+1;
data/nfs-ganesha-3.3/src/support/netgroup_cache.c:160:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->ng_host.len = strlen(host)+1;
data/nfs-ganesha-3.3/src/support/netgroup_cache.c:200:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
.ng_group.len = strlen(group)+1,
data/nfs-ganesha-3.3/src/support/netgroup_cache.c:202:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
.ng_host.len = strlen(host)+1
data/nfs-ganesha-3.3/src/support/nfs_ip_name.c:204:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(hn);
data/nfs-ganesha-3.3/src/support/server_stats.c:349:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
struct xfer_op read;
data/nfs-ganesha-3.3/src/support/server_stats.c:389:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
struct xfer_op read;
data/nfs-ganesha-3.3/src/support/server_stats.c:396:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
struct xfer_op read;
data/nfs-ganesha-3.3/src/support/server_stats.c:421:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
struct xfer_op read;
data/nfs-ganesha-3.3/src/support/server_stats.c:696:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
iop = is_write ? &sp->write : &sp->read;
data/nfs-ganesha-3.3/src/support/server_stats.c:701:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
iop = is_write ? &sp->write : &sp->read;
data/nfs-ganesha-3.3/src/support/server_stats.c:705:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
iop = is_write ? &sp->write : &sp->read;
data/nfs-ganesha-3.3/src/support/server_stats.c:709:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
iop = is_write ? &sp->write : &sp->read;
data/nfs-ganesha-3.3/src/support/server_stats.c:719:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
iop = is_write ? &sp->write : &sp->read;
data/nfs-ganesha-3.3/src/support/server_stats.c:857:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
reset_xfer_op(&nfsv3->read);
data/nfs-ganesha-3.3/src/support/server_stats.c:872:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
reset_xfer_op(&nfsv40->read);
data/nfs-ganesha-3.3/src/support/server_stats.c:888:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
reset_xfer_op(&nfsv41->read);
data/nfs-ganesha-3.3/src/support/server_stats.c:957:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
reset_xfer_op(&_9p->read);
data/nfs-ganesha-3.3/src/support/server_stats.c:1020:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
record_latency(&sp->read.cmd, request_time,
data/nfs-ganesha-3.3/src/support/server_stats.c:1043:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
record_latency(&sp->read.cmd, request_time,
data/nfs-ganesha-3.3/src/support/server_stats.c:1069:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
record_latency(&sp->read.cmd, request_time,
data/nfs-ganesha-3.3/src/support/server_stats.c:1249:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
record_latency(&sp->read.cmd, request_time,
data/nfs-ganesha-3.3/src/support/server_stats.c:1928:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
server_dbus_cexop_stats(&st->nfsv3->read, iter, false);
data/nfs-ganesha-3.3/src/support/server_stats.c:1937:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
server_dbus_cexop_stats(&st->nfsv40->read, iter, false);
data/nfs-ganesha-3.3/src/support/server_stats.c:1946:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
server_dbus_cexop_stats(&st->nfsv41->read, iter, false);
data/nfs-ganesha-3.3/src/support/server_stats.c:1956:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
server_dbus_cexop_stats(&st->nfsv42->read, iter, false);
data/nfs-ganesha-3.3/src/support/server_stats.c:2103:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
server_dbus_cexop_stats(&st->nfsv3->read, iter, true);
data/nfs-ganesha-3.3/src/support/server_stats.c:2112:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
server_dbus_cexop_stats(&st->nfsv40->read, iter, true);
data/nfs-ganesha-3.3/src/support/server_stats.c:2121:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
server_dbus_cexop_stats(&st->nfsv41->read, iter, true);
data/nfs-ganesha-3.3/src/support/server_stats.c:2131:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
server_dbus_cexop_stats(&st->nfsv42->read, iter, true);
data/nfs-ganesha-3.3/src/support/server_stats.c:2313:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
server_dbus_iostats(&v3p->read, iter);
data/nfs-ganesha-3.3/src/support/server_stats.c:2320:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
server_dbus_iostats(&v40p->read, iter);
data/nfs-ganesha-3.3/src/support/server_stats.c:2327:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
server_dbus_iostats(&v41p->read, iter);
data/nfs-ganesha-3.3/src/support/server_stats.c:2334:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
server_dbus_iostats(&v42p->read, iter);
data/nfs-ganesha-3.3/src/support/server_stats.c:2339:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const char *protocolversion, struct xfer_op *read,
data/nfs-ganesha-3.3/src/support/server_stats.c:2356:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
server_dbus_iostats(read, &struct_iter);
data/nfs-ganesha-3.3/src/support/server_stats.c:2383:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
&(export_statistics->st.nfsv3->read),
data/nfs-ganesha-3.3/src/support/server_stats.c:2391:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
&(export_statistics->st.nfsv40->read),
data/nfs-ganesha-3.3/src/support/server_stats.c:2399:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
&(export_statistics->st.nfsv41->read),
data/nfs-ganesha-3.3/src/support/server_stats.c:2407:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
&(export_statistics->st.nfsv42->read),
data/nfs-ganesha-3.3/src/support/server_stats.c:2524:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
server_dbus_iostats(&_9pp->read, iter);
data/nfs-ganesha-3.3/src/support/uid2grp.c:201:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gdata = gsh_malloc(sizeof(struct group_data) + strlen(p.pw_name));
data/nfs-ganesha-3.3/src/support/uid2grp.c:203:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gdata->uname.len = strlen(p.pw_name);
data/nfs-ganesha-3.3/src/support/uid2grp.c:248:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gdata = gsh_malloc(sizeof(struct group_data) + strlen(p.pw_name));
data/nfs-ganesha-3.3/src/support/uid2grp.c:250:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gdata->uname.len = strlen(p.pw_name);
data/nfs-ganesha-3.3/src/test/test_mh_avl.c:77:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MurmurHash3_x64_128(v->name, strlen(v->name), 67, hk);
data/nfs-ganesha-3.3/src/test/test_mh_avl.c:118:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MurmurHash3_x64_128(v->name, strlen(v->name), 67, hk);
data/nfs-ganesha-3.3/src/tools/multilock/ml_cephfs_client.c:391:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
resp->r_length = strlen(resp->r_data);
data/nfs-ganesha-3.3/src/tools/multilock/ml_console.c:282:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(errdetail);
data/nfs-ganesha-3.3/src/tools/multilock/ml_console.c:1033:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ms.len = strlen(ms.line);
data/nfs-ganesha-3.3/src/tools/multilock/ml_functions.c:177:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/nfs-ganesha-3.3/src/tools/multilock/ml_functions.c:321:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(client->c_name) != len)
data/nfs-ganesha-3.3/src/tools/multilock/ml_functions.c:643:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cmp_status) != len)
data/nfs-ganesha-3.3/src/tools/multilock/ml_functions.c:1107:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rest += strlen(rest);
data/nfs-ganesha-3.3/src/tools/multilock/ml_glusterfs_client.c:399:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
resp->r_length = strlen(resp->r_data);
data/nfs-ganesha-3.3/src/tools/multilock/ml_posix_client.c:349:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fno[resp->r_fpos], resp->r_data, resp->r_length);
data/nfs-ganesha-3.3/src/tools/multilock/ml_posix_client.c:360:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
resp->r_length = strlen(resp->r_data);
data/nfs-ganesha-3.3/src/tools/multilock/multilock.h:164:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest, src, sizeof(dest) - 1); \
ANALYSIS SUMMARY:
Hits = 1399
Lines analyzed = 254846 in approximately 5.60 seconds (45545 lines/second)
Physical Source Lines of Code (SLOC) = 160607
Hits@level = [0] 324 [1] 267 [2] 1004 [3] 28 [4] 88 [5] 12
Hits@level+ = [0+] 1723 [1+] 1399 [2+] 1132 [3+] 128 [4+] 100 [5+] 12
Hits/KSLOC@level+ = [0+] 10.7281 [1+] 8.7107 [2+] 7.04826 [3+] 0.796976 [4+] 0.622638 [5+] 0.0747165
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.