Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-setlevel.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_optimizer.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-domainmatch.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-patternize.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_keyword.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.h Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-diffpolicy.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.h Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-checkpolicy.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-loadpolicy.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-selectpolicy.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-pstree.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/readline.h Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-findtemp.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-sortpolicy.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-setprofile.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-notifyd.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-savepolicy.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_color.c Examining data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c Examining data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-exec-param.c Examining data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c Examining data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c Examining data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c Examining data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/audit-exec-param.c Examining data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c Examining data/tomoyo-tools-2.6.0-20190305/examples/env_chk.c Examining data/tomoyo-tools-2.6.0-20190305/examples/falsh.c Examining data/tomoyo-tools-2.6.0-20190305/examples/candy.c Examining data/tomoyo-tools-2.6.0-20190305/examples/checktoken.c Examining data/tomoyo-tools-2.6.0-20190305/examples/chaplet.c Examining data/tomoyo-tools-2.6.0-20190305/examples/gettoken.c Examining data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c Examining data/tomoyo-tools-2.6.0-20190305/examples/proxy.c Examining data/tomoyo-tools-2.6.0-20190305/examples/honey.c Examining data/tomoyo-tools-2.6.0-20190305/examples/mailauth.c Examining data/tomoyo-tools-2.6.0-20190305/examples/groovy.c Examining data/tomoyo-tools-2.6.0-20190305/examples/statvfs.c Examining data/tomoyo-tools-2.6.0-20190305/examples/from-where.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_file_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_argv0_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/dummyfs.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_rewrite_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_cond_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_filesystem_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/newns.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/generate_execve_log.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_io_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_memory_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_env_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_network_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_transition_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_accept_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_bprm_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/fcntl.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_network_test.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/arglog.c Examining data/tomoyo-tools-2.6.0-20190305/kernel_test/patterntest.c FINAL RESULTS: data/tomoyo-tools-2.6.0-20190305/examples/from-where.c:89:7: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (readlink(buffer, buffer2, sizeof(buffer2) - 1) <= 0) data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:123:11: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. result = chmod("/dev/null", 0666); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:128:11: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. result = chown("/dev/null", 0, -1); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:133:11: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. result = chown("/dev/null", -1, 0); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:85:7: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (readlink(dir, pwd, pwd_len - 1) < 1) data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1344:18: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. close_file(fp, !chmod("editpolicy.tmp", 0644), "editpolicy.tmp", data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1426:18: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. close_file(fp, !chmod("auditd.tmp", 0644), "auditd.tmp", data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1546:18: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. close_file(fp, !chmod("patternize.tmp", 0644), "patternize.tmp", data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1623:18: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. close_file(fp, !chmod("notifyd.tmp", 0644), "notifyd.tmp", data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:78:8: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (readlink(buffer, test, sizeof(test)) <= 0) data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1525:9: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (readlink(buffer, test, sizeof(test)) <= 0) data/tomoyo-tools-2.6.0-20190305/examples/candy.c:88:6: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execlp(shell, shell, NULL); data/tomoyo-tools-2.6.0-20190305/examples/chaplet.c:80:5: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execlp(shell, shell, NULL); data/tomoyo-tools-2.6.0-20190305/examples/checktoken.c:63:5: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execlp(shell, shell, NULL); data/tomoyo-tools-2.6.0-20190305/examples/falsh.c:80:4: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(args[0], args); data/tomoyo-tools-2.6.0-20190305/examples/from-where.c:61:7: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. fp = popen("netstat -nte", "r"); data/tomoyo-tools-2.6.0-20190305/examples/groovy.c:59:5: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execlp(shell, shell, NULL); data/tomoyo-tools-2.6.0-20190305/examples/honey.c:99:5: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execlp(shell, shell, NULL); data/tomoyo-tools-2.6.0-20190305/examples/mailauth.c:194:12: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. else if (sscanf(buffer, MAX_TRIALS "%u", &v) == 1) data/tomoyo-tools-2.6.0-20190305/examples/mailauth.c:196:12: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. else if (sscanf(buffer, SLEEP_ON_FAILURE "%u", &v) == 1) data/tomoyo-tools-2.6.0-20190305/examples/mailauth.c:243:14: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. FILE *fp = popen(mail_command, "w"); data/tomoyo-tools-2.6.0-20190305/examples/mailauth.c:264:5: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execlp(exec_on_success, exec_on_success, NULL); data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:322:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(PASSWORD_PROMPT "%s\n", password_prompt); data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:323:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(MAX_TRIALS "%d\n", max_trials); data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:324:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(SLEEP_ON_FAILURE "%d\n", sleep_on_failure); data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:325:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(MAX_TIMING_ERRORS "%d\n", max_timing_errors); data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:326:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(EXEC_ON_SUCCESS "%s\n", exec_on_success); data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:327:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(AUTHENTICATION_DATA); data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:340:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(SINGLE_FAILURE_MESSAGE "%s\n", data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:342:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(COMPLETE_FAILURE_MESSAGE "%s\n", data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:375:12: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. else if (sscanf(buffer, MAX_TRIALS "%u", &v) == 1) data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:377:12: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. else if (sscanf(buffer, SLEEP_ON_FAILURE "%u", &v) == 1) data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:379:12: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. else if (sscanf(buffer, MAX_TIMING_ERRORS "%u", &v) == 1) data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:500:4: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execlp(exec_on_success, exec_on_success, NULL); data/tomoyo-tools-2.6.0-20190305/kernel_test/fcntl.c:11:2: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system("touch " data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:219:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(proc_policy_dir, F_OK)) { data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:271:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format(printf, 1, 2))); data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:278:2: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vprintf(fmt, args); data/tomoyo-tools-2.6.0-20190305/kernel_test/newns.c:42:2: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(argv[0], argv); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_argv0_test.c:62:4: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execv(BINDIR "/true", argv); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_argv0_test.c:76:4: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execv(BINDIR "/true", argv); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_argv0_test.c:91:4: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execv(BINDIR "/true", argv); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_cond_test.c:241:3: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl(BINDIR "/true", "true", NULL); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_file_test.c:124:4: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl(BINDIR "/true", BINDIR "/true", NULL); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_filesystem_test.c:300:10: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. fp = popen(buf, "w"); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_network_test.c:473:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(proc_policy_domain_policy, F_OK)) { data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:226:3: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl(BINDIR "/true", BINDIR "/true", NULL); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:242:3: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl(BINDIR "/true", BINDIR "/true", NULL); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:101:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (!access("profile.conf", R_OK)) data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:138:10: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (!access("profile.conf", R_OK)) { data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:146:10: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (!access(buffer, R_OK)) { data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:371:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access("/proc/self/fd/0", R_OK)) { data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:415:8: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access("profile.conf", R_OK)) { data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:422:8: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(profile_name, R_OK)) { data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:453:7: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (!access("/etc/tomoyo/tomoyo-post-init", X_OK)) { data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:457:4: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl("/etc/tomoyo/tomoyo-post-init", data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:42:15: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cond_len += sprintf(cond + cond_len, " task.%s", buffer); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:51:15: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cond_len += sprintf(cond + cond_len, " %s%s", path, buffer); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:61:15: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cond_len += sprintf(cond + cond_len, " exec.argv[%u]=%s", i++, data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:81:15: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cond_len += sprintf(cond + cond_len, " exec.envp[%s\"]=\"%s", data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:95:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cond_len += sprintf(cond + cond_len, " exec.%s", data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:128:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. cond_len += sprintf(cond + cond_len, " %s", buffer); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:275:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. && !access(path, X_OK)) { data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:384:26: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (type == DT_REG && !access(path, X_OK)) data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:421:35: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (strcmp(cp, "/bin/true") && !access(cp, X_OK)) { data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:507:14: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. FILE *fp = !access("/sbin/ldconfig", X_OK) || data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:508:4: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. !access("/bin/ldconfig", X_OK) data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:509:5: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ? popen("ldconfig -NXp", "r") : NULL; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:642:8: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (!access(cp, X_OK)) data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:839:7: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (!access("exception_policy.conf", R_OK)) data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:878:7: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (!access("manager.conf", R_OK)) data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:917:7: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (!access("profile.conf", R_OK)) data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:967:7: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (!access("domain_policy.conf", R_OK)) data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:990:28: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (chdir(policy_dir) || !access("stat.conf", R_OK)) data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1335:7: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. !access("editpolicy.conf", R_OK)) data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1417:7: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. !access("auditd.conf", R_OK)) data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1537:7: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. !access("patternize.conf", R_OK)) data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1614:7: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. !access("notifyd.conf", R_OK)) data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:310:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access("/sys/kernel/security/tomoyo/", X_OK)) { data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:1572:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format(printf, 1, 2))); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:1594:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = vsnprintf(buffer + buffer_pos, buffer_len - buffer_pos, data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c:300:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(ptr->pathname, F_OK)) { data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c:363:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(CCS_PROC_POLICY_AUDIT, R_OK)) { data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-loadpolicy.c:215:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. access(CCS_PROC_POLICY_DIR, F_OK)) { data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-notifyd.c:157:4: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(action_to_take[0], action_to_take); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:29:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format(printf, 1, 2))); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:41:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = vsnprintf((char *) &i, sizeof(i) - 1, fmt, args) + 16; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:45:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = vsnprintf(buffer, len, fmt, args); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-savepolicy.c:136:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. access(CCS_PROC_POLICY_DIR, F_OK)) { data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-setlevel.c:32:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(CCS_PROC_POLICY_DIR, F_OK)) { data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:2064:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = vsnprintf(policy, max_policy_len, fmt, args); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:2260:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access("/sys/kernel/security/tomoyo/", X_OK)) { data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.h:139:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format(printf, 1, 2))); data/tomoyo-tools-2.6.0-20190305/examples/chaplet.c:48:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/tomoyo-tools-2.6.0-20190305/examples/checktoken.c:48:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL) / 30); data/tomoyo-tools-2.6.0-20190305/examples/falsh.c:130:23: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. const char *shlvl = getenv("SHLVL"); data/tomoyo-tools-2.6.0-20190305/examples/gettoken.c:34:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL) / 30); data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:316:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. exec_on_success = getenv("SHELL"); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_filesystem_test.c:619:8: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. if (chroot("/tmp/mount/") == 0) data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_filesystem_test.c:632:8: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. if (chroot("/tmp/mount/") == EOF && errno == EPERM) data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_filesystem_test.c:647:8: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. if (chroot("/tmp/mount/") == 0) data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:51:9: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. return realpath(path, NULL); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1636:8: [3] (misc) chroot: chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22). Make sure the program immediately chdir("/"), closes file descriptors, and drops root privileges, and that all necessary files (and no more!) are in the new root. if (chroot(arg + 5) || chdir("/")) { data/tomoyo-tools-2.6.0-20190305/examples/candy.c:46:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/examples/candy.c:50:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(buffer, "r"); data/tomoyo-tools-2.6.0-20190305/examples/candy.c:72:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/examples/chaplet.c:43:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/examples/chaplet.c:44:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char seed[40]; data/tomoyo-tools-2.6.0-20190305/examples/checktoken.c:43:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/examples/checktoken.c:44:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char seed[40]; data/tomoyo-tools-2.6.0-20190305/examples/env_chk.c:73:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open("/sys/kernel/security/tomoyo/.execute_handler", 0); data/tomoyo-tools-2.6.0-20190305/examples/env_chk.c:83:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). argc = atoi(raw_argv[5]); data/tomoyo-tools-2.6.0-20190305/examples/env_chk.c:84:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). envc = atoi(raw_argv[6]); data/tomoyo-tools-2.6.0-20190305/examples/falsh.c:118:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/examples/falsh.c:119:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char hostname[1024]; data/tomoyo-tools-2.6.0-20190305/examples/falsh.c:120:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cwd[1024]; data/tomoyo-tools-2.6.0-20190305/examples/falsh.c:132:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). shelllevel = atoi(shlvl); data/tomoyo-tools-2.6.0-20190305/examples/from-where.c:30:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[8192]; data/tomoyo-tools-2.6.0-20190305/examples/from-where.c:116:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(buffer, "r"); data/tomoyo-tools-2.6.0-20190305/examples/gettoken.c:32:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char seed[40]; data/tomoyo-tools-2.6.0-20190305/examples/groovy.c:45:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/examples/groovy.c:56:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(lockfile, O_WRONLY | O_CREAT | O_EXCL, 0600); data/tomoyo-tools-2.6.0-20190305/examples/mailauth.c:174:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[8192]; data/tomoyo-tools-2.6.0-20190305/examples/mailauth.c:175:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(argv1, "r"); data/tomoyo-tools-2.6.0-20190305/examples/mailauth.c:225:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char password[17]; data/tomoyo-tools-2.6.0-20190305/examples/mailauth.c:226:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[8192]; data/tomoyo-tools-2.6.0-20190305/examples/mailauth.c:229:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen("/dev/urandom", "r"); data/tomoyo-tools-2.6.0-20190305/examples/proxy.c:99:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). forward_bind_port_min = atoi(argv[3]); data/tomoyo-tools-2.6.0-20190305/examples/proxy.c:100:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). forward_bind_port_max = atoi(argv[4]); data/tomoyo-tools-2.6.0-20190305/examples/proxy.c:120:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). forward_connect_port = atoi(argv[2]); data/tomoyo-tools-2.6.0-20190305/examples/proxy.c:138:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char local_buf[4096]; data/tomoyo-tools-2.6.0-20190305/examples/proxy.c:139:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char remote_buf[4096]; data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:355:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[8192]; data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:356:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(argv1, "r"); data/tomoyo-tools-2.6.0-20190305/kernel_test/arglog.c:30:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open("/sys/kernel/security/tomoyo/audit", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/arglog.c:31:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[12]; data/tomoyo-tools-2.6.0-20190305/kernel_test/arglog.c:32:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *envp[12]; data/tomoyo-tools-2.6.0-20190305/kernel_test/arglog.c:37:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer1[8192]; data/tomoyo-tools-2.6.0-20190305/kernel_test/arglog.c:38:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer2[8192]; data/tomoyo-tools-2.6.0-20190305/kernel_test/arglog.c:51:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[8192]; data/tomoyo-tools-2.6.0-20190305/kernel_test/fcntl.c:17:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/tmp/O_RDONLY", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/fcntl.c:26:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/tmp/O_RDONLY+O_APPEND", O_RDONLY | O_APPEND); data/tomoyo-tools-2.6.0-20190305/kernel_test/fcntl.c:35:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/tmp/O_WRONLY", O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/fcntl.c:43:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/tmp/O_WRONLY+O_APPEND", O_WRONLY | O_APPEND); data/tomoyo-tools-2.6.0-20190305/kernel_test/fcntl.c:52:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/tmp/O_RDWR", O_RDWR); data/tomoyo-tools-2.6.0-20190305/kernel_test/fcntl.c:60:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/tmp/O_RDWR+O_APPEND", O_RDWR | O_APPEND); data/tomoyo-tools-2.6.0-20190305/kernel_test/fcntl.c:68:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/tmp/O_IOCTL", 3); data/tomoyo-tools-2.6.0-20190305/kernel_test/fcntl.c:76:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/tmp/O_IOCTL+O_APPEND", 3 | O_APPEND); data/tomoyo-tools-2.6.0-20190305/kernel_test/generate_execve_log.c:28:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[128]; data/tomoyo-tools-2.6.0-20190305/kernel_test/generate_execve_log.c:29:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *envp[128]; data/tomoyo-tools-2.6.0-20190305/kernel_test/generate_execve_log.c:30:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[16384]; data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:120:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char self_domain[4096] = ""; data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:179:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(proc_policy_profile, "r"); data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:180:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[4096]; data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:224:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). profile_fp = fopen(proc_policy_profile, "w"); data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:230:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). domain_fp = fopen(proc_policy_domain_policy, "w"); data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:237:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). exception_fp = fopen(proc_policy_exception_policy, "w"); data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:251:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(proc_policy_self_domain, "r"); data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:418:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(proc_policy_domain_policy, "r"); data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:474:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(proc_policy_exception_policy, "r"); data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:521:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *modes[4] = { "disabled", "learning", "permissive", data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:523:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(proc_policy_profile, "r"); data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:524:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[8192]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_accept_test.c:61:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_accept_test.c:75:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). close(open(buffer, O_CREAT, 0644)); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_accept_test.c:77:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(buffer, flags, 0644); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_accept_test.c:102:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(buffer, flags, 0644); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_argv0_test.c:53:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_argv0_test.c:54:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[2] = { "false", NULL }; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_bprm_test.c:26:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[8192]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_bprm_test.c:33:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(proc_policy_domain_policy, "r"); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_bprm_test.c:88:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *argv[128]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_bprm_test.c:89:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *envp[128]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_cond_test.c:26:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[8192]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_cond_test.c:32:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(proc_policy_domain_policy, "r+"); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_cond_test.c:66:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(file, mode, 0); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_cond_test.c:89:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[128]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_cond_test.c:266:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/etc/fstab", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_cond_test.c:275:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/etc/fstab", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_cond_test.c:284:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/etc/fstab", O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_cond_test.c:293:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/etc/fstab", O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_env_test.c:53:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_env_test.c:54:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[2] = { "true", NULL }; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_env_test.c:55:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *envp[2] = { "env-test", NULL }; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_file_test.c:39:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = open("/tmp/uselib", O_WRONLY | O_CREAT | O_TRUNC, 0755); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_file_test.c:137:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(dev_null_path, O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_file_test.c:143:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(dev_null_path, O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_file_test.c:149:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(dev_null_path, O_RDWR); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_file_test.c:155:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(open_creat_path, O_CREAT | O_EXCL, 0666); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_file_test.c:161:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(truncate_path, O_TRUNC); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_file_test.c:228:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftruncate_fd = open(ftruncate_path, O_WRONLY | O_CREAT, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_filesystem_test.c:63:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char compressed_ext2_image_sample[1350] = { data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_filesystem_test.c:283:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[4096]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_network_test.c:84:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[16]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_network_test.c:85:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char sbuffer[1024]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_network_test.c:86:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cbuffer[1024]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:39:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = open("/tmp/uselib", O_WRONLY | O_CREAT | O_TRUNC, 0755); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:123:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pbuffer[1024]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:189:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:193:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:205:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_WRONLY | O_APPEND); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:209:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_WRONLY | O_APPEND); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:257:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:262:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:269:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:274:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:281:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:286:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:298:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:303:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:329:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:334:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:343:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/tmp/fifo", O_RDWR); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:348:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/tmp/fifo", O_RDWR); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:355:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:360:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:367:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:372:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:380:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_RDWR); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:385:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/null", O_RDWR); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:395:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:401:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:415:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:421:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:436:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_WRONLY | O_TRUNC); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:441:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_WRONLY | O_TRUNC); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:453:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_WRONLY | O_TRUNC); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:458:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_WRONLY | O_TRUNC); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:474:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(filename, O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_network_test.c:27:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(proc_policy_domain_policy, "r"); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_network_test.c:28:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[8192]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_network_test.c:90:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_network_test.c:160:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_network_test.c:210:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_network_test.c:280:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_network_test.c:331:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char address[512]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_network_test.c:383:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512] = { }; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:47:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/etc/fstab", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:52:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/dev/null", O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:138:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open("/dev/null", O_RDWR); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:197:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile0", O_RDONLY, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:202:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile1", O_CREAT | O_RDONLY, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:207:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile2", O_TRUNC | O_RDONLY, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:212:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile3", O_TRUNC | O_CREAT | O_RDONLY, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:217:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile4", O_APPEND | O_RDONLY, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:222:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile5", O_APPEND | O_CREAT | O_RDONLY, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:227:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile6", O_APPEND | O_TRUNC | O_RDONLY, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:232:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile7", data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:238:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile8", O_WRONLY, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:243:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile9", O_CREAT | O_WRONLY, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:248:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile10", O_TRUNC | O_WRONLY, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:253:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile11", O_TRUNC | O_CREAT | O_WRONLY, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:258:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile12", O_APPEND | O_WRONLY, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:263:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile13", O_APPEND | O_CREAT | O_WRONLY, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:268:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile14", O_APPEND | O_TRUNC | O_WRONLY, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:273:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile15", data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:279:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile16", O_RDWR, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:284:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile17", O_CREAT | O_RDWR, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:289:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile18", O_TRUNC | O_RDWR, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:294:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile19", O_TRUNC | O_CREAT | O_RDWR, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:299:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile21", O_APPEND | O_CREAT | O_RDWR, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:304:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile22", O_APPEND | O_TRUNC | O_RDWR, 0600); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:309:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). result = open("/tmp/testfile23", O_APPEND | O_TRUNC | O_CREAT | O_RDWR, data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:316:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:320:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). close(open(buffer, O_WRONLY | O_CREAT, 0600)); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:321:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). close(open(buffer, O_APPEND | O_CREAT, 0600)); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:329:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:333:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). close(open(buffer, O_WRONLY | O_CREAT, 0600)); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:334:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). close(open(buffer, O_APPEND | O_CREAT, 0600)); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:341:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_io_test.c:28:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(policy_file, "r"); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_io_test.c:29:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[8192]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_memory_test.c:44:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_memory_test.c:45:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen("/sys/kernel/security/tomoyo/stat", "r+"); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_memory_test.c:59:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(policy_file, "r"); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_memory_test.c:60:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[8192]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_memory_test.c:207:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(policy_file, "w"); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_memory_test.c:240:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(policy_file, "w"); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_memory_test.c:308:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(policy_file, "w"); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_memory_test.c:340:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(policy_file, "w"); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_rewrite_test.c:67:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). close(open(REWRITE_PATH, O_WRONLY | O_APPEND | O_CREAT, 0600)); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_rewrite_test.c:73:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(REWRITE_PATH, O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_rewrite_test.c:78:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(REWRITE_PATH, O_WRONLY | O_APPEND); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_rewrite_test.c:84:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(REWRITE_PATH, O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_rewrite_test.c:89:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(REWRITE_PATH, O_WRONLY | O_TRUNC); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_rewrite_test.c:101:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(REWRITE_PATH, O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_rewrite_test.c:106:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(REWRITE_PATH, O_WRONLY | O_APPEND); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_rewrite_test.c:111:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(REWRITE_PATH, O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_rewrite_test.c:116:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(REWRITE_PATH, O_WRONLY | O_TRUNC); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_transition_test.c:25:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[4096]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_transition_test.c:29:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/sys/kernel/security/tomoyo/self_domain", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_transition_test.c:48:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/sys/kernel/security/tomoyo/self_domain", O_WRONLY); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_transition_test.c:55:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[64]; data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_transition_test.c:59:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/sys/kernel/security/tomoyo/domain_policy", data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_transition_test.c:74:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:69:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[8192]; data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:80:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:93:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char input[128]; data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:166:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int dfd = open(dest, O_WRONLY); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:172:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). sfd = open(src, O_RDONLY); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:195:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(proc_domain_policy, "r"); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:235:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp_out = fopen(proc_profile, "w"); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:252:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp_in = fopen(proc_profile, "r"); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:253:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp_out = fopen(proc_profile, "w"); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:275:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp_out = fopen(proc_profile, "w"); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:276:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp_in = fopen(proc_profile, "r"); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:305:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(proc_domain_policy, "r"); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:322:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(proc_stat, "r"); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:375:3: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open("/dev/console", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:376:3: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open("/dev/console", O_WRONLY); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:377:3: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open("/dev/console", O_WRONLY); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:385:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open("/proc/cmdline", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/audit-exec-param.c:41:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open("/sys/kernel/security/tomoyo/.execute_handler", 0); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/audit-exec-param.c:49:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/audit-exec-param.c:50:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open("/sys/kernel/security/tomoyo/.process_status", O_RDWR); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/audit-exec-param.c:65:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). argc = atoi(raw_argv[5]); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/audit-exec-param.c:66:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). envc = atoi(raw_argv[6]); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:27:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[65536]; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-exec-param.c:28:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[3][65536]; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:247:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char path[8192]; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:398:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * const files[2] = { data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:404:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[PATH_MAX + 1]; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:406:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(files[i], "r"); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:544:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[16]; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:687:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stamp[20] = { }; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:841:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filp = fopen("exception_policy.tmp", "w"); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:880:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("manager.tmp", "w"); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:919:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("profile.tmp", "w"); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:969:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("domain_policy.tmp", "w"); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:992:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("stat.tmp", "w"); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1337:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("editpolicy.tmp", "w"); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1419:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("auditd.tmp", "w"); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1539:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("patternize.tmp", "w"); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1616:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("notifyd.tmp", "w"); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1648:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). default_profile = atoi(arg + 12); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:1650:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). use_group[(unsigned char) atoi(arg + 10)] = 1; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:50:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int status_fd = open(".process_status", O_RDWR); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:65:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:66:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char test[16]; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:82:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). status_fp = fopen(buffer, "r"); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:152:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = open("audit", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:158:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[4096]; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:171:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = open("query", O_RDWR); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:177:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[4096]; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:191:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer2[4096]; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:220:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(cp ? cp + 1 : filename, O_RDWR); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:232:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[4096]; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:248:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer2[4096]; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:276:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:346:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). addr.sin_port = htons(atoi(port)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:111:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *transition_type[MAX_TRANSITION_TYPE] = { data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:349:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp_in = fopen(source, "r"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:896:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char number[8] = ""; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:1129:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = open(filename, mode); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:1311:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(w.policy_file, "r+"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:1396:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). directive = atoi(line); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:1604:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char domainname[4096]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:1636:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char domainname[4096]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:1697:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[4096]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:1881:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(CCS_PROC_POLICY_DOMAIN_POLICY, "r+"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:2637:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(a2) - atoi(b2); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:2637:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(a2) - atoi(b2); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:3520:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *file_fp = fopen(dest, "w"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:3573:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ccs_network_port = htons(atoi(cp)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:3702:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char stamp[32] = { }; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.h:420:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *search_buffer[MAX_SCREEN_TYPE]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.h:489:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char **acl_group[256]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_color.c:70:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(CCS_EDITPOLICY_CONF, "r"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_keyword.c:374:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(CCS_EDITPOLICY_CONF, "r"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:736:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * const ccs_mode[CCS_CONFIG_MAX_MODE] = { data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:744:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * const ccs_mac_keywords[CCS_MAX_MAC_INDEX data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:798:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * const ccs_path_keyword[CCS_MAX_PATH_OPERATION] = { data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:813:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * const ccs_socket_keyword[CCS_MAX_NETWORK_OPERATION] = { data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:822:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * const ccs_category_keywords[CCS_MAX_MAC_CATEGORY_INDEX] = { data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:829:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * const ccs_condition_keyword[CCS_MAX_CONDITION_KEYWORD] = { data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:892:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * const ccs_pref_keywords[CCS_MAX_PREF] = { data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:984:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * const ccs_proto_keyword[CCS_SOCK_MAX] = { data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:994:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * const ccs_memory_headers[CCS_MAX_MEMORY_STAT] = { data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:1001:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * const ccs_transition_type[MAX_TRANSITION_TYPE] = { data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:1011:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * const ccs_group_name[CCS_MAX_GROUP] = { data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:1018:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char * const ccs_dif[CCS_MAX_DOMAIN_INFO_FLAGS] = { data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:2782:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p, "%u.%u.%u.%u", addr[0], addr[1], addr[2], addr[3]); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:2788:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char zerolength[8]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:2797:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&in6, addr, sizeof(struct in6_addr)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:2877:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr[sizeof("255.255.255.255")]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:2897:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:255.255.255.255")]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:4453:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[4096]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_optimizer.c:155:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void tokenize(char *buffer, char *w[5], enum directive_type index) data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_optimizer.c:155:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void tokenize(char *buffer, char *w[5], enum directive_type index) data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_optimizer.c:301:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *s[5]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_optimizer.c:302:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *d[5]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_optimizer.c:445:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). unsigned int group = atoi(p.generic[current].operand); data/tomoyo-tools-2.6.0-20190305/usr_sbin/readline.h:108:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. free((char *) history[0]); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c:65:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(filename, "r"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c:183:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ptr->fd = open(path, O_WRONLY | O_APPEND | O_CREAT, data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c:303:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ptr->fd = open(ptr->pathname, data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c:354:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ccs_network_port = htons(atoi(cp)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c:369:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open("/proc/self/exe", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c:377:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd_in = open(CCS_PROC_POLICY_AUDIT, O_RDONLY); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c:416:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[32768]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-checkpolicy.c:136:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *ccs_condition_keyword[CCS_MAX_CONDITION_KEYWORD] = { data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-domainmatch.c:27:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[16384]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-domainmatch.c:36:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(CCS_PROC_POLICY_DOMAIN_POLICY, "r"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-findtemp.c:30:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[16384]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-findtemp.c:31:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer2[sizeof(buffer)]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-loadpolicy.c:57:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp_in = fopen(name, "r"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-loadpolicy.c:58:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp_out = fopen(name, "w"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-loadpolicy.c:177:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ccs_network_port = htons(atoi(cp)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-notifyd.c:40:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(filename, "r"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-notifyd.c:126:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[32768]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-notifyd.c:181:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). query_fd = open(proc_policy_query, O_RDWR); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-notifyd.c:201:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). query_fd = open(proc_policy_query, O_RDWR); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-notifyd.c:239:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open("/proc/self/exe", O_RDONLY); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-patternize.c:300:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(filename, "r"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-pstree.c:60:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ccs_network_port = htons(atoi(cp)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:74:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ccs_buffer[32768]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:87:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidbuf[128]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:228:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ccs_network_port = htons(atoi(cp)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:253:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ccs_query_fd = open(CCS_PROC_POLICY_QUERY, O_RDWR); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:254:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ccs_domain_policy_fd = open(CCS_PROC_POLICY_DOMAIN_POLICY, data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-savepolicy.c:51:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stamp[32] = { }; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-savepolicy.c:110:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ccs_network_port = htons(atoi(cp)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-setlevel.c:37:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(policy_file, O_RDWR); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-setprofile.c:46:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd = open(CCS_PROC_POLICY_DOMAIN_POLICY, O_RDWR); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-setprofile.c:60:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp_in = fopen(CCS_PROC_POLICY_DOMAIN_POLICY, "r"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-setprofile.c:61:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp_out = fopen(CCS_PROC_POLICY_DOMAIN_POLICY, "w"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1051:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, dbuf, sizeof(dbuf)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1165:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, dbuf, sizeof(dbuf)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1292:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1297:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(buffer, "r"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1320:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1324:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(buffer, "r"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1499:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int status_fd = open(CCS_PROC_POLICY_PROCESS_STATUS, O_RDWR); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1513:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[128]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1514:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char test[16]; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1587:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). return fdopen(open(filename, O_WRONLY), "w"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1633:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). return fopen(filename, "r"); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1654:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file_fp = dest ? fopen(dest, "w") : stdout; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1827:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/tomoyo-tools-2.6.0-20190305/examples/candy.c:59:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(buffer, cp + 1, strlen(cp + 1) + 1); data/tomoyo-tools-2.6.0-20190305/examples/from-where.c:68:7: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if (sscanf(buffer, "tcp %*u %*u %*s %128s %*s %*u %u", data/tomoyo-tools-2.6.0-20190305/examples/honey.c:75:16: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buffer[i] = getc(stdin); data/tomoyo-tools-2.6.0-20190305/examples/mailauth.c:40:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(find); data/tomoyo-tools-2.6.0-20190305/examples/mailauth.c:43:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(src, src + len, strlen(src + len) + 1); data/tomoyo-tools-2.6.0-20190305/examples/mailauth.c:236:27: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const unsigned int c = fgetc(fp); data/tomoyo-tools-2.6.0-20190305/examples/proxy.c:157:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read(0, local_buf + local_len, data/tomoyo-tools-2.6.0-20190305/examples/proxy.c:165:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read(remote, remote_buf + remote_len, data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:37:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(find); data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:40:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(src, src + len, strlen(src + len) + 1); data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:215:2: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). getchar(); data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:241:9: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). key = getc(stdin); data/tomoyo-tools-2.6.0-20190305/examples/timeauth.c:469:10: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). key = getc(stdin); data/tomoyo-tools-2.6.0-20190305/kernel_test/arglog.c:58:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((len = read(fd, buffer, sizeof(buffer))) > 0) data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:292:17: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const int c = fgetc(fp); data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:396:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(pos + pack_len) + 1); data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:399:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(pos, cp, strlen(cp) + 1); data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:526:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(name); data/tomoyo-tools-2.6.0-20190305/kernel_test/include.h:538:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(buffer, buffer + 9, strlen(buffer + 9) + 1); data/tomoyo-tools-2.6.0-20190305/kernel_test/patterntest.c:113:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). c = *(filename + strlen(filename) - 1); data/tomoyo-tools-2.6.0-20190305/kernel_test/patterntest.c:371:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). f_delimiter = f + strlen(f); data/tomoyo-tools-2.6.0-20190305/kernel_test/patterntest.c:374:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p_delimiter = p + strlen(p); data/tomoyo-tools-2.6.0-20190305/kernel_test/patterntest.c:442:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(name); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_bprm_test.c:69:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret_ignored = read(pipe_fd[0], &err, sizeof(err)); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_cond_test.c:251:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret_ignored = read(pipe_fd[0], &status, sizeof(status)); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_file_test.c:130:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret_ignored = read(pipe_fd[0], &err, sizeof(err)); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_file_test.c:210:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(addr.sun_path, socket_path, sizeof(addr.sun_path) - 1); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:232:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret_ignored = read(pipe_fd[0], &err, sizeof(err)); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:248:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret_ignored = read(pipe_fd[0], &err, sizeof(err)); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_file_test.c:622:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(addr.sun_path, filename, sizeof(addr.sun_path) - 1); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_new_test.c:115:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret_ignored = read(pipe_fd[0], &err, sizeof(err)); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_io_test.c:44:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(buffer, buffer + 9, strlen(buffer + 9) + 1); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_memory_test.c:70:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(buffer, buffer + 9, strlen(buffer + 9) + 1); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_memory_test.c:227:4: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(100000); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_memory_test.c:249:4: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(100000); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_memory_test.c:327:4: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(100000); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_policy_memory_test.c:349:4: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep(100000); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_transition_test.c:33:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret_ignored = read(fd, buffer, sizeof(buffer) - 1); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_transition_test.c:49:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret_ignored = write(fd, domain, strlen(domain)); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_transition_test.c:65:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret_ignored = write(fd, buf, strlen(buf)); data/tomoyo-tools-2.6.0-20190305/kernel_test/tomoyo_transition_test.c:66:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret_ignored = write(fd, policy, strlen(policy)); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:115:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(name); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:176:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int len = read(sfd, buffer, sizeof(buffer)); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:387:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret_ignored = read(fd, buffer, sizeof(buffer) - 1); data/tomoyo-tools-2.6.0-20190305/sbin/tomoyo-init.c:400:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(buffer, cp, strlen(cp) + 1); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/audit-exec-param.c:53:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret_ignored = write(fd, buffer, strlen(buffer)); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/audit-exec-param.c:55:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret_ignored = read(fd, buffer, sizeof(buffer) - 1); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:40:9: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. while (fscanf(stdin, "%65534s", buffer) == 1 && strcmp(buffer, "}")) { data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:41:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). realloc_buffer(strlen(buffer) + 7); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:48:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len0 = strlen(path) + 2; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:49:9: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. while (fscanf(stdin, "%65534s", buffer) == 1 && strcmp(buffer, "}")) { data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:50:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). realloc_buffer(len0 + strlen(buffer)); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:58:9: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. while (fscanf(stdin, "%65534s", buffer) == 1 && strcmp(buffer, "}") data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:60:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). realloc_buffer(strlen(buffer) + 34); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:68:9: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. while (fscanf(stdin, "%65534s", buffer) == 1 && strcmp(buffer, "}") data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:79:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). realloc_buffer(strlen(buffer) + 16); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:88:9: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. while (fscanf(stdin, "%65534s", buffer) == 1 && strcmp(buffer, "}")) { data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:94:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). realloc_buffer(strlen(buffer) + 7); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:111:9: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. while (fscanf(stdin, "%65534s", buffer) == 1) { data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-audit-log.c:127:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). realloc_buffer(strlen(buffer) + 2); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-exec-param.c:44:7: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). i = getc(stdin); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-exec-param.c:109:7: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). i = getc(stdin); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/convert-exec-param.c:118:7: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). i = getc(stdin); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:78:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(dir); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:94:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(dir) + strlen(pwd) + 4; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:94:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(dir) + strlen(pwd) + 4; data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:116:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(pwd); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:262:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:357:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(path, dir, sizeof(path) - 1); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:535:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(dirs[i]); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/init_policy.c:543:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(cp); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:88:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(buffer, cp, strlen(cp) + 1); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:100:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret_ignored = write(status_fd, buffer, strlen(buffer)); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:102:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret_ignored = read(status_fd, buffer, sizeof(buffer)); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:134:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret_ignored = fwrite(buffer, strlen(buffer), 1, fp); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:136:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int len = read(status_fd, buffer, sizeof(buffer)); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:159:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const int len = read(fd, buffer, sizeof(buffer)); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:192:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const int len = read(fd, buffer2, data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:228:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret_ignored = write(2, filename, strlen(filename)); data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:249:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const int len = read(fd, buffer2, data/tomoyo-tools-2.6.0-20190305/usr_lib_tomoyo/tomoyo-editpolicy-agent.c:279:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(client, buffer + i, 1) != 1) data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:352:11: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int c = fgetc(fp_in); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:823:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp_col += strlen(sp); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:839:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp_col += strlen(line); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:855:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp_col += strlen(line); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:882:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(cp1) + strlen(cp2) + 8 + list_indent; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:882:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(cp1) + strlen(cp2) + 8 + list_indent; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:902:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(number) + strlen(cp) + 8; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:902:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(number) + strlen(cp) + 8; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:918:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(cp) + 8; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:936:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). now = strlen(line); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:1070:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(filename) + 128; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:1358:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(line, cp, strlen(cp) + 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:1397:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(line, cp, strlen(cp) + 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:1613:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). source = strlen(cp); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:1924:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(line, cp, strlen(cp) + 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:2226:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp_col += strlen(line); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:2497:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (w.width < strlen(line)) data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:2511:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (w.width < strlen(line)) data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:2771:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(line) + 128; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy.c:3531:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(proc_fp); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_color.c:95:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(cp) != 2) data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_keyword.c:359:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(line + len + 1) + 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_keyword.c:400:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). directive_map[i].alias_len = strlen(cp); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_keyword.c:411:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(directive_map[i].original); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_keyword.c:412:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). directive_map[i].alias_len = strlen(directive_map[i].alias); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:1301:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(name) + 1; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:1375:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). del = pos + strlen(pos); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:1666:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *cp = start + strlen(start) - 1; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:1724:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *cp = left + strlen(left) - 1; data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:1892:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char * const end_of_string = start_of_string + strlen(start_of_string); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:2352:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(domainname) >= CCS_EXEC_TMPSIZE - 10 || data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:3180:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp += strlen(find); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:3202:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sscanf(cp + strlen(find), "=%u", i); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:3231:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(category); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:3638:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(data, cp, strlen(cp) - 1)) data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:4333:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(line, line + 7, strlen(line + 7) + 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:4341:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(line, cp, strlen(cp) + 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/editpolicy_offline.c:4457:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(fd, buffer + i, 1) != 1) data/tomoyo-tools-2.6.0-20190305/usr_sbin/readline.h:125:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int prompt_len = prompt ? strlen(prompt) : 0; data/tomoyo-tools-2.6.0-20190305/usr_sbin/readline.h:155:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buffer, ccs_initial_readline_data, max_length); data/tomoyo-tools-2.6.0-20190305/usr_sbin/readline.h:156:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buffer_len = strlen(buffer); data/tomoyo-tools-2.6.0-20190305/usr_sbin/readline.h:239:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp_buffer, buffer, data/tomoyo-tools-2.6.0-20190305/usr_sbin/readline.h:243:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buffer, history[history_pos], data/tomoyo-tools-2.6.0-20190305/usr_sbin/readline.h:245:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buffer_len = strlen(buffer); data/tomoyo-tools-2.6.0-20190305/usr_sbin/readline.h:251:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buffer, history[history_pos], data/tomoyo-tools-2.6.0-20190305/usr_sbin/readline.h:253:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buffer_len = strlen(buffer); data/tomoyo-tools-2.6.0-20190305/usr_sbin/readline.h:258:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buffer, tmp_buffer, max_length); data/tomoyo-tools-2.6.0-20190305/usr_sbin/readline.h:259:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buffer_len = strlen(buffer); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c:138:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(line, cp, strlen(cp) + 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c:156:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ptr->string_len = strlen(line); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c:296:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(buffer); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c:426:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret = read(fd_in, buffer + j, 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-auditd.c:436:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (read(fd_in, buffer, sizeof(buffer) - 1) <= 0) { data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-checkpolicy.c:200:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (*pos && pos[strlen(pos) - 1] == ' ') data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-checkpolicy.c:201:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). condition[strlen(pos) - 1] = '\0'; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-checkpolicy.c:218:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r_len = strlen(eq + 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-checkpolicy.c:231:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strcmp(pos + strlen(pos) - 2, "\"]")) data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-checkpolicy.c:297:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(arg, cp, strlen(cp) + 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-checkpolicy.c:602:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(policy) >= CCS_MAX_DOMAINNAME_LEN) { data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-checkpolicy.c:661:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(list[type].directive); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-checkpolicy.c:711:12: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int c = getchar(); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-findtemp.c:78:9: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. fscanf(stdin, "%16380s", buffer) == 1) { data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-notifyd.c:131:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (read(query_fd, buffer, sizeof(buffer) - 1) <= 0) { data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-notifyd.c:164:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(buffer); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-notifyd.c:211:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(0); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-patternize.c:330:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!*line || line[strlen(line) - 1] != '/') data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-patternize.c:376:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(line, cp, strlen(cp) + 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-patternize.c:395:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ptr->string_len = strlen(line); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:93:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = ccs_buffer + strlen(ccs_buffer); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:138:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(pidbuf)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:141:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int len = read(ccs_domain_policy_fd, data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:187:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(pidbuf)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:188:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret_ignored = write(ccs_domain_policy_fd, line, strlen(line)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:203:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret_ignored = write(ccs_query_fd, ccs_buffer, strlen(ccs_buffer)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:296:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(ccs_query_fd, ccs_buffer + i, 1) != 1) data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:310:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(ccs_query_fd, ccs_buffer, data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-queryd.c:323:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(ccs_buffer, cp + 1, strlen(cp + 1) + 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-savepolicy.c:36:11: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int c = fgetc(fp); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-selectpolicy.c:50:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(argv[i]); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-setlevel.c:48:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (read(fd, &c, 1) == 1) data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-setlevel.c:70:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(line, argv[i], strlen(argv[i]))) data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyo-setprofile.c:84:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(argv[i]); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:152:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(begin); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:155:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(str, str + len, strlen(str + len) + 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:496:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return ccs_correct_word2(string, strlen(string)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:526:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buffer); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:732:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). f_delimiter = f + strlen(f); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:735:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p_delimiter = p + strlen(p); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:866:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const int len = strlen(name); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:894:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(name) + 1; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1016:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srclen = strlen(src); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1074:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srclen = strlen(src); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1222:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(filename) + 1; data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1228:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). write(fd, filename, len) != len || read(fd, &c, 1) != 1 || c) { data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1331:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(buffer, cp, strlen(cp) + 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1339:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (buffer[0] && strlen(buffer) < offset - 1) { data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1532:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret_ignored = write(status_fd, buffer, strlen(buffer)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1534:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ret_ignored = read(status_fd, line, line_len - 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1581:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(fp) != 0) { data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1606:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(fp) == EOF) data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1661:17: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const int c = fgetc(proc_fp); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:1831:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret_ignored = write(fd, buf, strlen(buf)); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:2091:17: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const int c = fgetc(fp); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:2218:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(pos + pack_len) + 1); data/tomoyo-tools-2.6.0-20190305/usr_sbin/tomoyotools.c:2221:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(pos, cp, strlen(cp) + 1); ANALYSIS SUMMARY: Hits = 625 Lines analyzed = 27885 in approximately 0.84 seconds (33182 lines/second) Physical Source Lines of Code (SLOC) = 22063 Hits@level = [0] 896 [1] 186 [2] 336 [3] 10 [4] 82 [5] 11 Hits@level+ = [0+] 1521 [1+] 625 [2+] 439 [3+] 103 [4+] 93 [5+] 11 Hits/KSLOC@level+ = [0+] 68.9389 [1+] 28.328 [2+] 19.8976 [3+] 4.66845 [4+] 4.2152 [5+] 0.498572 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.